Security Vulnerabilities - CVEs Published In March 2024
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field.
CVSS Score
6.3
EPSS Score
0.016
Published
2024-03-28
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.
CVSS Score
7.2
EPSS Score
0.004
Published
2024-03-28
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
CVSS Score
6.0
EPSS Score
0.001
Published
2024-03-28
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
CVSS Score
6.0
EPSS Score
0.001
Published
2024-03-28
Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session expiration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.
CVSS Score
5.3
EPSS Score
0.006
Published
2024-03-28
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.
CVSS Score
7.2
EPSS Score
0.004
Published
2024-03-28
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.
CVSS Score
7.3
EPSS Score
0.0
Published
2024-03-28
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.
CVSS Score
6.0
EPSS Score
0.001
Published
2024-03-28
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive information into log file vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure, escalation of privileges.
CVSS Score
7.9
EPSS Score
0.001
Published
2024-03-28
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions.
CVSS Score
8.8
EPSS Score
0.004
Published
2024-03-28