Total 262234 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-6118 1 Hamastar 1 Meetinghub Paperless Meetings 2024-08-30 9.1 Critical
A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file.
CVE-2022-46298 4 Apple, Google, Intel and 1 more 4 Iphone Os, Android, Unison Software and 1 more 2024-08-30 1.9 Low
Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.
CVE-2024-37955 1 Makegutenblock 1 Gutslider 2024-08-30 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zakaria Binsaifullah GutSlider – All in One Block Slider allows Stored XSS.This issue affects GutSlider – All in One Block Slider: from n/a through 2.7.3.
CVE-2024-6117 1 Hamastar 1 Meetinghub Paperless Meetings 2024-08-30 8.8 High
A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Paperless Meetings 2021 allows remote authenticated users to perform arbitrary system commands via a crafted ASP file.
CVE-2023-34997 1 Intel 1 Server Configuration Utility 2024-08-30 6.7 Medium
Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-42447 1 Apache 2 Airflow, Apache-airflow-providers-fab 2024-08-30 9.8 Critical
Insufficient Session Expiration vulnerability in Apache Airflow Providers FAB. This issue affects Apache Airflow Providers FAB: 1.2.1 (when used with Apache Airflow 2.9.3) and FAB 1.2.0 for all Airflow versions. The FAB provider prevented the user from logging out.   * FAB provider 1.2.1 only affected Airflow 2.9.3 (earlier and later versions of Airflow are not affected) * FAB provider 1.2.0 affected all versions of Airflow. Users who run Apache Airflow 2.9.3 are recommended to upgrade to Apache Airflow Providers FAB version 1.2.2 which fixes the issue. Users who run Any Apache Airflow version and have FAB provider 1.2.0 are recommended to upgrade to Apache Airflow Providers FAB version 1.2.2 which fixes the issue. Also upgrading Apache Airflow to latest version available is recommended. Note: Early version of Airflow reference container images of Airflow 2.9.3 and constraint files contained FAB provider 1.2.1 version, but this is fixed in updated versions of the images.  Users are advised to pull the latest Airflow images or reinstall FAB provider according to the current constraints.
CVE-2023-34431 1 Intel 66 Compute Module Hns2600bpb, Compute Module Hns2600bpb24, Compute Module Hns2600bpb24 Firmware and 63 more 2024-08-30 8.2 High
Improper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access
CVE-2023-45615 2 Arubanetworks, Hp 2 Arubaos, Instantos 2024-08-30 9.8 Critical
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-45616 2 Arubanetworks, Hp 2 Arubaos, Instantos 2024-08-30 9.8 Critical
There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-45617 2 Arubanetworks, Hp 2 Arubaos, Instantos 2024-08-30 8.2 High
There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.
CVE-2023-45618 2 Arubanetworks, Hp 2 Arubaos, Instantos 2024-08-30 8.2 High
There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.
CVE-2023-45619 2 Arubanetworks, Hp 2 Arubaos, Instantos 2024-08-30 8.2 High
There is an arbitrary file deletion vulnerability in the RSSI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.
CVE-2023-45620 2 Arubanetworks, Hp 2 Arubaos, Instantos 2024-08-30 7.5 High
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.
CVE-2023-32661 1 Intel 3 Nuc Kit Nuc7cjyh, Nuc Kit Nuc7pjyh, Realtek Sd Card Reader Driver 2024-08-30 6.7 Medium
Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-45623 2 Arubanetworks, Hp 2 Arubaos, Instantos 2024-08-30 7.5 High
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.
CVE-2022-33898 1 Intel 1 Nuc Watchdog Timer Utility 2024-08-30 6.7 Medium
Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-32658 1 Intel 11 Hdmi Firmware, Nuc 7 Business Nuc7i3dnhnc, Nuc 7 Business Nuc7i3dnktc and 8 more 2024-08-30 6.7 Medium
Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-33874 1 Intel 7 Hid Event Filter Driver, Nuc 12 Pro Board Nuc12wsbv5, Nuc 12 Pro Board Nuc12wsbv7 and 4 more 2024-08-30 6.7 Medium
Uncontrolled search path in some Intel(R) NUC 12 Pro Kits & Mini PCs - NUC12WS Intel(R) HID Event Filter Driver installation software before version 2.2.2.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-37954 1 Marcelotorres 1 Simple Responsive Slider 2024-08-30 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5.
CVE-2024-36448 1 Apache 1 Iotdb Workbench 2024-08-30 7.3 High
** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.