4.9
CVE-2024-21870 -
A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulβ¦
4.9
CVE-2024-22178 -
A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to triggerβ¦
7.8
CVE-2024-0394 - Rapid7 Minerva Armor Privilege Escalation
Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege.Β The vulnerability is caused by the product's implementation of OpenSSL's`OPENSSLDIR` parameter whereβ¦
6.3
CVE-2024-3259 - SourceCodester Internship Portal Management System delete_activity.php sql injection
A vulnerability was found in SourceCodester Internship Portal Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/delete_activity.php. The manipulation of the argument activity_id leads to sql injection. The attack can be initiated remoβ¦
6.3
CVE-2024-3258 - SourceCodester Internship Portal Management System add_activity.php sql injection
A vulnerability was found in SourceCodester Internship Portal Management System 1.0. It has been classified as critical. This affects an unknown part of the file admin/add_activity.php. The manipulation of the argument title/description/start/end leads to sql injection. It is possible to initiate tβ¦
6.3
CVE-2024-3257 - SourceCodester Internship Portal Management System edit_activity_query.php sql injection
A vulnerability was found in SourceCodester Internship Portal Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/edit_activity_query.php. The manipulation of the argument title/description/start/end leads to sql injection. The atβ¦
5.3
CVE-2024-22360 - IBM Db2 for Linux, UNIX and Windows denial of service
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. IBM X-Force ID: 280905.
6.3
CVE-2024-3256 - SourceCodester Internship Portal Management System edit_activity.php sql injection
A vulnerability has been found in SourceCodester Internship Portal Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/edit_activity.php. The manipulation of the argument activity_id leads to sql injection. The attack can beβ¦
5.3
CVE-2023-52296 - IBM Db2 for Linux, UNIX and Windows denial of service
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547.
6.8
CVE-2023-38729 - IBM Db2 information disclosure
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT.