7.2

CVSS3.1

CVE-2024-23464 - Zscaler bypass with administrative privileges on Windows

In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows <4.2.1

πŸ“… Published: Aug. 6, 2024, 3:24 p.m. πŸ”„ Last Modified: Aug. 7, 2024, 9:23 p.m.

7.3

CVSS3.1

CVE-2024-23458 - Local Privilege Escalation on Zscaler Client Connector on Windows

While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190.

πŸ“… Published: Aug. 6, 2024, 3:22 p.m. πŸ”„ Last Modified: Aug. 7, 2024, 9:29 p.m.

7.8

CVSS3.1

CVE-2024-23456 - Signature validation issue leads to Anti-Tampering bypass

Anti-tampering can be disabled under certain conditions without signature validation. This affects Zscaler Client Connector <4.2.0.190 with anti-tampering enabled.

πŸ“… Published: Aug. 6, 2024, 3:21 p.m. πŸ”„ Last Modified: Aug. 7, 2024, 9:30 p.m.

4.3

CVSS3.1

CVE-2024-39751 - IBM InfoSphere Information Server information disclosure

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 297429

πŸ“… Published: Aug. 6, 2024, 3:17 p.m. πŸ”„ Last Modified: Aug. 29, 2024, 4:56 p.m.

5.3

CVSS4.0

CVE-2024-7552 - DataGear Data Schema Page ConversionSqlParamValueMapper.java evaluateVariableExpression expression …

A vulnerability was found in DataGear up to 5.0.0. It has been declared as critical. Affected by this vulnerability is the function evaluateVariableExpression of the file ConversionSqlParamValueMapper.java of the component Data Schema Page. The manipulation leads to improper neutralization of speci…

πŸ“… Published: Aug. 6, 2024, 2:31 p.m. πŸ”„ Last Modified: Aug. 7, 2024, 9:29 p.m.

5.4

CVSS3.1

CVE-2024-41911 -

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation.

πŸ“… Published: Aug. 6, 2024, 2:07 p.m. πŸ”„ Last Modified: Oct. 2, 2025, 5:37 p.m.

6.1

CVSS3.1

CVE-2024-41910 -

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used.

πŸ“… Published: Aug. 6, 2024, 2:05 p.m. πŸ”„ Last Modified: Oct. 2, 2025, 5:36 p.m.

8.8

CVSS3.1

CVE-2024-41913 - Clariti Manager – Arbitrary File Upload

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input.

πŸ“… Published: Aug. 6, 2024, 1:57 p.m. πŸ”„ Last Modified: Oct. 2, 2025, 5:37 p.m.

7.1

CVSS3.1

CVE-2024-33994 - Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System

Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via theΒ 'view' parameter in '/event/index.php'.

πŸ“… Published: Aug. 6, 2024, 1:09 p.m. πŸ”„ Last Modified: Nov. 22, 2024, 7:18 p.m.

7.1

CVSS3.1

CVE-2024-33993 - Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System

Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via theΒ 'view' parameter in /candidate/index.php'.

πŸ“… Published: Aug. 6, 2024, 1:09 p.m. πŸ”„ Last Modified: Aug. 15, 2024, 4:59 p.m.
Total resulsts: 349182
Page 8938 of 34,919
Β« previous page Β» next page
Filters