Skip to main content
CVE-2024-37342 MEDIUM PATCH This Month

Microsoft SQL Server Native Scoring Information Disclosure Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Sql 2016 Azure Connect Feature Pack Sql Server 2016 +3
NVD
CVSS 3.1
4.3
EPSS
1.7%
CVE-2024-37337 MEDIUM PATCH This Month

Microsoft SQL Server Native Scoring Information Disclosure Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Sql 2016 Azure Connect Feature Pack Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
4.3
EPSS
1.7%
CVE-2024-27257 MEDIUM This Month

IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Authentication Bypass Openpages Grc Platform Openpages With Watson
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-44121 MEDIUM This Month

Under certain conditions Statutory Reports in SAP S/4 HANA allows an attacker with basic privileges to access information which would otherwise be restricted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-0067 MEDIUM This Month

Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-44112 MEDIUM PATCH This Month

Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass SAP Oil Gas
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-44116 MEDIUM This Month

The RFC enabled function module allows a low privileged user to add any workbook to any user's workplace favourites. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-44115 MEDIUM This Month

The RFC enabled function module allows a low privileged user to add URLs to any user's workplace favourites. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-44113 MEDIUM This Month

Due to missing authorization checks, SAP Business Warehouse (BEx Analyzer) allows an authenticated attacker to access information over the network which is otherwise restricted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-42380 MEDIUM This Month

The RFC enabled function module allows a low privileged user to read any user's workplace favourites and user menu along with all the specific data of each node. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-41729 MEDIUM This Month

Due to missing authorization checks, SAP BEx Analyzer allows an authenticated attacker to access information over the network which is otherwise restricted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-36511 LOW Monitor

An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fortiadc
NVD
CVSS 3.1
3.7
EPSS
0.4%
CVE-2024-45323 LOW Monitor

An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6.0 all versions may allow in a shared environment context an authenticated admin with REST API. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Fortiedrmanager
NVD
CVSS 3.1
2.7
EPSS
0.4%
CVE-2024-41728 LOW PATCH Monitor

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass SAP Netweaver Application Server Abap
NVD
CVSS 3.1
2.7
EPSS
0.3%
CVE-2024-44114 LOW PATCH Monitor

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass SAP Netweaver Application Server Abap
NVD
CVSS 3.1
2.7
EPSS
0.2%
CVE-2024-45284 LOW Monitor

An authenticated attacker with high privilege can use functions of SLCM transactions to which access should be restricted. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
2.4
EPSS
0.2%
CVE-2024-37995 LOW Monitor

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Simatic Rf360R Firmware Simatic Rf1170R Firmware Simatic Rf1140R Firmware Simatic Reader Rf685R Fcc Firmware +23
NVD
CVSS 4.0
2.1
EPSS
0.3%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy