Security Vulnerabilities - CVEs Published In March 2024
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field.
CVSS Score
6.1
EPSS Score
0.005
Published
2024-03-28
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-03-28
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure.
CVSS Score
5.9
EPSS Score
0.002
Published
2024-03-28
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-03-28
A cross site scripting (XSS) vulnerability in rems FAQ Management System v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the Frequently Asked Question field in the Add FAQ function.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-03-28
An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature.
CVSS Score
9.8
EPSS Score
0.01
Published
2024-03-28
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Last Name input field.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-03-28
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field.
CVSS Score
6.3
EPSS Score
0.016
Published
2024-03-28
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.
CVSS Score
7.2
EPSS Score
0.004
Published
2024-03-28
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
CVSS Score
6.0
EPSS Score
0.001
Published
2024-03-28