Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-02-07 CVE-2023-6536 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
linux redhat CWE-476
7.5
7.5
2024-02-07 CVE-2023-38995 Use of Hard-coded Credentials vulnerability in Schuhfried
An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via crafted curl command.
network
low complexity
schuhfried CWE-798
critical
 9.8
9.8
2024-02-07 CVE-2024-24488 Cleartext Storage of Sensitive Information vulnerability in Tendacn CP3 Firmware 11.10.00.2311090948
An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component.
local
low complexity
tendacn CWE-312
5.5
5.5
2024-02-07 CVE-2024-23769 Unspecified vulnerability in Samsung Magician 8.0.0
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data.
local
low complexity
samsung
5.5
5.5
2024-02-07 CVE-2024-24822 Missing Authorization vulnerability in Pimcore Admin Classic Bundle
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore.
network
low complexity
pimcore CWE-862
critical
 9.1
9.1
2024-02-07 CVE-2024-24823 Session Fixation vulnerability in Graylog
Graylog is a free and open log management platform.
network
high complexity
graylog CWE-384
4.4
4.4
2024-02-07 CVE-2024-24824 Incorrect Authorization vulnerability in Graylog
Graylog is a free and open log management platform.
network
low complexity
graylog CWE-863
8.8
8.8
2024-02-07 CVE-2023-31002 Cleartext Storage of Sensitive Information vulnerability in IBM Security Access Manager Container
IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user.
local
low complexity
ibm CWE-312
5.5
5.5
2024-02-07 CVE-2023-32328 Cleartext Transmission of Sensitive Information vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server.
network
low complexity
ibm CWE-319
critical
 9.8
9.8
2024-02-07 CVE-2023-32330 Improper Certificate Validation vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server.
network
low complexity
ibm CWE-295
critical
 9.8
9.8