CVE

IBM Integration Bus for z/OS cross-site request forgery | CVE-2024-27265

March 17, 2024

NAME__________IBM Integration Bus for z/OS cross-site request forgeryPlatforms Affected:IBM Integration Bus for z/OS 10.1 IBM Integration Bus for z/OS 10.1.0.3Risk...

IBM Integration Bus for z/OS cross-site request forgery | CVE-2024-27265

March 16, 2024

NAME__________IBM Integration Bus for z/OS cross-site request forgeryPlatforms Affected:IBM Integration Bus for z/OS 10.1 IBM Integration Bus for z/OS 10.1.0.3Risk...

SAP Fiori Front End Server security bypass | CVE-2024-22133

March 16, 2024

NAME__________SAP Fiori Front End Server security bypassPlatforms Affected:SAP Fiori Front End Server 605Risk Level:4.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SAP Fiori Front End Server...

Delta Electronics DIAEnergie cross-site scripting | CVE-2024-28045

March 16, 2024

NAME__________Delta Electronics DIAEnergie cross-site scriptingPlatforms Affected:Delta Electronics DIAEnergie 1.10Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Delta Electronics DIAEnergie is vulnerable to cross-site scripting, caused...

IBM Secure Proxy cross-site scripting | CVE-2023-47699

March 16, 2024

NAME__________IBM Secure Proxy cross-site scriptingPlatforms Affected:IBM Secure Proxy 6.0.3 IBM Secure Proxy 6.1.0Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________IBM Sterling Secure Proxy 6.0.3...

Apache CXF server-side request forgery | CVE-2024-28752

March 16, 2024

NAME__________Apache CXF server-side request forgeryPlatforms Affected:Apache CXF 3.5.7 Apache CXF 3.6.2 Apache CXF 4.0.3Risk Level:6.5Exploitability:UnprovenConsequences: DESCRIPTION__________Apache CXF is vulnerable to...

IBM Secure Proxy information disclosure | CVE-2023-46181

March 16, 2024

NAME__________IBM Secure Proxy information disclosurePlatforms Affected:IBM Secure Proxy 6.0.3 IBM Secure Proxy 6.1.0Risk Level:4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Sterling Secure Proxy 6.0.3...

IBM Secure Proxy file manipulation | CVE-2023-47147

March 16, 2024

NAME__________IBM Secure Proxy file manipulationPlatforms Affected:IBM Secure Proxy 6.0.3 IBM Secure Proxy 6.1.0Risk Level:5.9Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________IBM Sterling Secure Proxy 6.0.3...

IBM Secure Proxy cross-site scripting | CVE-2023-47162

March 16, 2024

LinkedIn Greykite file upload | CVE-2024-28425

March 16, 2024

NAME__________LinkedIn Greykite file uploadPlatforms Affected:LinkedIn Greykite 1.0.0Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________LinkedIn Greykite could allow a remote attacker to upload arbitrary files,...

IBM Secure Proxy information disclosure | CVE-2023-46179

March 16, 2024

NAME__________IBM Secure Proxy information disclosurePlatforms Affected:IBM Secure Proxy 6.0.3 IBM Secure Proxy 6.1.0Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Sterling Secure Proxy 6.0.3...

IBM Secure Proxy cross-site scripting | CVE-2023-46182

March 16, 2024

NAME__________IBM Secure Proxy cross-site scriptingPlatforms Affected:IBM Secure Proxy 6.0.3 IBM Secure Proxy 6.1.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________IBM Sterling Secure Proxy 6.0.3...

Siemens Siveillance Control privilege escalation | CVE-2023-45793

March 16, 2024

NAME__________Siemens Siveillance Control privilege escalationPlatforms Affected:Siemens Siveillance Control 2.8Risk Level:5.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Siemens Siveillance Control could allow a local authenticated attacker...

Apache ZooKeeper information disclosure | CVE-2024-23944

March 16, 2024

NAME__________Apache ZooKeeper information disclosurePlatforms Affected:Apache ZooKeeper 3.8.0 Apache ZooKeeper 3.9.0 Apache ZooKeeper 3.6.0 Apache ZooKeeper 3.7.2 Apache ZooKeeper 3.8.3 Apache...

YourSpotify information disclosure | CVE-2024-28193

March 15, 2024

NAME__________YourSpotify information disclosurePlatforms Affected:YourSpotify YourSpotify 1.7.9 YourSpotify YourSpotify 1.7.8Risk Level:6.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________YourSpotify could allow a remote authenticated attacker...

Gacjie Server file upload | CVE-2024-2406

March 15, 2024

NAME__________Gacjie Server file uploadPlatforms Affected:Gacjie Server Gacjie Server 1.0 Gacjie Server Gacjie Server 0.9Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Gacjie Server could allow...

IBM Integration Bus for z/OS cross-site request forgery | CVE-2024-27265

March 15, 2024

NAME__________IBM Integration Bus for z/OS cross-site request forgeryPlatforms Affected:IBM Integration Bus for z/OS 10.1 IBM Integration Bus for z/OS 10.1.0.3Risk...

YourSpotify clickjacking | CVE-2024-28196

March 15, 2024

NAME__________YourSpotify clickjackingPlatforms Affected:YourSpotify YourSpotify 1.8.9 YourSpotify YourSpotify 1.8.8Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________YourSpotify could allow a remote attacker to hijack the clicking...

Siemens SENTRON 7KM PAC3x20 information disclosure | CVE-2024-21483

March 15, 2024

NAME__________Siemens SENTRON 7KM PAC3x20 information disclosurePlatforms Affected:Siemens SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) 3.2.3 Siemens SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) 3.2.3...

Palo Alto Networks GlobalProtect app on Windows privilege escalation | CVE-2024-2432

March 15, 2024

NAME__________Palo Alto Networks GlobalProtect app on Windows privilege escalationPlatforms Affected:Palo Alto Networks GlobalProtect App on Windows 6.2 Palo Alto Networks...

IBM i privilege escalation | CVE-2024-22346

March 15, 2024

NAME__________IBM i privilege escalationPlatforms Affected:IBM i 7.2 IBM i 7.3 IBM i 7.4 IBM i 7.5Risk Level:8.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Db2 for...

Palo Alto Networks Panorama software denial of service | CVE-2024-2433

March 15, 2024

NAME__________Palo Alto Networks Panorama software denial of servicePlatforms Affected:Palo Alto Networks Cloud NGFW Palo Alto Networks Prisma Access Palo Alto...

Palo Alto Networks GlobalProtect app denial of service | CVE-2024-2431

March 15, 2024

NAME__________Palo Alto Networks GlobalProtect app denial of servicePlatforms Affected:Palo Alto Networks GlobalProtect App 6.2 Palo Alto Networks GlobalProtect App 6.1...

YourSpotify security bypass | CVE-2024-28192

March 15, 2024

NAME__________YourSpotify security bypassPlatforms Affected:YourSpotify YourSpotify 1.7.9 YourSpotify YourSpotify 1.7.8Risk Level:5.3Exploitability:Proof of ConceptConsequences:Bypass Security DESCRIPTION__________YourSpotify could allow a remote attacker to...

CVE

IBM Integration Bus for z/OS cross-site request forgery | CVE-2024-27265

IBM Integration Bus for z/OS cross-site request forgery | CVE-2024-27265

SAP Fiori Front End Server security bypass | CVE-2024-22133

Delta Electronics DIAEnergie cross-site scripting | CVE-2024-28045

IBM Secure Proxy cross-site scripting | CVE-2023-47699

Apache CXF server-side request forgery | CVE-2024-28752

IBM Secure Proxy information disclosure | CVE-2023-46181

IBM Secure Proxy file manipulation | CVE-2023-47147

IBM Secure Proxy cross-site scripting | CVE-2023-47162

LinkedIn Greykite file upload | CVE-2024-28425

IBM Secure Proxy information disclosure | CVE-2023-46179

IBM Secure Proxy cross-site scripting | CVE-2023-46182

Siemens Siveillance Control privilege escalation | CVE-2023-45793

Apache ZooKeeper information disclosure | CVE-2024-23944

YourSpotify information disclosure | CVE-2024-28193

Gacjie Server file upload | CVE-2024-2406

IBM Integration Bus for z/OS cross-site request forgery | CVE-2024-27265

YourSpotify clickjacking | CVE-2024-28196

Siemens SENTRON 7KM PAC3x20 information disclosure | CVE-2024-21483

Palo Alto Networks GlobalProtect app on Windows privilege escalation | CVE-2024-2432

IBM i privilege escalation | CVE-2024-22346

Palo Alto Networks Panorama software denial of service | CVE-2024-2433

Palo Alto Networks GlobalProtect app denial of service | CVE-2024-2431

YourSpotify security bypass | CVE-2024-28192

[AKIRA] – Ransomware Victim: Av Alumitran

[Palo Alto Networks Security Advisories] PAN-SA-2025-0010 Informational Bulletin: No Impact of the Marvin Attack onPAN-OS

[Palo Alto Networks Security Advisories] CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability inGlobalProtect Gateway and Portal

[Palo Alto Networks Security Advisories] CVE-2025-0138 Prisma Cloud Compute Edition: Insufficient Session ExpirationVulnerability in the Web Interface

[Palo Alto Networks Security Advisories] CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM onIntel-based hardware devices

You may have missed