Published on 07 Feb 2024
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:
Critical | vulnerabilities with a base score of 9.0 to 10.0 |
High | vulnerabilities with a base score of 7.0 to 8.9 |
Medium | vulnerabilities with a base score of 4.0 to 6.9 |
Low | vulnerabilities with a base score of 0.1 to 3.9 |
None | vulnerabilities with a base score of 0.0 |
For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.
CVE Number | Description | Base Score | Reference |
---|---|---|---|
CVE-2024-23109 | An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2024-23109 |
CVE-2024-23108 | An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2024-23108 |
CVE-2023-47143 | IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 270270. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-47143 |
CVE-2023-49617 | The MachineSense application programmable interface (API) is improperly protected and can be accessed without authentication. A remote attacker could retrieve and modify sensitive information without any authentication. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-49617 |
CVE-2024-23652 | BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. The issue has been fixed in v0.12.5. Workarounds include avoiding using BuildKit frontends from an untrusted source or building an untrusted Dockerfile containing RUN --mount feature. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2024-23652 |
CVE-2024-24594 | A cross-site scripting (XSS) vulnerability in all versions of the web server component of Allegro AI’s ClearML platform allows a remote attacker to execute a JavaScript payload when a user views the Debug Samples tab in the web UI. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-24594 |
CVE-2024-24592 | Lack of authentication in all versions of the fileserver component of Allegro AI’s ClearML platform allows a remote attacker to arbitrarily access, create, modify and delete files. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24592 |
CVE-2024-23917 | In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-23917 |
CVE-2024-0244 | Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS MF750C Series/Color imageCLASS X MF1333C firmware v03.07 and earlier sold in US. i-SENSYS MF754Cdw/C1333iF firmware v03.07 and earlier sold in Europe. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-0244 |
CVE-2023-6234 | Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6234 |
CVE-2023-6233 | Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6233 |
CVE-2023-6232 | Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6232 |
CVE-2023-6231 | Buffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6231 |
CVE-2023-6230 | Buffer overflow in the Address Book password process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6230 |
CVE-2023-6229 | Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6229 |
CVE-2024-0709 | The Cryptocurrency Widgets – Price Ticker & Coins List plugin for WordPress is vulnerable to SQL Injection via the 'coinslist' parameter in versions 2.0 to 2.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-0709 |
CVE-2023-6989 | The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6989 |
CVE-2023-6933 | The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6933 |
CVE-2024-0323 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation Automation Runtime (SDM modules). The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected product clients. This issue affects Automation Runtime: from 14.0 before 14.93. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-0323 |
CVE-2024-1197 | A vulnerability, which was classified as critical, has been found in SourceCodester Testimonial Page Manager 1.0. This issue affects some unknown processing of the file delete-testimonial.php of the component HTTP GET Request Handler. The manipulation of the argument testimony leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-252695. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1197 |
CVE-2024-24029 | JFinalCMS 5.0.0 is vulnerable to SQL injection via /admin/content/data. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24029 |
CVE-2023-39303 | An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-39303 |
CVE-2023-6675 | Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Services CyberMath allows Upload a Web Shell to a Web Server.This issue affects CyberMath: from v.1.4 before v.1.5. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6675 |
CVE-2024-22319 | IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22319 |
CVE-2023-50940 | IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 275130. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50940 |
CVE-2024-21764 | In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific port. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-21764 |
CVE-2024-1039 | Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1039 |
CVE-2024-24561 | Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice() function uses a non-literal argument for the start or length variable, this creates the ability for an attacker to overflow the bounds check. This issue can be used to do OOB access to storage, memory or calldata addresses. It can also be used to corrupt the length slot of the respective array. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24561 |
CVE-2024-23653 | BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, running such containers is only allowed if special `security.insecure` entitlement is enabled both by buildkitd configuration and allowed by the user initializing the build request. The issue has been fixed in v0.12.5 . Avoid using BuildKit frontends from untrusted sources. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-23653 |
CVE-2024-1117 | A vulnerability was found in openBI up to 1.0.8. It has been declared as critical. Affected by this vulnerability is the function index of the file /application/index/controller/Screen.php. The manipulation of the argument fileurl leads to code injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252475. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1117 |
CVE-2024-1116 | A vulnerability was found in openBI up to 1.0.8. It has been classified as critical. Affected is the function index of the file /application/plugins/controller/Upload.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-252474 is the identifier assigned to this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1116 |
CVE-2024-1115 | A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252473 was assigned to this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1115 |
CVE-2024-1114 | A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252472. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1114 |
CVE-2024-1113 | A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadUnity of the file /application/index/controller/Unity.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252471. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1113 |
CVE-2024-21917 | A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-21917 |
CVE-2024-1012 | A vulnerability, which was classified as critical, has been found in Wanhu ezOFFICE 11.1.0. This issue affects some unknown processing of the file defaultroot/platform/bpm/work_flow/operate/wf_printnum.jsp. The manipulation of the argument recordId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252281 was assigned to this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1012 |
CVE-2024-23745 | In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of arbitrary commands within the application's context. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-23745 |
CVE-2024-24593 | A cross-site request forgery (CSRF) vulnerability in all versions of the api and web server components of Allegro AI’s ClearML platform allows a remote attacker to impersonate a user by sending API requests via maliciously crafted html. Exploitation of the vulnerability allows an attacker to compromise confidential workspaces and files, leak sensitive information, and target instances of the ClearML platform within closed off networks. | 9.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-24593 |
CVE-2024-23832 | Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is vulnerable, as well as 4.0.x versions prior to 4.0.13, 4.1.x version prior to 4.1.13, and 4.2.x versions prior to 4.2.5. | 9.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-23832 |
CVE-2023-33072 | Memory corruption in Core while processing control functions. | 9.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-33072 |
CVE-2024-1143 | Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass. | 9.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1143 |
CVE-2024-0221 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated attackers to rename arbitrary files on the server. This can lead to site takeovers if the wp-config.php file of a site can be renamed. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery management permissions to lower level users, which might make this exploitable by users as low as contributors. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-0221 |
CVE-2022-34381 | Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-34381 |
CVE-2023-46706 | Multiple MachineSense devices have credentials unable to be changed by the user or administrator. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-46706 |
CVE-2023-50356 | SSL connections to NOVELL and Synology LDAP server are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision (Server). This allows a remote unauthenticated attacker to gather sensitive information and prevent valid users from login. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-50356 |
CVE-2023-45025 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later | 9 | https://nvd.nist.gov/vuln/detail/CVE-2023-45025 |
CVE Number | Description | Base Score | Reference |
---|---|---|---|
CVE-2023-40545 | Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-40545 |
CVE-2024-22433 | Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity, Protection, and remote takeover of the system. This is a high-severity vulnerability as it allows an attacker to take complete control of DP Search to affect downstream protected devices. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22433 |
CVE-2024-0869 | The Instant Images – One Click Image Uploads from Unsplash, Openverse, Pixabay and Pexels plugin for WordPress is vulnerable to unauthorized arbitrary options update due to an insufficient check that neglects to verify whether the updated option belongs to the plugin on the instant-images/license REST API endpoint in all versions up to, and including, 6.1.0. This makes it possible for authors and higher to update arbitrary options. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-0869 |
CVE-2023-6996 | The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Code Injection via the plugin's vg_display_data shortcode in all versions up to, and including, 1.2.1 due to insufficient input validation and restriction on access to that shortcode. This makes it possible for authenticated attackers with contributor-level and above permissions to call arbitrary functions and execute code. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6996 |
CVE-2023-6846 | The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 8.3.4 via the mk_check_filemanager_php_syntax AJAX function. This makes it possible for authenticated attackers, with subscriber access and above, to execute code on the server. Version 8.3.5 introduces a capability check that prevents users lower than admin from executing this function. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6846 |
CVE-2023-6700 | The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and including, 2.0.22. This makes it possible for authenticated attackers, with subscriber-level access or higher, to edit arbitrary site options which can be used to create administrator accounts. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6700 |
CVE-2023-7216 | A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which could be utilized to run arbitrary commands on the target system. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-7216 |
CVE-2024-24760 | mailcow is a dockerized email package, with multiple containers linked in one bridged network. A security vulnerability has been identified in mailcow affecting versions < 2024-01c. This vulnerability potentially allows attackers on the same subnet to connect to exposed ports of a Docker container, even when the port is bound to 127.0.0.1. The vulnerability has been addressed by implementing additional iptables/nftables rules. These rules drop packets for Docker containers on ports 3306, 6379, 8983, and 12345, where the input interface is not `br-mailcow` and the output interface is `br-mailcow`. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24760 |
CVE-2024-24470 | Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the update_post.php component. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24470 |
CVE-2023-47568 | A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-47568 |
CVE-2023-39297 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-39297 |
CVE-2023-6676 | Cross-Site Request Forgery (CSRF) vulnerability in National Keep Cyber Security Services CyberMath allows Cross Site Request Forgery.This issue affects CyberMath: from v1.4 before v1.5. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6676 |
CVE-2024-22320 | IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22320 |
CVE-2024-22779 | Directory Traversal vulnerability in Kihron ServerRPExposer v.1.0.2 and before allows a remote attacker to execute arbitrary code via the loadServerPack in ServerResourcePackProviderMixin.java. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22779 |
CVE-2023-50936 | IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 275116. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50936 |
CVE-2024-21852 | In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-21852 |
CVE-2023-47867 | MachineSense FeverWarn devices are configured as Wi-Fi hosts in a way that attackers within range could connect to the device's web services and compromise the device. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-47867 |
CVE-2023-6078 | An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023. Upload of a specially crafted perl script can lead to arbitrary command execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6078 |
CVE-2024-22859 | Cross-Site Request Forgery (CSRF) vulnerability in livewire before v3.0.4, allows remote attackers to execute arbitrary code getCsrfToken function. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22859 |
CVE-2024-24573 | facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, when a user updates their profile, a POST request containing user information is sent to the endpoint server/fm-modules/facileManager/ajax/processPost.php. It was found that non-admins can arbitrarily set their permissions and grant their non-admin accounts with super user privileges. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24573 |
CVE-2024-24747 | MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, access keys will be able to simply override their own `s3` permissions to something more permissive. The vulnerability is fixed in RELEASE.2024-01-31T20-20-33Z. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24747 |
CVE-2024-21888 | A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-21888 |
CVE-2024-22140 | Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22140 |
CVE-2024-22136 | Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder.This issue affects Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder: from n/a through 3.1.5. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22136 |
CVE-2024-22304 | Cross-Site Request Forgery (CSRF) vulnerability in Borbis Media FreshMail For WordPress.This issue affects FreshMail For WordPress: from n/a through 2.3.2. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22304 |
CVE-2024-22291 | Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi Browser Theme Color.This issue affects Browser Theme Color: from n/a through 1.3. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22291 |
CVE-2024-22285 | Cross-Site Request Forgery (CSRF) vulnerability in Elise Bosse Frontpage Manager.This issue affects Frontpage Manager: from n/a through 1.3. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22285 |
CVE-2024-22143 | Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check.This issue affects WP Spell Check: from n/a through 9.17. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22143 |
CVE-2024-23507 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InstaWP Team InstaWP Connect – 1-click WP Staging & Migration.This issue affects InstaWP Connect – 1-click WP Staging & Migration: from n/a through 0.1.0.9. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-23507 |
CVE-2024-23651 | BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessible to the build container. The issue has been fixed in v0.12.5. Workarounds include, avoiding using BuildKit frontend from an untrusted source or building an untrusted Dockerfile containing cache mounts with --mount=type=cache,source=... options. | 8.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-23651 |
CVE-2024-24577 | libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary code execution. There is an issue in the `has_dir_name` function in `src/libgit2/index.c`, which frees an entry that should not be freed. The freed entry is later used and overwritten with potentially bad actor-controlled data leading to controlled heap corruption. Depending on the application that uses libgit2, this could lead to arbitrary code execution. This issue has been patched in version 1.6.5 and 1.7.2. | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-24577 |
CVE-2023-43534 | Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-43534 |
CVE-2023-43520 | Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-43520 |
CVE-2024-21626 | runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ("attack 1"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ("attack 3a" and "attack 3b"). runc 1.1.12 includes patches for this issue. | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-21626 |
CVE-2024-21916 | A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF. | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-21916 |
CVE-2023-50165 | Pega Platform versions 8.2.1 to Infinity 23.1.0 are affected by an Generated PDF issue that could expose file contents. | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-50165 |
CVE-2024-23673 | Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system. If the system is vulnerable, a user with write access to the repository might be able to trick the Sling Servlet Resolver to load a previously uploaded script. Users are recommended to upgrade to version 2.11.0, which fixes this issue. It is recommended to upgrade, regardless of whether your system configuration currently allows this attack or not. | 8.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-23673 |
CVE-2023-43535 | Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger. | 8.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-43535 |
CVE-2023-43532 | Memory corruption while reading ACPI config through the user mode app. | 8.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-43532 |
CVE-2023-43517 | Memory corruption in Automotive Multimedia due to improper access control in HAB. | 8.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-43517 |
CVE-2024-20813 | Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | 8.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-20813 |
CVE-2024-20812 | Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | 8.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-20812 |
CVE-2023-31004 | IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote attacker to gain access to the underlying system using man in the middle techniques. IBM X-Force ID: 254765. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-31004 |
CVE-2024-0269 | ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0269 |
CVE-2024-0253 | ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0253 |
CVE-2021-22282 | Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2021-22282 |
CVE-2024-21399 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-21399 |
CVE-2023-33058 | Information disclosure in Modem while processing SIB5. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-33058 |
CVE-2024-1072 | The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seedprod_lite_new_lpage function in all versions up to, and including, 6.15.21. This makes it possible for unauthenticated attackers to change the contents of coming-soon, maintenance pages, login and 404 pages set up with the plugin. Version 6.15.22 addresses this issue but introduces a bug affecting admin pages. We suggest upgrading to 6.15.23. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-1072 |
CVE-2024-0324 | The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wppb_two_factor_authentication_settings_update' function in all versions up to, and including, 3.10.8. This makes it possible for unauthenticated attackers to enable or disable the 2FA functionality present in the Premium version of the plugin for arbitrary user roles. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-0324 |
CVE-2023-52138 | Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged to achieve full Remote Command Execution (RCE) on the target. While handling CPIO archives, the Engrampa Archive manager follows symlink, cpio by default will follow stored symlinks while extracting and the Archiver will not check the symlink location, which leads to arbitrary file writes to unintended locations. When the victim extracts the archive, the attacker can craft a malicious cpio or ISO archive to achieve RCE on the target system. This vulnerability was fixed in commit 63d5dfa. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-52138 |
CVE-2024-21860 | in OpenHarmony v4.0.0 and prior versions allow an adjacent attacker arbitrary code execution in any apps through use after free. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-21860 |
CVE-2020-24681 | Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation Automation Studio allows Privilege Escalation.This issue affects Automation Studio: from 4.6.0 through 4.6.X, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-24681 |
CVE-2024-24570 | Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type validation, asset fields in the control panel, and asset browser in the control panel. Additionally, if the XSS is crafted in a specific way, the "copy password reset link" feature may be exploited to gain access to a user's password reset token and gain access to their account. The authorized user is required to execute the XSS in order for the vulnerability to occur. In versions 4.46.0 and 3.4.17, the XSS vulnerability has been patched, and the copy password reset link functionality has been disabled. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-24570 |
CVE-2024-21893 | A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-21893 |
CVE-2023-6779 | An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-6779 |
CVE-2024-0761 | The File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.1 due to insufficient randomness in the backup filenames, which use a timestamp plus 4 random digits. This makes it possible for unauthenticated attackers, to extract sensitive data including site backups in configurations where the .htaccess file in the directory does not block access. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-0761 |
CVE-2023-38019 | IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 260575. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-38019 |
CVE-2023-49610 | MachineSense FeverWarn Raspberry Pi-based devices lack input sanitization, which could allow an attacker on an adjacent network to send a message running commands or could overflow the stack. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-49610 |
CVE-2024-22305 | Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder with drag & drop for WordPress – Kali Forms.This issue affects Contact Form builder with drag & drop for WordPress – Kali Forms: from n/a through 2.3.36. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22305 |
CVE-2023-45735 | A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45735 |
CVE-2023-38579 | The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2023-38579 |
CVE-2023-50395 | SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited | 8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50395 |
CVE-2023-35188 | SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2023-35188 |
CVE-2024-24591 | A path traversal vulnerability in version 1.4.0 or newer of Allegro AI’s ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary location on an end user’s system when interacted with. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24591 |
CVE-2024-24590 | Deserialization of untrusted data can occur in version 0.17.0 or newer of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24590 |
CVE-2024-20816 | Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2024-20816 |
CVE-2024-20815 | Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2024-20815 |
CVE-2024-1052 | Boundary and Boundary Enterprise (“Boundary”) is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use (TOFU) token may craft a TLS certificate to hijack an active session and gain access to the underlying service or application. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1052 |
CVE-2023-47564 | An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync Central 4.4.0.15 ( 2024/01/04 ) and later Qsync Central 4.3.0.11 ( 2024/01/11 ) and later | 8 | https://nvd.nist.gov/vuln/detail/CVE-2023-47564 |
CVE-2024-22237 | Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22237 |
CVE-2023-25543 | Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in DPM service. A low privileged malicious user could potentially exploit this vulnerability in order to elevate privileges on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25543 |
CVE-2023-43516 | Memory corruption when malformed message payload is received from firmware. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-43516 |
CVE-2023-43513 | Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-43513 |
CVE-2023-33046 | Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-33046 |
CVE-2024-1201 | Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1201 |
CVE-2024-22016 | In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege escalation. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22016 |
CVE-2024-22449 | Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22449 |
CVE-2024-0833 | In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Test Studio install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-0833 |
CVE-2024-0832 | In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Reporting install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-0832 |
CVE-2024-0219 | In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-0219 |
CVE-2023-6246 | A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6246 |
CVE-2024-1086 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1086 |
CVE-2024-1085 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the next generation before freeing it, but only flags it inactive in the next generation, making it possible to free the element multiple times, leading to a double free vulnerability. We recommend upgrading past commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-1085 |
CVE-2021-4435 | An untrusted search path vulnerability was found in Yarn. When a victim runs certain Yarn commands in a directory with attacker-controlled content, malicious commands could be executed in unexpected ways. | 7.7 | https://nvd.nist.gov/vuln/detail/CVE-2021-4435 |
CVE-2023-6221 | The cloud provider MachineSense uses for integration and deployment for multiple MachineSense devices, such as the programmable logic controller (PLC), PumpSense, PowerAnalyzer, FeverWarn, and others is insufficiently protected against unauthorized access. An attacker with access to the internal procedures could view source code, secret credentials, and more. | 7.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-6221 |
CVE-2023-36496 | Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server. | 7.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-36496 |
CVE-2024-24757 | open-irs is an issue response robot that reponds to issues in the installed repository. The `.env` file was accidentally uploaded when working with git actions. This problem is fixed in 1.0.1. Discontinuing all sensitive keys and turning into secrets. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-24757 |
CVE-2023-44313 | Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include). Users are recommended to upgrade to version 2.2.0, which fixes the issue. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-44313 |
CVE-2024-24575 | libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_revparse_single` can cause the function to enter an infinite loop, potentially causing a Denial of Service attack in the calling application. The revparse function in `src/libgit2/revparse.c` uses a loop to parse the user-provided spec string. There is an edge-case during parsing that allows a bad actor to force the loop conditions to access arbitrary memory. Potentially, this could also leak memory if the extracted rev spec is reflected back to the attacker. As such, libgit2 versions before 1.4.0 are not affected. Users should upgrade to version 1.6.5 or 1.7.2. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24575 |
CVE-2023-43536 | Transient DOS while parse fils IE with length equal to 1. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-43536 |
CVE-2023-43533 | Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-43533 |
CVE-2023-43523 | Transient DOS while processing 11AZ RTT management action frame received through OTA. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-43523 |
CVE-2023-43522 | Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-43522 |
CVE-2023-33057 | Transient DOS in Multi-Mode Call Processor while processing UE policy container. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-33057 |
CVE-2023-33049 | Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-33049 |
CVE-2023-6874 | Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6874 |
CVE-2024-24762 | FastAPI is a web framework for building APIs with Python 3.8+ based on standard Python type hints. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can't handle any more requests. It's a ReDoS(Regular expression Denial of Service), it only applies to those reading form data, using `python-multipart`. This vulnerability has been patched in version 0.109.0. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24762 |
CVE-2024-1064 | A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service (DoS) condition via a modified host header | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1064 |
CVE-2023-30999 | IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 254651. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30999 |
CVE-2024-24161 | MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming path parameter is not filtered. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24161 |
CVE-2024-23831 | LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used to create a new user account with full application (/login.pl) privileges, leading to privilege escalation. The vulnerability is patched in versions 1.10.30 and 1.11.9. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-23831 |
CVE-2023-6387 | A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6387 |
CVE-2023-38273 | IBM Cloud Pak System 2.3.1.1, 2.3.2.0, and 2.3.3.7 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 260733. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-38273 |
CVE-2023-47142 | IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-47142 |
CVE-2023-50937 | IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50937 |
CVE-2023-50326 | IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50326 |
CVE-2023-50939 | IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50939 |
CVE-2024-24756 | Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the `lib/public/` directory can be requested from the server. Instances running behind Cloudflare (including crafatar.com) are not affected. Instances using the Docker container as shown in the README are affected, but only files within the container can be read. By default, all of the files within the container can also be found in this repository and are not confidential. This vulnerability is patched in 2.1.5. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24756 |
CVE-2023-49115 | MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-49115 |
CVE-2024-1098 | A vulnerability was found in Rebuild up to 3.5.5 and classified as problematic. This issue affects the function QiniuCloud.getStorageFile of the file /filex/proxy-download. The manipulation of the argument url leads to information disclosure. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252455. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1098 |
CVE-2023-47562 | An OS command injection vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-47562 |
CVE-2020-29504 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing Required Cryptographic Step Vulnerability. | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2020-29504 |
CVE-2023-32451 | Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-32451 |
CVE-2023-43519 | Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-43519 |
CVE-2023-43518 | Memory corruption in video while parsing invalid mp2 clip. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-43518 |
CVE-2024-1225 | A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by this vulnerability is the function rmb_pay of the file /application/index/controller/Pay.php. The manipulation of the argument callback_class leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252847. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1225 |
CVE-2023-43016 | IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote user to log into the server due to a user account with an empty password. IBM X-Force ID: 266154. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-43016 |
CVE-2024-0338 | A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. An attacker could execute arbitrary code through a long file debug argument that controls the Structured Exception Handler (SEH). | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0338 |
CVE-2024-1112 | Heap-based buffer overflow vulnerability in Resource Hacker, developed by Angus Johnson, affecting version 3.6.0.92. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1112 |
CVE-2023-47618 | A post authentication command execution vulnerability exists in the web filtering functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-47618 |
CVE-2023-47617 | A post authentication command injection vulnerability exists when configuring the web group member of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-47617 |
CVE-2023-47209 | A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-47209 |
CVE-2023-47167 | A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-47167 |
CVE-2023-46683 | A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection . An attacker can make an authenticated HTTP request to trigger this vulnerability. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-46683 |
CVE-2023-43482 | A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-43482 |
CVE-2023-42664 | A post authentication command injection vulnerability exists when setting up the PPTP global configuration of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-42664 |
CVE-2023-36498 | A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability and gain access to an unrestricted shell. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-36498 |
CVE-2023-6925 | The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importZipFile' function in versions up to, and including, 1.0.42. This makes it possible for authenticated attackers with a role that the administrator previously granted access to the plugin (the default is editor role, but access can also be granted to contributor role), to upload arbitrary files on the affected site's server which may make remote code execution possible. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-6925 |
CVE-2023-6635 | The EditorsKit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'import_styles' function in versions up to, and including, 1.40.3. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-6635 |
CVE-2023-47566 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-47566 |
CVE-2023-45037 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-45037 |
CVE-2023-45036 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-45036 |
CVE-2023-41292 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41292 |
CVE-2023-41283 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41283 |
CVE-2023-41282 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41282 |
CVE-2023-41281 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41281 |
CVE-2023-41280 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41280 |
CVE-2023-41279 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41279 |
CVE-2023-41278 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41278 |
CVE-2023-41277 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41277 |
CVE-2023-41276 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41276 |
CVE-2023-41275 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41275 |
CVE-2023-41273 | A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-41273 |
CVE-2023-39302 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-39302 |
CVE-2020-24682 | Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP; NET/PVI: from 4.0 through 4.6, from 4.7.0 before 4.7.7, from 4.8.0 before 4.8.6, from 4.9.0 before 4.9.4. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-24682 |
CVE-2024-1069 | The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-1069 |
CVE-2023-31505 | An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-31505 |
CVE-2023-33060 | Transient DOS in Core when DDR memory check is called while DDR is not initialized. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-33060 |
CVE-2024-0428 | The Index Now plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.3. This is due to missing or incorrect nonce validation on the 'reset_form' function. This makes it possible for unauthenticated attackers to delete arbitrary site options via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-0428 |
CVE-2024-24848 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MJS Software PT Sign Ups – Beautiful volunteer sign ups and management made easy allows Stored XSS.This issue affects PT Sign Ups – Beautiful volunteer sign ups and management made easy: from n/a through 1.0.4. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-24848 |
CVE-2024-24847 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgadbois CalculatorPro Calculators allows Reflected XSS.This issue affects CalculatorPro Calculators: from n/a through 1.1.7. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-24847 |
CVE-2024-24846 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Addons for Elementor allows Reflected XSS.This issue affects Mighty Addons for Elementor: from n/a through 1.9.3. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-24846 |
CVE-2024-24866 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Biteship Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo allows Reflected XSS.This issue affects Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo: from n/a through 2.2.24. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-24866 |
CVE-2023-32327 | IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 254783. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-32327 |
CVE-2024-23895 | A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/locationcreate.php, in the locationid parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-23895 |
CVE-2023-51540 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kunal Nagar Custom 404 Pro allows Stored XSS.This issue affects Custom 404 Pro: from n/a through 3.10.0. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-51540 |
CVE-2024-22290 | Cross-Site Request Forgery (CSRF) vulnerability in AboZain,O7abeeb,UnitOne Custom Dashboard Widgets allows Cross-Site Scripting (XSS).This issue affects Custom Dashboard Widgets: from n/a through 1.3.1. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22290 |
CVE-2024-22287 | Cross-Site Request Forgery (CSRF) vulnerability in Lud?k Melichar Better Anchor Links allows Cross-Site Scripting (XSS).This issue affects Better Anchor Links: from n/a through 1.7.5. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22287 |
CVE-2024-24557 | Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHECK and ONBUILD) would not cause a cache miss. An attacker with the knowledge of the Dockerfile someone is using could poison their cache by making them pull a specially crafted image that would be considered as a valid cache candidate for some build steps. 23.0+ users are only affected if they explicitly opted out of Buildkit (DOCKER_BUILDKIT=0 environment variable) or are using the /build API endpoint. All users on versions older than 23.0 could be impacted. Image build API endpoint (/build) and ImageBuild function from github.com/docker/docker/client is also affected as it the uses classic builder by default. Patches are included in 24.0.9 and 25.0.2 releases. | 6.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-24557 |
CVE-2023-4503 | An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-4503 |
CVE-2023-32479 | Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in installed directory and taking reverse shell of the system leading to Privilege Escalation. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-32479 |
CVE-2023-28063 | Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-28063 |
CVE-2023-33077 | Memory corruption in HLOS while converting from authorization token to HIDL vector. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-33077 |
CVE-2023-33069 | Memory corruption in Audio while processing the calibration data returned from ACDB loader. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-33069 |
CVE-2023-33068 | Memory corruption in Audio while processing IIR config data from AFE calibration block. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-33068 |
CVE-2023-33067 | Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-33067 |
CVE-2023-50359 | An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-50359 |
CVE-2023-45213 | A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device. | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-45213 |
CVE-2023-32474 | Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-32474 |
CVE-2024-20819 | Out out bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow. | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-20819 |
CVE-2024-20818 | Out out bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow. | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-20818 |
CVE-2024-20817 | Out out bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow. | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-20817 |
CVE-2024-0699 | The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'add_image_from_url' function in all versions up to, and including, 2.1.4. This makes it possible for authenticated attackers, with Editor access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-0699 |
CVE-2024-0668 | The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'process_bulk_action' function. This makes it possible for authenticated attacker, with administrator access and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-0668 |
CVE-2024-0678 | The Order Delivery Date for WP e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'available-days-tf' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-0678 |
CVE-2024-0586 | The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Login/Register Element in all versions up to, and including, 5.9.4 due to insufficient input sanitization and output escaping on the custom login URL. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-0586 |
CVE-2023-6985 | The 10Web AI Assistant – AI content writing assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the install_plugin AJAX action in all versions up to, and including, 1.0.18. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins that can be used to gain further access to a compromised site. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6985 |
CVE-2024-24574 | phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Unsafe echo of filename in phpMyFAQ\\phpmyfaq\\admin\\attachments.php leads to allowed execution of JavaScript code in client side (XSS). This vulnerability has been patched in version 3.2.5. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24574 |
CVE-2024-22208 | phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The 'sharing FAQ' functionality allows any unauthenticated actor to misuse the phpMyFAQ application to send arbitrary emails to a large range of targets. The phpMyFAQ application has a functionality where anyone can share a FAQ item to others. The front-end of this functionality allows any phpMyFAQ articles to be shared with 5 email addresses. Any unauthenticated actor can perform this action. There is a CAPTCHA in place, however the amount of people you email with a single request is not limited to 5 by the backend. An attacker can thus solve a single CAPTCHA and send thousands of emails at once. An attacker can utilize the target application's email server to send phishing messages. This can get the server on a blacklist, causing all emails to end up in spam. It can also lead to reputation damages. This issue has been patched in version 3.2.5. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-22208 |
CVE-2023-27318 | StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to a crash of the Local Distribution Router (LDR) service. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27318 |
CVE-2024-24768 | 1Panel is an open source Linux server operation and maintenance management panel. The HTTPS cookie that comes with the panel does not have the Secure keyword, which may cause the cookie to be sent in plain text if accessed using HTTP. This issue has been patched in version 1.9.6. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24768 |
CVE-2024-24865 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noah Kagan Scroll Triggered Box allows Stored XSS.This issue affects Scroll Triggered Box: from n/a through 2.3. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24865 |
CVE-2024-24839 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.6.1. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24839 |
CVE-2024-24838 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Five Star Plugins Five Star Restaurant Reviews allows Stored XSS.This issue affects Five Star Restaurant Reviews: from n/a through 2.3.5. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24838 |
CVE-2024-24870 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.10. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24870 |
CVE-2023-51504 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan Dulaney Dan's Embedder for Google Calendar allows Stored XSS.This issue affects Dan's Embedder for Google Calendar: from n/a through 1.2. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-51504 |
CVE-2023-6240 | A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6240 |
CVE-2023-37528 | A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attack to exploit an application parameter during execution of the Save Report. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-37528 |
CVE-2023-31006 | IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to a denial of service attacks on the DSC server. IBM X-Force ID: 254776. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31006 |
CVE-2024-21485 | Versions of the package dash-core-components before 2.13.0; all versions of the package dash-core-components; versions of the package dash before 2.15.0; all versions of the package dash-html-components; versions of the package dash-html-components before 2.0.16 are vulnerable to Cross-site Scripting (XSS) when the href of the a tag is controlled by an adversary. An authenticated attacker who stores a view that exploits this vulnerability could steal the data that's visible to another user who opens that view - not just the data already included on the page, but they could also, in theory, make additional requests and access other data accessible to this user. In some cases, they could also steal the access tokens of that user, which would allow the attacker to act as that user, including viewing other apps and resources hosted on the same server.\r\r**Note:**\r\rThis is only exploitable in Dash apps that include some mechanism to store user input to be reloaded by a different user. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-21485 |
CVE-2023-38263 | IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 260577. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-38263 |
CVE-2023-50935 | IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote attacker to obtain unauthorized access to application functionality and/or resources. IBM X-Force ID: 275115. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50935 |
CVE-2023-32333 | IBM Maximo Asset Management 7.6.1.3 could allow a remote attacker to log into the admin panel due to improper access controls. IBM X-Force ID: 255073. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-32333 |
CVE-2024-22096 | In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the system. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-22096 |
CVE-2024-23645 | GLPI is a Free Asset and IT Management Software package. A malicious URL can be used to execute XSS on reports pages. Upgrade to 10.0.12. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-23645 |
CVE-2024-24752 | Bref enable serverless PHP on AWS Lambda. When Bref is used with the Event-Driven Function runtime and the handler is a `RequestHandlerInterface`, then the Lambda event is converted to a PSR7 object. During the conversion process, if the request is a MultiPart, each part is parsed and for each which contains a file, it is extracted and saved in `/tmp` with a random filename starting with `bref_upload_`. The flow mimics what plain PHP does but it does not delete the temporary files when the request has been processed. An attacker could fill the Lambda instance disk by performing multiple MultiPart requests containing files. This vulnerability is patched in 2.1.13. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24752 |
CVE-2023-51677 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.23. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-51677 |
CVE-2023-51674 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More allows Stored XSS.This issue affects Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More: from n/a through 6.9.18. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-51674 |
CVE-2023-51669 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artios Media Product Code for WooCommerce allows Stored XSS.This issue affects Product Code for WooCommerce: from n/a through 1.4.4. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-51669 |
CVE-2023-51666 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Related Post allows Stored XSS.This issue affects Related Post: from n/a through 2.0.53. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-51666 |
CVE-2024-24572 | facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, the $_REQUEST global array was unsafely called inside an extract() function in admin-logs.php. The PHP file fm-init.php prevents arbitrary manipulation of $_SESSION via the GET/POST parameters. However, it does not prevent manipulation of any other sensitive variables such as $search_sql. Knowing this, an authenticated user with privileges to view site logs can manipulate the search_sql variable by appending a GET parameter search_sql in the URL. The information above means that the checks and SQL injection prevention attempts were rendered unusable. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24572 |
CVE-2024-23502 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in InfornWeb Posts List Designer by Category – List Category Posts Or Recent Posts allows Stored XSS.This issue affects Posts List Designer by Category – List Category Posts Or Recent Posts: from n/a through 3.3.2. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-23502 |
CVE-2024-22238 | Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22238 |
CVE-2024-1046 | The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'reg-number-field' shortcode in all versions up to, and including, 4.14.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-1046 |
CVE-2024-0961 | The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the code editor in all versions up to, and including, 1.58.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0961 |
CVE-2024-0954 | The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting through editing context via the 'data-eael-wrapper-link' wrapper in all versions up to, and including, 5.9.7 due to insufficient input sanitization and output escaping on user supplied protocols. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0954 |
CVE-2024-0834 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link_to parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0834 |
CVE-2024-0508 | The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table Elementor Widget in all versions up to, and including, 2.10.27 due to insufficient input sanitization and output escaping on the user supplied link URL. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0508 |
CVE-2024-0448 | The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget URL parameters in all versions up to, and including, 8.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0448 |
CVE-2024-0384 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Recipe Notes in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0384 |
CVE-2024-0382 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0 due to unrestricted use of the 'header_tag' attribute. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0382 |
CVE-2024-0255 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprm-recipe-text-share' shortcode in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0255 |
CVE-2024-0254 | The (Simply) Guest Author Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post meta in all versions up to, and including, 4.34 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0254 |
CVE-2023-7029 | The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including 9.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability was partially fixed in version 9.7.6. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-7029 |
CVE-2023-6982 | The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode and postmeta in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-6982 |
CVE-2023-6884 | This plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on the 'place_id' attribute. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-6884 |
CVE-2023-6808 | The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.0.93 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-6808 |
CVE-2023-6807 | The GeneratePress Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom meta output in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-6807 |
CVE-2023-6701 | The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a custom text field in all versions up to, and including, 6.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-6701 |
CVE-2023-6526 | The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-6526 |
CVE-2024-0963 | The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's CP_CALCULATED_FIELDS shortcode in all versions up to, and including, 1.2.52 due to insufficient input sanitization and output escaping on user supplied 'location' attribute. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0963 |
CVE-2024-1073 | The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'filter_array' parameter in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-1073 |
CVE-2023-7069 | The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and including, 2023.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. CVE-2024-24870 is likely a duplicate of this issue. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-7069 |
CVE-2024-1263 | A vulnerability, which was classified as critical, was found in Juanpao JPShop up to 1.5.02. Affected is the function actionUpdate of the file /api/controllers/merchant/shop/PosterController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-253002 is the identifier assigned to this vulnerability. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1263 |
CVE-2024-1262 | A vulnerability, which was classified as critical, has been found in Juanpao JPShop up to 1.5.02. This issue affects the function actionUpdate of the file /api/controllers/merchant/design/MaterialController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-253001 was assigned to this vulnerability. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1262 |
CVE-2024-1261 | A vulnerability classified as critical was found in Juanpao JPShop up to 1.5.02. This vulnerability affects the function actionIndex of the file /api/controllers/merchant/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-253000. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1261 |
CVE-2024-1260 | A vulnerability classified as critical has been found in Juanpao JPShop up to 1.5.02. This affects the function actionIndex of the file /api/controllers/admin/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252999. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1260 |
CVE-2024-1259 | A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/controllers/admin/app/AppController.php of the component API. The manipulation of the argument app_pic_url leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252998 is the identifier assigned to this vulnerability. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1259 |
CVE-2023-32454 | DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-32454 |
CVE-2023-5677 | Brandon Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact of exploiting this vulnerability is lower with operator-privileges compared to administrator-privileges service accounts. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-5677 |
CVE-2024-1198 | A vulnerability, which was classified as critical, was found in openBI up to 6.0.3. Affected is the function addxinzhi of the file application/controllers/User.php of the component Phar Handler. The manipulation of the argument outimgurl leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252696. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1198 |
CVE-2021-22281 | : Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2021-22281 |
CVE-2024-22331 | IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy (UCD) - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971. | 6.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-22331 |
CVE-2024-23550 | HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent. | 6.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-23550 |
CVE-2023-32329 | IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. IBM X-Force ID: 254972. | 6.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-32329 |
CVE-2023-31005 | IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a local user to escalate their privileges due to an improper security configuration. IBM X-Force ID: 254767. | 6.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-31005 |
CVE-2024-21869 | In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see them. | 6.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-21869 |
CVE-2024-24941 | In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-24941 |
CVE-2023-33065 | Information disclosure in Audio while accessing AVCS services from ADSP payload. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-33065 |
CVE-2024-0660 | The Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.7.2. This is due to missing or incorrect nonce validation on the update_settings function. This makes it possible for unauthenticated attackers to change form settings and add malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-0660 |
CVE-2024-0509 | The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘request’ parameter in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-0509 |
CVE-2023-6028 | A reflected cross-site scripting (XSS) vulnerability exists in the SVG version of System Diagnostics Manager of B&R Automation Runtime versions <= G4.93 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-6028 |
CVE-2024-1196 | A vulnerability classified as problematic was found in SourceCodester Testimonial Page Manager 1.0. This vulnerability affects unknown code of the file add-testimonial.php of the component HTTP POST Request Handler. The manipulation of the argument name/description/testimony leads to cross site scripting. The attack can be initiated remotely. VDB-252694 is the identifier assigned to this vulnerability. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-1196 |
CVE-2024-23635 | AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the `preserveComments` directive must be enabled in your policy file. As a result, certain crafty inputs can result in elements in comment tags being interpreted as executable when using AntiSamy's sanitized output. Patched in AntiSamy 1.7.5 and later. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-23635 |
CVE-2023-6673 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in National Keep Cyber Security Services CyberMath allows Reflected XSS.This issue affects CyberMath: from v.1.4 before v.1.5. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-6673 |
CVE-2023-47144 | IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270271. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-47144 |
CVE-2023-50933 | IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-50933 |
CVE-2024-23034 | Cross Site Scripting vulnerability in the input parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-23034 |
CVE-2024-23033 | Cross Site Scripting vulnerability in the path parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-23033 |
CVE-2024-23032 | Cross Site Scripting vulnerability in num parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-23032 |
CVE-2024-23031 | Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-23031 |
CVE-2024-22927 | Cross Site Scripting (XSS) vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22927 |
CVE-2023-51509 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login allows Reflected XSS.This issue affects RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login: from n/a through 5.2.4.1. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-51509 |
CVE-2024-22148 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Smart Editor JoomUnited allows Reflected XSS.This issue affects JoomUnited: from n/a through 1.3.3. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22148 |
CVE-2024-21750 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scribit Shortcodes Finder allows Reflected XSS.This issue affects Shortcodes Finder: from n/a through 1.5.5. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-21750 |
CVE-2024-22159 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22159 |
CVE-2024-1111 | A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched remotely. VDB-252470 is the identifier assigned to this vulnerability. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-1111 |
CVE-2024-22293 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22293 |
CVE-2024-22289 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Post views Stats allows Reflected XSS.This issue affects Post views Stats: from n/a through 1.3. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22289 |
CVE-2024-22286 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aluka BA Plus – Before & After Image Slider FREE allows Reflected XSS.This issue affects BA Plus – Before & After Image Slider FREE: from n/a through 1.0.3. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22286 |
CVE-2024-22282 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Torbert SimpleMap Store Locator allows Reflected XSS.This issue affects SimpleMap Store Locator: from n/a through 2.6.1. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22282 |
CVE-2024-22163 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shield Security Shield Security – Smart Bot Blocking & Intrusion Prevention Security allows Stored XSS.This issue affects Shield Security – Smart Bot Blocking & Intrusion Prevention Security: from n/a through 18.5.7. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22163 |
CVE-2024-22162 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM Shortcodes allows Reflected XSS.This issue affects WPZOOM Shortcodes: from n/a through 1.0.1. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22162 |
CVE-2024-22160 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bradley B. Dalina Image Tag Manager allows Reflected XSS.This issue affects Image Tag Manager: from n/a through 1.5. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22160 |
CVE-2023-50166 | Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-50166 |
CVE-2024-22307 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay allows Reflected XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.5.7. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-22307 |
CVE-2024-23508 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-23508 |
CVE-2024-24595 | Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords. | 6 | https://nvd.nist.gov/vuln/detail/CVE-2024-24595 |
CVE-2024-22388 | Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-22388 |
CVE-2023-33076 | Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-33076 |
CVE-2024-0202 | A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib is compiled with the support for RSA key exchange ciphersuites in TLS (by setting the USE_RSA_SUITES define), it will be vulnerable to the timing variant of the Bleichenbacher attack. An attacker that is able to perform a large number of connections to the server will be able to decrypt RSA ciphertexts or forge signatures using server's certificate. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-0202 |
CVE-2023-50782 | A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50782 |
CVE-2023-50781 | A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50781 |
CVE-2024-24841 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan's Art Add Customer for WooCommerce allows Stored XSS.This issue affects Add Customer for WooCommerce: from n/a through 1.7. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-24841 |
CVE-2021-21575 | Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2021-21575 |
CVE-2024-0685 | The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitted through forms in all versions up to, and including, 3.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to inject SQL in their email address that will append additional into the already existing query when an administrator triggers a personal data export. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-0685 |
CVE-2023-50962 | IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" (HSTS) web security policy mechanism. IBM X-Force ID: 276004. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50962 |
CVE-2023-51446 | GLPI is a Free Asset and IT Management Software package. When authentication is made against a LDAP, the authentication form can be used to perform LDAP injection. Upgrade to 10.0.12. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-51446 |
CVE-2023-51548 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Neil Gee SlickNav Mobile Menu allows Stored XSS.This issue affects SlickNav Mobile Menu: from n/a through 1.9.2. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-51548 |
CVE-2023-51536 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms – WordPress Form Builder allows Stored XSS.This issue affects CRM Perks Forms – WordPress Form Builder: from n/a through 1.1.2. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-51536 |
CVE-2024-0914 | A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-0914 |
CVE-2023-44312 | Exposure of Sensitive Information to an Unauthorized Actor in Apache ServiceComb Service-Center.This issue affects Apache ServiceComb Service-Center before 2.1.0 (include). Users are recommended to upgrade to version 2.2.0, which fixes the issue. | 5.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-44312 |
CVE-2023-40544 | An attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications. | 5.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-40544 |
CVE-2024-22202 | phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. phpMyFAQ's user removal page allows an attacker to spoof another user's detail, and in turn make a compelling phishing case for removing another user's account. The front-end of this page doesn't allow changing the form details, an attacker can utilize a proxy to intercept this request and submit other data. Upon submitting this form, an email is sent to the administrator informing them that this user wants to delete their account. An administrator has no way of telling the difference between the actual user wishing to delete their account or the attacker issuing this for an account they do not control. This issue has been patched in version 3.2.5. | 5.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-22202 |
CVE-2023-5992 | A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. | 5.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-5992 |
CVE-2024-1252 | A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this vulnerability is an unknown functionality of the file /general/attendance/manage/ask_duty/delete.php. The manipulation of the argument ASK_DUTY_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-252991. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1252 |
CVE-2024-1251 | A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /general/email/outbox/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-252990 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1251 |
CVE-2024-0911 | A flaw was found in Indent. This issue may allow a local user to use a specially-crafted file to trigger a heap-based buffer overflow, which can lead to an application crash. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-0911 |
CVE-2024-0684 | A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-0684 |
CVE-2023-33064 | Transient DOS in Audio when invoking callback function of ASM driver. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-33064 |
CVE-2024-20826 | Implicit intent hijacking vulnerability in UPHelper library prior to version 4.0.0 allows local attackers to access sensitive information via implicit intent. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-20826 |
CVE-2024-20825 | Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-20825 |
CVE-2024-20824 | Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-20824 |
CVE-2024-20823 | Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-20823 |
CVE-2024-20822 | Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-20822 |
CVE-2024-0691 | The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported folder titles in all versions up to, and including, 5.5.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. It may also be possible to socially engineer an administrator into uploading a malicious folder import. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-0691 |
CVE-2024-0659 | The Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the variable pricing option title in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with shop manger-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-0659 |
CVE-2023-22817 | Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed by fixing DNS addresses that refer to loopback. This issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-22817 |
CVE-2019-25159 | A vulnerability was found in mpedraza2020 Intranet del Monterroso up to 4.50.0. It has been classified as critical. This affects an unknown part of the file config/cargos.php. The manipulation of the argument dni_profe leads to sql injection. Upgrading to version 4.51.0 is able to address this issue. The identifier of the patch is 678190bee1dfd64b54a2b0e88abfd009e78adce8. It is recommended to upgrade the affected component. The identifier VDB-252717 was assigned to this vulnerability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-25159 |
CVE-2024-1195 | A vulnerability classified as critical was found in iTop VPN up to 4.0.0.1. Affected by this vulnerability is an unknown functionality in the library ITopVpnCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The identifier VDB-252685 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1195 |
CVE-2023-47561 | A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-47561 |
CVE-2023-43756 | in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-43756 |
CVE-2024-1167 | When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information unrestricted file access can occur. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1167 |
CVE-2024-1141 | A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1141 |
CVE-2024-22430 | Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions vulnerability. A local low privileges malicious user could potentially exploit this vulnerability, leading to denial of service. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-22430 |
CVE-2023-45227 | An attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "dns.0.server" parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-45227 |
CVE-2023-45222 | An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "autorefresh" parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-45222 |
CVE-2023-42765 | An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "username" parameter in the SNMP configuration. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-42765 |
CVE-2023-40143 | An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-40143 |
CVE-2024-0823 | The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Link To' url in carousels in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0823 |
CVE-2024-0790 | The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8.1. This is due to missing or incorrect nonce validation on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions. This makes it possible for unauthenticated attackers to create, modify and delete taxonomy terms via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Furthermore, the functions wpbe_save_options, wpbe_bulk_delete_posts_count, wpbe_bulk_delete_posts, and wpbe_save_meta are vulnerable to Cross-Site Request Forgery allowing for plugin options update, post count deletion, post deletion and modification of post metadata via forged request. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0790 |
CVE-2024-0585 | The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 5.9.4 due to insufficient input sanitization and output escaping on the Image URL. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0585 |
CVE-2024-0380 | The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon' attribute used in Shortcodes. This makes it possible for authenticated attackers, with contributor-level access and above, to include the contents of SVG files on the server, which can be leveraged for Cross-Site Scripting. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0380 |
CVE-2023-5800 | Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-5800 |
CVE-2023-50947 | IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 275665. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-50947 |
CVE-2024-0895 | The PDF Flipbook, 3D Flipbook – DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to, and including, 2.2.26 due to insufficient input sanitization and output escaping on user supplied data. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0895 |
CVE-2024-1199 | A vulnerability has been found in CodeAstro Employee Task Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file \\employee-tasks-php\\attendance-info.php. The manipulation of the argument aten_id leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252697 was assigned to this vulnerability. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-1199 |
CVE-2023-37527 | A reflected cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-37527 |
CVE-2024-24160 | MRCMS 3.0 contains a Cross-Site Scripting (XSS) vulnerability via /admin/system/saveinfo.do. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-24160 |
CVE-2023-6672 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in National Keep Cyber Security Services CyberMath allows Stored XSS.This issue affects CyberMath: from v1.4 before v1.5. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-6672 |
CVE-2023-50941 | IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-50941 |
CVE-2024-21794 | In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login page. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-21794 |
CVE-2024-24569 | The Pixee Java Code Security Toolkit is a set of security APIs meant to help secure Java code. `ZipSecurity#isBelowCurrentDirectory` is vulnerable to a partial-path traversal bypass. To be vulnerable to the bypass, the application must use toolkit version <=1.1.1, use ZipSecurity as a guard against path traversal, and have an exploit path. Although the control still protects attackers from escaping the application path into higher level directories (e.g., /etc/), it will allow "escaping" into sibling paths. For example, if your running path is /my/app/path you an attacker could navigate into /my/app/path-something-else. This vulnerability is patched in 1.1.2. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-24569 |
CVE-2024-24062 | springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/role. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-24062 |
CVE-2024-24061 | springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sysContent/add. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-24061 |
CVE-2024-24060 | springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/user. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-24060 |
CVE-2024-24059 | springboot-manager v1.6 is vulnerable to Arbitrary File Upload. The system does not filter the suffixes of uploaded files. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-24059 |
CVE-2023-51520 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPdevelop / Oplugins WP Booking Calendar allows Stored XSS.This issue affects WP Booking Calendar: from n/a before 9.7.4. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51520 |
CVE-2023-51514 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51514 |
CVE-2023-51506 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WPCS – WordPress Currency Switcher Professional allows Stored XSS.This issue affects WPCS – WordPress Currency Switcher Professional: from n/a through 1.2.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51506 |
CVE-2023-52118 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Event Manager WP User Profile Avatar allows Stored XSS.This issue affects WP User Profile Avatar: from n/a through 1.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-52118 |
CVE-2023-51694 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51694 |
CVE-2023-51693 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Icons allows Stored XSS.This issue affects Themify Icons: from n/a through 2.0.1. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51693 |
CVE-2023-51690 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.8. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51690 |
CVE-2023-51689 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through 1.2.2.10. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51689 |
CVE-2023-51684 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Easy Digital Downloads Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) allows Stored XSS.This issue affects Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy): from n/a through 3.2.5. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51684 |
CVE-2023-51532 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building: from n/a through 3.1.19. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51532 |
CVE-2023-52195 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Posts to Page Kerry James allows Stored XSS.This issue affects Kerry James: from n/a through 1.7. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-52195 |
CVE-2023-52194 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takayuki Miyauchi oEmbed Gist allows Stored XSS.This issue affects oEmbed Gist: from n/a through 4.9.1. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-52194 |
CVE-2023-52193 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through 1.5.23. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-52193 |
CVE-2023-52192 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 1.0.11. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-52192 |
CVE-2023-52191 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Torbjon Infogram – Add charts, maps and infographics allows Stored XSS.This issue affects Infogram – Add charts, maps and infographics: from n/a through 1.6.1. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-52191 |
CVE-2023-52189 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jhayghost Ideal Interactive Map allows Stored XSS.This issue affects Ideal Interactive Map: from n/a through 1.2.4. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-52189 |
CVE-2023-52188 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson Footer Putter allows Stored XSS.This issue affects Footer Putter: from n/a through 1.17. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-52188 |
CVE-2023-52175 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Uno (miunosoft) Auto Amazon Links – Amazon Associates Affiliate Plugin allows Stored XSS.This issue affects Auto Amazon Links – Amazon Associates Affiliate Plugin: from n/a through 5.1.1. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-52175 |
CVE-2024-23941 | Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-23941 |
CVE-2024-24571 | facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the input fields as there is insufficient input validation. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-24571 |
CVE-2024-22158 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User Profiles: from n/a before 6.3.1.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22158 |
CVE-2024-22150 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PWR Plugins Portfolio & Image Gallery for WordPress | PowerFolio allows Stored XSS.This issue affects Portfolio & Image Gallery for WordPress | PowerFolio: from n/a through 3.1. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22150 |
CVE-2024-22146 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.25. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22146 |
CVE-2024-22297 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap allows Stored XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.11. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22297 |
CVE-2024-22295 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery allows Stored XSS.This issue affects Photo Gallery, Images, Slider in Rbs Image Gallery: from n/a through 3.2.17. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22295 |
CVE-2024-22292 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Delower WP To Do allows Stored XSS.This issue affects WP To Do: from n/a through 1.2.8. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22292 |
CVE-2024-22310 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.7. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22310 |
CVE-2024-22302 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ignazio Scimone Albo Pretorio On line allows Stored XSS.This issue affects Albo Pretorio On line: from n/a through 4.6.6. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22302 |
CVE-2024-23505 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive PDF Viewer & 3D PDF Flipbook – DearPDF allows Stored XSS.This issue affects PDF Viewer & 3D PDF Flipbook – DearPDF: from n/a through 2.0.38. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-23505 |
CVE-2024-1103 | A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file profile.php of the component Feedback Form. The manipulation of the argument Your Feedback with the input <img src=x onerror=alert(document.cookie)> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252458 is the identifier assigned to this vulnerability. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-1103 |
CVE-2024-0589 | Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0589 |
CVE-2024-1099 | A vulnerability was found in Rebuild up to 3.5.5. It has been classified as problematic. Affected is the function getFileOfData of the file /filex/read-raw. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252456. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-1099 |
CVE-2023-2439 | The UserPro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userpro' shortcode in versions up to, and including, 5.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-2439 |
CVE-2024-22569 | Stored Cross-Site Scripting (XSS) vulnerability in POSCMS v4.6.2, allows attackers to execute arbitrary code via a crafted payload to /index.php?c=install&m=index&step=2&is_install_db=0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-22569 |
CVE-2024-22239 | Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-22239 |
CVE-2024-1255 | A vulnerability has been found in sepidz SepidzDigitalMenu up to 7.1.0728.1 and classified as problematic. This vulnerability affects unknown code of the file /Waiters. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252994 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1255 |
CVE-2024-23344 | Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted information when a process validates the permissions of multiple users (e.g. mail notifications). This issue has been patched in version 15.4.99.140 of Tuleap Community Edition. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-23344 |
CVE-2023-46183 | IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could allow a system administrator to obtain sensitive partition information. IBM X-Force ID: 269695. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-46183 |
CVE-2024-24943 | In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24943 |
CVE-2024-24942 | In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24942 |
CVE-2024-24938 | In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24938 |
CVE-2024-1210 | The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1210 |
CVE-2024-1209 | The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1209 |
CVE-2024-1208 | The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1208 |
CVE-2024-1177 | The WP Club Manager – WordPress Sports Club Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settings_save() function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers to update the permalink structure for the clubs | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1177 |
CVE-2024-1121 | The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_json_file() function in all versions up to, and including, 1.9.3.2. This makes it possible for unauthenticated attackers to export form settings. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1121 |
CVE-2024-0969 | The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's "Default Restriction" feature and view restricted post content. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0969 |
CVE-2024-0701 | The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for unauthenticated attackers to register an account even when account registration has been disabled by an administrator. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0701 |
CVE-2023-7014 | The Author Box, Guest Author and Co-Authors for Your Posts – Molongui plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.7.4 via the 'ma_debu' parameter. This makes it possible for unauthenticated attackers to extract sensitive data including post author emails and names if applicable. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7014 |
CVE-2023-6963 | The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to bypass the Captcha Verification of the Contact Form block by omitting 'g-recaptcha-response' from the 'data' array. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-6963 |
CVE-2023-6557 | The The Events Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.2.8.2 via the route function hooked into wp_ajax_nopriv_tribe_dropdown. This makes it possible for unauthenticated attackers to extract potentially sensitive data including post titles and IDs of pending, private and draft posts. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-6557 |
CVE-2024-24864 | A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24864 |
CVE-2024-23196 | A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-23196 |
CVE-2024-22386 | A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-22386 |
CVE-2023-33851 | IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-33851 |
CVE-2024-0909 | The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.6.2. This is due to insufficient restrictions through the REST API on the posts/pages that protections are being place on. This makes it possible for unauthenticated attackers to access protected content. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0909 |
CVE-2024-1200 | A vulnerability was found in Jspxcms 10.2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /template/1/default/. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252698 is the identifier assigned to this vulnerability. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1200 |
CVE-2024-1189 | A vulnerability has been found in AMPPS 2.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Encryption Passphrase Handler. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-252679. NOTE: The vendor explains that AMPPS 4.0 is a complete overhaul and the code was re-written. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1189 |
CVE-2023-47148 | IBM Storage Protect Plus Server 10.1.0 through 10.1.15.2 Admin Console could allow a remote attacker to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. IBM X-Force ID: 270599. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-47148 |
CVE-2024-1047 | The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the register_reference() function in all versions up to, and including, 2.10.28. This makes it possible for unauthenticated attackers to update the connected API keys. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1047 |
CVE-2023-50934 | IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. IBM X-Force ID: 275114. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50934 |
CVE-2023-50328 | IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. IBM X-Force ID: 275110. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50328 |
CVE-2023-50327 | IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50327 |
CVE-2024-21866 | In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-21866 |
CVE-2024-23650 | BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-23650 |
CVE-2023-5390 | An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-5390 |
CVE-2024-24579 | stereoscope is a go library for processing container images and simulating a squash filesystem. Prior to version 0.0.1, it is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive temporary directory. Specifically, use of `github.com/anchore/stereoscope/pkg/file.UntarToDirectory()` function, the `github.com/anchore/stereoscope/pkg/image/oci.TarballImageProvider` struct, or the higher level `github.com/anchore/stereoscope/pkg/image.Image.Read()` function express this vulnerability. As a workaround, if you are using the OCI archive as input into stereoscope then you can switch to using an OCI layout by unarchiving the tar archive and provide the unarchived directory to stereoscope. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24579 |
CVE-2024-24566 | Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. When the application is password-protected (deployed with the `ACCESS_CODE` option), it is possible to access plugins without proper authorization (without password). This vulnerability is patched in 0.122.4. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24566 |
CVE-2023-47116 | Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the `SSRF_PROTECTION_ENABLED` environment variable can be bypassed to access internal web servers. This is because the current SSRF validation is done by executing a single DNS lookup to verify that the IP address is not in an excluded subnet range. This protection can be bypassed by either using HTTP redirection or performing a DNS rebinding attack. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-47116 |
CVE-2023-6780 | An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-6780 |
CVE-2024-20811 | Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer. | 5.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-20811 |
CVE-2023-28807 | In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name Indication (SNI) enables attackers to evade network security controls by hiding their communications within legitimate traffic. | 5.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-28807 |
CVE-2024-0690 | An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values. | 5 | https://nvd.nist.gov/vuln/detail/CVE-2024-0690 |
CVE-2024-24855 | A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | 5 | https://nvd.nist.gov/vuln/detail/CVE-2024-24855 |
CVE-2023-32967 | An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. QTS 5.x, QuTS hero are not affected. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651 and later QTS 4.5.4.2627 build 20231225 and later | 5 | https://nvd.nist.gov/vuln/detail/CVE-2023-32967 |
CVE-2024-22240 | Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information. | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-22240 |
CVE-2023-6953 | The PDF Generator For Fluent Forms – The Contact Form Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the header, PDF body and footer content parameters in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The exploitation level depends on who is granted the right to create forms by an administrator. This level can be as low as contributor, but by default is admin. | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-6953 |
CVE-2023-22819 | An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.5.1-104; ibi: before 9.5.1-104; My Cloud OS 5: before 5.27.161. | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-22819 |
CVE-2023-45028 | An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-45028 |
CVE-2023-45027 | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-45027 |
CVE-2023-45026 | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-45026 |
CVE-2023-41274 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-41274 |
CVE-2022-40744 | IBM Aspera Faspex 5.0.6 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236441. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-40744 |
CVE-2024-24753 | Bref enable serverless PHP on AWS Lambda. When Bref is used in combination with an API Gateway with the v2 format, it does not handle multiple values headers. If PHP generates a response with two headers having the same key but different values only the latest one is kept. If an application relies on multiple headers with the same key being set for security reasons, then Bref would lower the application security. For example, if an application sets multiple `Content-Security-Policy` headers, then Bref would just reflect the latest one. This vulnerability is patched in 2.1.13. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24753 |
CVE-2023-51695 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPEverest Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! allows Stored XSS.This issue affects Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease!: from n/a through 2.0.4.1. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-51695 |
CVE-2023-51691 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team Comments – wpDiscuz allows Stored XSS.This issue affects Comments – wpDiscuz: from n/a through 7.6.12. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-51691 |
CVE-2023-51685 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LJ Apps WP Review Slider allows Stored XSS.This issue affects WP Review Slider: from n/a through 12.7. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-51685 |
CVE-2023-51534 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brave Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content allows Stored XSS.This issue affects Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content: from n/a through 0.6.2. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-51534 |
CVE-2024-22153 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue affects Stock Locations for WooCommerce: from n/a through 2.5.9. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22153 |
CVE-2024-22161 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Harmonic Design HD Quiz allows Stored XSS.This issue affects HD Quiz: from n/a through 1.8.11. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22161 |
CVE-2024-22306 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hometory Mang Board WP allows Stored XSS.This issue affects Mang Board WP: from n/a through 1.7.7. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-22306 |
CVE-2024-1254 | A vulnerability, which was classified as critical, was found in Beijing Baichuo Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252993 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-1254 |
CVE-2024-1253 | A vulnerability, which was classified as critical, has been found in Beijing Baichuo Smart S40 Management Platform up to 20240126. Affected by this issue is some unknown functionality of the file /useratte/web.php of the component Import Handler. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252992. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-1253 |
CVE-2023-28049 | Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-28049 |
CVE-2024-24808 | pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validation of input values when redirecting users after login. pyLoad is validating URLs via the `get_redirect_url` function when redirecting users at login. This vulnerability has been patched with commit fe94451. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-24808 |
CVE-2024-23824 | mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the versions 2023-12a and prior and patched in version 2024-01. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-23824 |
CVE-2023-47567 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-47567 |
CVE-2024-0844 | The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Local File Inclusion in version 2.1.6 via the ycfChangeElementData() function. This makes it possible for authenticated attackers, with administrator-level access and above, to include and execute arbitrary files ending with "Form.php" on the server , allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-0844 |
CVE-2024-21863 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-21863 |
CVE-2024-0285 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-0285 |
CVE-2024-24937 | In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-24937 |
CVE-2024-20827 | Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-20827 |
CVE-2024-24860 | A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-24860 |
CVE-2024-24859 | A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-24859 |
CVE-2024-24858 | A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-24858 |
CVE-2024-24857 | A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-24857 |
CVE-2023-50357 | A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low-privileged attacker to gain escalated privileges of other non-admin users. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-50357 |
CVE-2024-0831 | Vault and Vault Enterprise (“Vault”) may expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`. | 4.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-0831 |
CVE-2024-20820 | Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows attacker to cause an Out-Of-Bounds read. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-20820 |
CVE-2024-0630 | The WP RSS Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the RSS feed source in all versions up to, and including, 4.23.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0630 |
CVE-2024-0612 | The Content Views – Post Grid, Slider, Accordion (Gutenberg Blocks and Shortcode) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0612 |
CVE-2024-0597 | The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 12.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0597 |
CVE-2024-1040 | Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-1040 |
CVE-2024-0935 | An insertion of Sensitive Information into Log File vulnerability is affecting DELMIA Apriso Release 2019 through Release 2024 | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-0935 |
CVE-2024-22241 | Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-22241 |
CVE-2024-24936 | In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24936 |
CVE-2024-1092 | The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the feedzy dashboard in all versions up to, and including, 4.4.1. This makes it possible for authenticated attackers, with contributor access or higher, to create, edit or delete feed categories created by them. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1092 |
CVE-2024-0859 | The Affiliates Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9.34. This is due to missing or incorrect nonce validation on the process_bulk_action function in ListAffiliatesTable.php. This makes it possible for unauthenticated attackers to delete affiliates via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0859 |
CVE-2024-0835 | The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissed_handler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber access or higher, to update arbitrary transients. Note, that these transients can only be updated to true and not arbitrary values. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0835 |
CVE-2024-0797 | The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible for subscribers and higher to execute functions intended for admin use. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0797 |
CVE-2024-0796 | The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.6.1. This is due to missing or incorrect nonce validation on several functions corresponding to AJAX actions. This makes it possible for unauthenticated attackers to invoke those functions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0796 |
CVE-2024-0791 | The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber access or higher, to create, delete or modify taxonomy terms. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0791 |
CVE-2024-0374 | The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.2. This is due to missing or incorrect nonce validation on the 'create_view' function. This makes it possible for unauthenticated attackers to create views via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0374 |
CVE-2024-0373 | The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.2. This is due to missing or incorrect nonce validation on the 'save_view' function. This makes it possible for unauthenticated attackers to modify arbitrary post titles via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0373 |
CVE-2024-0372 | The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_form_fields' function in all versions up to, and including, 3.2.2. This makes it possible for authenticated attackers, with subscriber access and above, to create form views. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0372 |
CVE-2024-0371 | The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'create_view' function in all versions up to, and including, 3.2.2. This makes it possible for authenticated attackers, with subscriber access and above, to create form views. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0371 |
CVE-2024-0370 | The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_view' function in all versions up to, and including, 3.2.2. This makes it possible for authenticated attackers, with subscriber access and above, to modify the titles of arbitrary posts. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0370 |
CVE-2024-0366 | The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences and potentially other user settings. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0366 |
CVE-2023-6983 | The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.1 via the vg_display_data shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve potentially sensitive post meta. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-6983 |
CVE-2023-6959 | The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the recaptcha_api_key_manage function in all versions up to, and including, 2.0.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to add, modify, or delete the 'Recaptcha Site Key' and 'Recaptcha Secret Key' settings. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-6959 |
CVE-2023-4637 | The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the restore() and get_restore_progress() function in versions up to, and including, 0.9.94. This makes it possible for unauthenticated attackers to invoke these functions and obtain full file paths if they have access to a back-up ID. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-4637 |
CVE-2024-1162 | The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10.29. This is due to missing or incorrect nonce validation on the register_reference() function. This makes it possible for unauthenticated attackers to update the connected API keys via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1162 |
CVE-2023-38020 | IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. IBM X-Force ID: 260576. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-38020 |
CVE-2023-50938 | IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 275128. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50938 |
CVE-2024-24755 | discourse-group-membership-ip-block is a discourse plugin that adds support for adding users to groups based on their IP address. discourse-group-membership-ip-block was sending all group custom fields to the client, including group custom fields from other plugins which may expect their custom fields to remain secret. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24755 |
CVE-2024-0836 | The WordPress Review & Structure Data Schema Plugin – Review Schema plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rtrs_review_edit() function in all versions up to, and including, 2.1.14. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify arbitrary reviews. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-0836 |
CVE-2023-45734 | in OpenHarmony v3.2.4 and prior versions allow an adjacent attacker arbitrary code execution through out-of-bounds write. | 4.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-45734 |
CVE-2024-23637 | OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an admin account might use this to lock out actual admins from their OctoPrint instance. The vulnerability will be patched in version 1.10.0. | 4.2 | https://nvd.nist.gov/vuln/detail/CVE-2024-23637 |
CVE-2023-34042 | The spring-security.xsd file inside the spring-security-config jar is world writable which means that if it were extracted it could be written by anyone with access to the file system. While there are no known exploits, this is an example of “CWE-732: Incorrect Permission Assignment for Critical Resource” and could result in an exploit. Users should update to the latest version of Spring Security to mitigate any future exploits found around this issue. | 4.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-34042 |
CVE-2024-20814 | Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows attacker access unauthorized information. | 4 | https://nvd.nist.gov/vuln/detail/CVE-2024-20814 |
CVE-2023-45035 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later | 3.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45035 |
CVE-2024-1075 | The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. This is due to the plugin improperly validating the request path. This makes it possible for unauthenticated attackers to bypass maintenance mode and view pages that should be hidden. | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-1075 |
CVE-2024-24559 | Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the `IR` for `sha3_64`. Concretely, the `height` variable is miscalculated. The vulnerability can't be triggered without writing the `IR` by hand (that is, it cannot be triggered from regular vyper code). `sha3_64` is used for retrieval in mappings. No flow that would cache the `key` was found so the issue shouldn't be possible to trigger when compiling the compiler-generated `IR`. This issue isn't triggered during normal compilation of vyper code so the impact is low. At the time of publication there is no patch available. | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-24559 |
CVE-2015-10129 | A vulnerability was found in planet-freo up to 20150116 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/inc/auth.inc.php. The manipulation of the argument auth leads to incorrect comparison. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The name of the patch is 6ad38c58a45642eb8c7844e2f272ef199f59550d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-252716. | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2015-10129 |
CVE-2024-24560 | Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 (overlapping with the input buffer). When checking RETURNDATASIZE for dynamic types, the size is compared only to the minimum allowed size for that type, and not to the returned value's length. As a result, malformed return data can cause the contract to mistake data from the input buffer for returndata. When the called contract returns invalid ABIv2 encoded data, the calling contract can read different invalid data (from the dirty buffer) than the called contract returned. | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-24560 |
CVE-2024-24754 | Bref enable serverless PHP on AWS Lambda. When Bref is used with the Event-Driven Function runtime and the handler is a `RequestHandlerInterface`, then the Lambda event is converted to a PSR7 object. During the conversion process, if the request is a MultiPart, each part is parsed and its content added in the `$files` or `$parsedBody` arrays. The conversion process produces a different output compared to the one of plain PHP when keys ending with and open square bracket ([) are used. Based on the application logic the difference in the body parsing might lead to vulnerabilities and/or undefined behaviors. This vulnerability is patched in 2.1.13. | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-24754 |
CVE-2024-0325 | In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by Bryan Riggins. | 3.6 | https://nvd.nist.gov/vuln/detail/CVE-2024-0325 |
CVE-2024-1257 | A vulnerability was found in Jspxcms 10.2.0. It has been classified as problematic. Affected is an unknown function of the file /ext/collect/find_text.do. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252996. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1257 |
CVE-2024-1256 | A vulnerability was found in Jspxcms 10.2.0 and classified as problematic. This issue affects some unknown processing of the file /ext/collect/filter_text.do. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252995. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1256 |
CVE-2024-1215 | A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file fetch_data.php. The manipulation of the argument username/city leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252782 is the identifier assigned to this vulnerability. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2024-1215 |
CVE-2024-1048 | A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1048 |
CVE-2024-24939 | In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24939 |
CVE-2024-20810 | Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows attackers to get sensitive information. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-20810 |
CVE-2024-24861 | A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-24861 |
CVE-2024-1194 | A vulnerability classified as problematic has been found in Armcode AlienIP 2.41. Affected is an unknown function of the component Locate Host Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252684. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1194 |
CVE-2024-1193 | A vulnerability was found in Navicat 12.0.29. It has been rated as problematic. This issue affects some unknown processing of the component MySQL Conecction Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252683. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1193 |
CVE-2024-1190 | A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Host/Username/Password leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252680. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1190 |
CVE-2024-1188 | A vulnerability, which was classified as problematic, was found in Rizone Soft Notepad3 1.0.2.350. Affected is an unknown function of the component Encryption Passphrase Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-252678 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1188 |
CVE-2024-1187 | A vulnerability, which was classified as problematic, has been found in Munsoft Easy Outlook Express Recovery 2.0. This issue affects some unknown processing of the component Registration Key Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-252677 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1187 |
CVE-2024-1186 | A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1186 |
CVE-2024-1185 | A vulnerability classified as problematic has been found in Nsasoft NBMonitor Network Bandwidth Monitor 1.6.5.0. This affects an unknown part of the component Registration Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252675. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1185 |
CVE-2024-1184 | A vulnerability was found in Nsasoft Network Sleuth 3.0.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Registration Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-252674 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-1184 |
CVE-2023-7043 | Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\\NetworkService permissions. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7043 |
CVE-2024-22236 | In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in the org.springframework.cloud:spring-cloud-contract-shade dependency. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2024-22236 |
CVE-2024-1258 | A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file api/config/params.php of the component API. The manipulation of the argument JWT_KEY_ADMIN leads to use of hard-coded cryptographic key\r . The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-252997 was assigned to this vulnerability. | 3.1 | https://nvd.nist.gov/vuln/detail/CVE-2024-1258 |
CVE-2024-23553 | A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform exists due to missing a specific http header attribute. | 3 | https://nvd.nist.gov/vuln/detail/CVE-2024-23553 |
CVE-2024-21851 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow. | 2.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-21851 |
CVE-2024-21845 | in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow. | 2.9 | https://nvd.nist.gov/vuln/detail/CVE-2024-21845 |
CVE-2023-49118 | in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read. | 2.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-49118 |
CVE-2024-24940 | In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives | 2.8 | https://nvd.nist.gov/vuln/detail/CVE-2024-24940 |
CVE-2024-24807 | Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones affected. The problem is patched with version(s) 2.4.16 and 2.5.12. | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2024-24807 |
CVE-2023-46159 | IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW. IBM X-Force ID: 268906. | 2.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-46159 |
CVE-2024-20828 | Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication. | 2.4 | https://nvd.nist.gov/vuln/detail/CVE-2024-20828 |
CVE-2024-24255 | A Race Condition discovered in geofence.cpp and mission_feasibility_checker.cpp in PX4 Autopilot 1.14 and earlier allows attackers to send drones on unintended missions. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24255 |
CVE-2024-24680 | An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24680 |
CVE-2024-24254 | PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condition vulnerability in the geofence.cpp and mission_feasibility_checker.cpp. This will result in the drone uploading overlapping geofences and mission routes. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24254 |
CVE-2024-22520 | An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones via transmission of crafted data packets. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22520 |
CVE-2024-22519 | An issue discovered in OpenDroneID OSM 3.5.1 allows attackers to impersonate other drones via transmission of crafted data packets. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22519 |
CVE-2024-22515 | Unrestricted File Upload vulnerability in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to upload arbitrary files via the upload audio component. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22515 |
CVE-2024-22514 | An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22514 |
CVE-2024-24291 | An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24291 |
CVE-2024-24015 | A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL via /sys/user/exit | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24015 |
CVE-2024-24013 | A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /novel/pay/list | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24013 |
CVE-2024-24000 | jshERP v3.3 is vulnerable to Arbitrary File Upload. The jshERP-boot/systemConfig/upload interface does not check the uploaded file type, and the biz parameter can be spliced into the upload path, resulting in arbitrary file uploads with controllable paths. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24000 |
CVE-2023-5584 | Rejected reason: We have rejected this CVE as it was determined a non-security issue by the vendor. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5584 |
CVE-2024-25140 | A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing (1.3.6.1.5.5.7.3.3), valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of security measures for the private key, and arbitrary software could be signed if the private key were to be compromised. NOTE: the vendor's position is "we do not have EV cert, so we use test cert as a workaround." Insertion into Trusted Root Certification Authorities was the originally intended behavior, and the UI ensured that the certificate installation step (checked by default) was visible to the user before proceeding with the product installation. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-25140 |
CVE-2024-22365 | linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22365 |
CVE-2023-52239 | The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-52239 |
CVE-2024-23304 | Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain operations. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-23304 |
CVE-2024-22853 | D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22853 |
CVE-2024-22852 | D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to enable telnet service via a specially crafted payload. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22852 |
CVE-2024-24112 | xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24112 |
CVE-2024-22773 | Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password in Cookie resulting in Login Bypass. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22773 |
CVE-2023-47889 | The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes several critical actions through its exported broadcast receivers. These exposed actions can allow any app on the device to send unauthorized broadcasts, leading to unintended consequences. The vulnerability is particularly concerning because these actions include powering off, system reboot & entering recovery mode. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47889 |
CVE-2023-47353 | An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows attackers to force the download of arbitrary files. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47353 |
CVE-2023-47022 | An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the payload parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47022 |
CVE-2023-46360 | Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier is vulnerable to Execution with Unnecessary Privileges. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-46360 |
CVE-2023-46359 | An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-46359 |
CVE-2024-24398 | Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24398 |
CVE-2023-47354 | An issue in the PowerOffWidgetReceiver function of Super Reboot (Root) Recovery v1.0.3 allows attackers to arbitrarily reset or power off the device via a crafted intent | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47354 |
CVE-2024-23049 | An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via the log4j component. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-23049 |
CVE-2024-0964 | A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-0964 |
CVE-2024-24543 | Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24543 |
CVE-2023-51951 | SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbitrary code via the id parameter in the manage_bo.php file. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51951 |
CVE-2024-22567 | File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22567 |
CVE-2024-24396 | Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24396 |
CVE-2024-24267 | gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24267 |
CVE-2024-24266 | gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at /src/filters/dasher.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24266 |
CVE-2024-24265 | gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the gf_filter_pid_merge_properties_internal function. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24265 |
CVE-2024-24263 | Lotos WebServer v0.1.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the response_append_status_line function at /lotos/src/response.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24263 |
CVE-2024-24262 | media-server v1.0.0 was discovered to contain a Use-After-Free (UAF) vulnerability via the sip_uac_stop_timer function at /uac/sip-uac-transaction.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24262 |
CVE-2024-24260 | media-server v1.0.0 was discovered to contain a Use-After-Free (UAF) vulnerability via the sip_subscribe_remove function at /uac/sip-uac-subscribe.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24260 |
CVE-2024-24259 | mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24259 |
CVE-2024-24258 | mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24258 |
CVE-2024-0953 | When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-0953 |
CVE-2024-24469 | Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the delete_post .php. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24469 |
CVE-2024-24468 | Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_customblock.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24468 |
CVE-2024-24397 | Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24397 |
CVE-2024-23054 | An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index (npm). | – | https://nvd.nist.gov/vuln/detail/CVE-2024-23054 |
CVE-2023-47355 | The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quick Reboot) application 1.0.8 for Android has exposed broadcast receivers for PowerOff, Reboot, and Recovery (e.g., com.eypcnnapps.quickreboot.widget.PowerOff) that are susceptible to unauthorized broadcasts because of missing input validation. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47355 |
CVE-2023-5643 | Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system’s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r45p0; Valhall GPU Kernel Driver: from r41p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r45p0. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5643 |
CVE-2023-5249 | Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper memory processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Bifrost GPU Kernel Driver: from r35p0 through r40p0; Valhall GPU Kernel Driver: from r35p0 through r40p0. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5249 |
CVE-2021-4436 | The 3DPrint Lite WordPress plugin before 1.9.1.5 does not have any authorisation and does not check the uploaded file in its p3dlite_handle_upload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing the file to be accessed on Web servers such as Apache. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-4436 |
CVE-2024-22667 | Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22667 |
CVE-2023-7077 | Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8) allows an attacker execute remote code by sending unintended parameters in http request. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-7077 |
CVE-2024-20016 | In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID: ALPS07835901. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20016 |
CVE-2024-20015 | In telephony, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441419; Issue ID: ALPS08441419. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20015 |
CVE-2024-20013 | In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20013 |
CVE-2024-20012 | In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20012 |
CVE-2024-20011 | In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20011 |
CVE-2024-20010 | In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20010 |
CVE-2024-20009 | In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20009 |
CVE-2024-20007 | In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20007 |
CVE-2024-20006 | In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20006 |
CVE-2024-20004 | In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01195812 (MSV-985). | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20004 |
CVE-2024-20003 | In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01191612 (MSV-981). | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20003 |
CVE-2024-20002 | In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20002 |
CVE-2024-20001 | In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-20001 |
CVE-2023-47170 | Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2023. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47170 |
CVE-2024-25089 | Malwarebytes Binisoft Windows Firewall Control before 6.9.9.2 allows remote attackers to execute arbitrary code via gRPC named pipes. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-25089 |
CVE-2021-46903 | An issue was discovered in LTOS-Web-Interface in Meinberg LANTIME-Firmware before 6.24.029 MBGID-9343 and 7 before 7.04.008 MBGID-6303. An admin can delete required user accounts (in violation of expected access control). | – | https://nvd.nist.gov/vuln/detail/CVE-2021-46903 |
CVE-2021-46902 | An issue was discovered in LTOS-Web-Interface in Meinberg LANTIME-Firmware before 6.24.029 MBGID-9343 and 7 before 7.04.008 MBGID-6303. Path validation is mishandled, and thus an admin can read or delete files in violation of expected access controls. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-46902 |
CVE-2023-52426 | libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-52426 |
CVE-2023-52425 | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-52425 |
CVE-2020-36773 | Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature). | – | https://nvd.nist.gov/vuln/detail/CVE-2020-36773 |
CVE-2024-25062 | An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-25062 |
CVE-2024-0853 | curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. A subsequent transfer to the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-0853 |
CVE-2023-49950 | The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting (XSS) payload and send it to any system or device that sends logs to the SIEM. If an alert is created, the payload will execute upon the alert data being viewed with that template, which can lead to sensitive data disclosure. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49950 |
CVE-2023-44031 | Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows attackers to arbitrarily save sensitive files in insecure locations via a crafted POST request. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-44031 |
CVE-2023-43183 | Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password of an admin and hijack their account. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-43183 |
CVE-2024-22108 | An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method setTermsHashAction at /opt/webapp/lib/PureApi/CCApi.class.php is vulnerable to an unauthenticated SQL injection via /ccapi.php that an attacker can abuse in order to change the Administrator password to a known value. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22108 |
CVE-2024-22107 | An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerable to command injection via the /old/react/v1/api/system/dns/data endpoint. An authenticated attacker can abuse it to inject an arbitrary command and compromise the platform. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22107 |
CVE-2023-51838 | Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51838 |
CVE-2024-24388 | Cross-site scripting (XSS) vulnerability in XunRuiCMS versions v4.6.2 and before, allows remote attackers to obtain sensitive information via crafted malicious requests to the background login. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24388 |
CVE-2023-51820 | An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows a physically proximate attackers to execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51820 |
CVE-2023-51072 | A stored cross-site scripting (XSS) vulnerability in the NOC component of Nagios XI version up to and including 2024R1 allows low-privileged users to execute malicious HTML or JavaScript code via the audio file upload functionality from the Operation Center section. This allows any authenticated user to execute arbitrary JavaScript code on behalf of other users, including the administrators. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51072 |
CVE-2023-50488 | An issue in Blurams Lumi Security Camera (A31C) v23.0406.435.4120 allows attackers to execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50488 |
CVE-2023-39611 | An issue in Software FX Chart FX 7 version 7.0.4962.20829 allows attackers to enumerate and read files from the local filesystem by sending crafted web requests. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-39611 |
CVE-2024-22851 | Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22851 |
CVE-2023-48645 | An issue was discovered in the Archibus app 4.0.3 for iOS. It uses a local database that is synchronized with a Web central server instance every time the application is opened, or when the refresh button is used. There is a SQL injection in the search work request feature in the Maintenance module of the app. This allows performing queries on the local database. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48645 |
CVE-2024-24524 | Cross Site Request Forgery (CSRF) vulnerability in flusity-CMS v.2.33, allows remote attackers to execute arbitrary code via the add_menu.php component. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24524 |
CVE-2024-23978 | Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-23978 |
CVE-2024-21780 | Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in a denial of service (DoS) condition. Note that the affected products are no longer supported. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-21780 |
CVE-2023-46045 | Graphviz 2.36 before 10.0.0 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-46045 |
CVE-2024-24482 | Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24482 |
CVE-2024-22533 | Before Beetl v3.15.12, the rendering template has a server-side template injection (SSTI) vulnerability. When the incoming template is controllable, it will be filtered by the DefaultNativeSecurityManager blacklist. Because blacklist filtering is not strict, the blacklist can be bypassed, leading to arbitrary code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22533 |
CVE-2024-23746 | Miro Desktop 0.8.18 on macOS allows Electron code injection. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-23746 |
CVE-2024-22903 | Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22903 |
CVE-2024-22902 | Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22902 |
CVE-2024-22901 | Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22901 |
CVE-2024-22900 | Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the setNetworkCardInfo function. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22900 |
CVE-2024-22899 | Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-22899 |
CVE-2023-48793 | Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48793 |
CVE-2023-48792 | Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48792 |
CVE-2023-46344 | A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_smartenergy_swgroups in the web portal. The vulnerability can be exploited to gain the rights of an installer or PM, which can then be used to gain administrative access to the web portal and execute further attacks. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-46344 |
CVE-2023-4472 | Objectplanet Opinio version 7.22 and prior uses a cryptographically weak pseudo-random number generator (PRNG) coupled to a predictable seed, which could lead to an unauthenticated account takeover of any user on the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-4472 |
CVE-2023-47257 | ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47257 |
CVE-2023-47256 | ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47256 |
CVE-2024-24945 | A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24945 |
CVE-2024-24041 | A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24041 |
CVE-2023-5841 | Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5841 |
CVE-2024-0704 | Rejected reason: very low impact - impractical to correct | – | https://nvd.nist.gov/vuln/detail/CVE-2024-0704 |
CVE-2023-37621 | An issue in Fronius Datalogger Web v.2.0.5-4, allows remote attackers to obtain sensitive information via a crafted request. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-37621 |
CVE-2024-24548 | Payment EX Ver1.1.5b and earlier allows a remote unauthenticated attacker to obtain the information of the user who purchases merchandise using Payment EX. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-24548 |
CVE-2023-51939 | An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51939 |
CVE-2022-47072 | SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box.. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-47072 |
CVE-2024-1087 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2024-1085. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-1087 |
CVE-2024-23775 | Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension(). | – | https://nvd.nist.gov/vuln/detail/CVE-2024-23775 |
CVE-2024-23170 | An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. | – | https://nvd.nist.gov/vuln/detail/CVE-2024-23170 |
CVE-2023-3934 | Rejected reason: Please discard this CVE, we are not using this anymore. The vulnerability turned out to be a non-security issue | – | https://nvd.nist.gov/vuln/detail/CVE-2023-3934 |