CVE-2023-28051 : DELL POWER MANAGER UP TO 3.10 ACCESS CONTROL

Description

Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit this vulnerability to elevate privileges on the system.

References

https://www.dell.com/support/kbdoc/en-us/000211891/dsa-2023-221-dell-power-manager

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-38319 : IBM SECURITY SOAR 51.0.2.0 CODE INJECTION

CVE-2024-38319 : IBM SECURITY SOAR 51.0.2.0 CODE INJECTION

Description IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script.

CVE-2024-5443 : PARISNEO LOLLMS UP TO 9.7 EXTENSIONBUILDER.BUILD_EXTENSIONN PATH TRAVERSAL

CVE-2024-5443 : PARISNEO LOLLMS UP TO 9.7 EXTENSIONBUILDER.BUILD_EXTENSIONN PATH TRAVERSAL

Description CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the `ExtensionBuilder().build_extension()` function. The vulnerability arises from the `/mount_extension`

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

Description Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile