Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-09 | CVE-2024-38485 | Open Redirect vulnerability in Dell Elastic Cloud Storage Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. | 4.3 |
| 2024-12-09 | CVE-2024-42426 | Unspecified vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource consumption vulnerability. | 6.5 |
| 2024-12-09 | CVE-2024-49600 | Unspecified vulnerability in Dell Power Manager Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control vulnerability. | 7.8 |
| 2024-12-09 | CVE-2024-49602 | Improper Locking vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking vulnerability. | 6.5 |
| 2024-12-09 | CVE-2024-49603 | Unspecified vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. | 6.5 |
| 2024-12-09 | CVE-2024-54919 | Cross-site Scripting vulnerability in Lopalopa E-Learning Management System 1.0 A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. | 5.4 |
| 2024-12-09 | CVE-2024-54920 | SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0 A SQL Injection vulnerability was found in /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the firstname, lastname, and class_id parameters. | 9.8 |
| 2024-12-09 | CVE-2024-52480 | Unspecified vulnerability in Astoundify Jobify Missing Authorization vulnerability in Astoundify Jobify - Job Board WordPress Theme.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3. | 9.8 |
| 2024-12-09 | CVE-2024-53948 | Unspecified vulnerability in Apache Superset Generation of Error Message Containing analytics metadata Information in Apache Superset. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue. | 5.3 |
| 2024-12-09 | CVE-2024-53949 | Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). | 6.5 |