6.5

CVSS3.1

CVE-2024-21424 - Azure Compute Gallery Elevation of Privilege Vulnerability

Azure Compute Gallery Elevation of Privilege Vulnerability

πŸ“… Published: April 9, 2024, 5 p.m. πŸ”„ Last Modified: May 3, 2025, 12:39 a.m.

7.1

CVSS3.1

CVE-2024-20689 - Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

πŸ“… Published: April 9, 2024, 5 p.m. πŸ”„ Last Modified: May 3, 2025, 12:39 a.m.

7.1

CVSS3.1

CVE-2024-20688 - Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

πŸ“… Published: April 9, 2024, 5 p.m. πŸ”„ Last Modified: May 3, 2025, 12:39 a.m.

6.7

CVSS3.1

CVE-2024-20669 - Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

πŸ“… Published: April 9, 2024, 5 p.m. πŸ”„ Last Modified: May 3, 2025, 12:39 a.m.

10

CVSS3.1

CVE-2024-24576 - Rusts's `std::process::Command` did not properly escape arguments of batch files on Windows

Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the argumen…

πŸ“… Published: April 9, 2024, 5 p.m. πŸ”„ Last Modified: Jan. 5, 2026, 4:18 p.m.

4.3

CVSS3.1

CVE-2024-31455 - Minder GetRepositoryByName data leak

Minder by Stacklok is an open source software supply chain security platform. A refactoring in commit `5c381cf` added the ability to get GitHub repositories registered to a project without specifying a specific provider. Unfortunately, the SQL query for doing so was missing parenthesis, and would …

πŸ“… Published: April 9, 2024, 4:52 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.1

CVSS3.1

CVE-2024-29905 - DIRAC: Unauthorized users can read proxy contents during generation

DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process (e.g., when using `dirac-proxy-init`), it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then…

πŸ“… Published: April 9, 2024, 4:49 p.m. πŸ”„ Last Modified: Jan. 5, 2026, 3:51 p.m.

5.9

CVSS3.1

CVE-2024-30262 - Contao's remember-me tokens will not be cleared after a password change

Contao is an open source content management system. Prior to version 4.13.40, when a frontend member changes their password in the personal data or the password lost module, the corresponding remember-me tokens are not removed. If someone compromises an account and is able to get a remember-me toke…

πŸ“… Published: April 9, 2024, 4:45 p.m. πŸ”„ Last Modified: Jan. 9, 2025, 5:51 p.m.

6.5

CVSS3.1

CVE-2024-31867 - Apache Zeppelin: LDAP search filter query Injection Vulnerability

Improper Input Validation vulnerability in Apache Zeppelin. The attackers can execute malicious queries by setting improper configuration properties to LDAP search filter. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes…

πŸ“… Published: April 9, 2024, 4:15 p.m. πŸ”„ Last Modified: May 5, 2025, 8:12 p.m.

6.1

CVSS3.1

CVE-2024-31868 - Apache Zeppelin: XSS vulnerability in the helium module

Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can modify helium.json and exposure XSS attacks to normal users. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue.

πŸ“… Published: April 9, 2024, 4:10 p.m. πŸ”„ Last Modified: May 5, 2025, 8:11 p.m.
Total resulsts: 349182
Page 10383 of 34,919
Β« previous page Β» next page
Filters