6.9
CVE-2024-11618 - IPC Unigy Management System HTTP Request server-side request forgery
A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack can be launched remotely. The exploitβ¦
0.0
CVE-2024-11637 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
2.8
CVE-2024-52814 - Helm Lacks Granularity in Workflow Role
Argo Helm is a collection of community maintained charts for `argoproj.github.io` projects. Prior to version 0.45.0, the `workflow-role`) lacks granularity in its privileges, giving permissions to `workflowtasksets` and `workflowartifactgctasks` to all workflow Pods, when only certain types of Podsβ¦
7.5
CVE-2024-52804 - Tornado has HTTP cookie parsing DoS vulnerability
Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the β¦
7.5
CVE-2024-52802 - RIOT-OS missing dhcpv6_opt_t minimum header length check
RIOT is an operating system for internet of things (IoT) devices. In version 2024.04 and prior, the function `_parse_advertise`, located in `/sys/net/application_layer/dhcpv6/client.c`, has no minimum header length check for `dhcpv6_opt_t` after processing `dhcpv6_msg_t`. This omission could lead tβ¦
5.1
CVE-2024-52793 - XSS vulnerability in serveDir API of @std/http/file-server on POSIX systems
The Deno Standard Library provides APIs for Deno and the Web. Prior to version 1.0.11, `http/file-server`'s `serveDir` with `showDirListing: true` option is vulnerable to cross-site scripting when the attacker is a user who can control file names in the source directory on systems with POSIX file nβ¦
5.1
CVE-2024-10863 - Client-side audit exclusion vulnerability
: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.
8.8
CVE-2021-38116 - Possible Command injection Vulnerability in OpenText iManager
Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenTextβ’ iManager. This impacts all versions before 3.2.5
8.8
CVE-2021-38117 - Possible Remote Code Execution Vulnerability OpenText iManager
Possible Command injection Vulnerability in iManager has been discovered in OpenTextβ’ iManager 3.2.4.0000.
5.5
CVE-2021-38118 - Possible Local Privilege Escalation Vulnerability in OpenText iManager
Possible improper input validation Vulnerability in iManager has been discovered in OpenTextβ’ iManager 3.2.4.0000.