| CVE-2023-31279 -- The AirVantage platform is vulnerable to an unauthorized attacker registering previously unregistered
|
| CVE-2023-31280 -- An AirVantage online Warranty Checker tool vulnerability could allow an attacker to
|
| CVE-2024-11349 -- The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the sb_login_user_with_otp_fun() f |
| CVE-2024-12846 -- A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1. Affected by this issue is some unknown functionality of the file /admin/link.php. The manipulation of the argument siteurl/icon leads to cross site scripting. T |
| CVE-2020-13712 -- A command injection is possible through the user interface, allowing arbitrary command execution as
|
| CVE-2020-9250 -- There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the servic |
| CVE-2021-40959 -- A reflected cross-site scripting vulnerability in MONITORAPP Application Insight Web Application Firewall (AIWAF) <= 4.1.6 and <=5.0 was identified on the subpage `/process_management/process_status.xhr.php`. This vulnerability allows an attacker to injec |
| CVE-2022-32144 -- There is an insufficient input verification vulnerability in Huawei product. Successful exploitation of this vulnerability may lead to service abnormal. (Vulnerability ID: HWPSIRT-2022-76192)
|
| CVE-2022-32203 -- There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773)
|
| CVE-2022-32204 -- There is an improper input verification vulnerability in Huawei printer product. Successful exploitation of this vulnerability may cause service abnormal. (Vulnerability ID: HWPSIRT-2022-87185)
|
| CVE-2022-34159 -- Huawei printers have an input verification vulnerability. Successful exploitation of this vulnerability may cause device service exceptions. (Vulnerability ID: HWPSIRT-2022-80078)
|
| CVE-2023-42867 -- This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app may be able to gain root privileges. |
| CVE-2024-10385 -- Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS (Cross-site Scripting), which allows a low-privileged user to inject and store malicious JavaScript code.
|
| CVE-2024-10706 -- The Download Manager WordPress plugin before 3.3.03 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallow |
| CVE-2024-11108 -- The Serious Slider WordPress plugin before 1.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform |
| CVE-2024-11297 -- The Page Restriction WordPress (WP) – Protect WP Pages/Post plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.6 via the WordPress core search feature. This makes it possible for unauthenticated |
| CVE-2024-11331 -- The ??????? ??????? ??????? ???? ???? plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.1.3. This makes i |
| CVE-2024-11411 -- The Spotlightr plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spotlightr-v' shortcode in all versions up to, and including, 0.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. |
| CVE-2024-11774 -- The Outdooractive Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'list2go' shortcode in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping on user supplied attributes |
| CVE-2024-11775 -- The Particle Background plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'particleground' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping on user supplied a |
| CVE-2024-11776 -- The PCRecruiter Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'PCRecruiter' shortcode in all versions up to, and including, 1.4.10 due to insufficient input sanitization and output escaping on user supplied |
| CVE-2024-11783 -- The Financial Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'finance_calculator' shortcode in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user suppl |
| CVE-2024-11784 -- The Sell Tickets Online – TicketSource Ticket Shop for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ticketshop' shortcode in all versions up to, and including, 3.0.2 due to insufficient input sanitization a |
| CVE-2024-11806 -- The PKT1 Centro de envios plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'success' and 'error' parameters in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it p |
| CVE-2024-11811 -- The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'platform', 'phone', 'email', and 'store_url' parameters. in all versions up to, and including, 2.4.2 due to insufficient input sanitization |
| CVE-2024-11812 -- The Wtyczka SeoPilot dla WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.091. This is due to missing or incorrect nonce validation on the SeoPilot_Admin_Options() function. This makes it possib |
| CVE-2024-11878 -- The Category Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'category-post-slider' shortcode in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping on user suppl |
| CVE-2024-11893 -- The Spoki – Chat Buttons and WooCommerce Notifications plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spoki_button' shortcode in all versions up to, and including, 2.15.14 due to insufficient input sanitization and out |
| CVE-2024-12014 -- Path Traversal and Insecure Direct Object Reference (IDOR) vulnerabilities in the eSignaViewer component in eSigna product versions 1.0 to 1.5 on all platforms allow an unauthenticated attacker to access arbitrary files in the document system via manipula |
| CVE-2024-12506 -- The NACC WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'nacc' shortcode in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attribute |
| CVE-2024-12509 -- The Embed Twine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'embed_twine' shortcode in all versions up to, and including, 0.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. |
| CVE-2024-12571 -- The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is vulnerable to Local File Inclusion in version 3.98.9 via the 'sl_engine' parameter. This makes it possible for unauthenticated attackers to include and execute arbitr |
| CVE-2024-12677 -- Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute arbitrary code. |
| CVE-2024-12678 -- Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. This vulnerability, identified as CVE-2024-12678, is fixed in Nomad Community Edition 1.9.4 a |
| CVE-2024-12829 -- Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is required to exploit this vuln |
| CVE-2024-12830 -- Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is not required to exploit this |
| CVE-2024-12831 -- Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. An attacker must first obtain the ability to execute |
| CVE-2024-12832 -- Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files and disclose sensitive information on affected installations of Arista NG Firewall. Authenticati |
| CVE-2024-12840 -- A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with the http_proxies variable set to localhost, the attacker can fetch the localhost banner.
|
| CVE-2024-12841 -- A vulnerability was found in Emlog Pro up to 2.4.1. It has been classified as problematic. This affects an unknown part of the file /admin/tag.php. The manipulation of the argument keyword leads to cross site scripting. It is possible to initiate the atta |
| CVE-2024-12842 -- A vulnerability was found in Emlog Pro up to 2.4.1. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/user.php. The manipulation of the argument keyword leads to cross site scripting. The attack can be initiat |
| CVE-2024-12843 -- A vulnerability was found in Emlog Pro up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the file /admin/plugin.php. The manipulation of the argument filter leads to cross site scripting. The attack may be initia |
| CVE-2024-12844 -- A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.1. Affected is an unknown function of the file /admin/store.php. The manipulation of the argument tag leads to cross site scripting. It is possible to launch the attack remote |
| CVE-2024-12845 -- A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1. Affected by this vulnerability is an unknown functionality in the library /include/lib/common.php. The manipulation of the argument msg leads to cross site scripting. The attack |
| CVE-2024-12867 -- Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to exfiltrate and modify configurations and data. |
| CVE-2024-21549 -- Versions of the package spatie/browsershot before 5.0.3 are vulnerable to Improper Input Validation due to improper URL validation through the setUrl method. An attacker can exploit this vulnerability by utilizing view-source:file://, which allows for arb |
| CVE-2024-28767 -- IBM Security Directory Integrator 7.2.0 through 7.2.0.13 and 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. |
| CVE-2024-37758 -- Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows authenticated attackers to escalate privileges. |
| CVE-2024-40875 -- There is a cross-site scripting vulnerability in the
|
| CVE-2024-44195 -- A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to read arbitrary files. |
| CVE-2024-44211 -- This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data. |
| CVE-2024-44223 -- This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access to a Mac may be able to view protected content from the Login Window. |
| CVE-2024-44231 -- This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. A person with physical access to a Mac may be able to bypass Login Window during a software update. |
| CVE-2024-44292 -- A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data. |
| CVE-2024-44293 -- A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. A user may be able to view sensitive user information. |
| CVE-2024-44298 -- A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be able to access information about a user's contacts. |
| CVE-2024-51466 -- IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and
|
| CVE-2024-54538 -- A denial-of-service issue was addressed with improved input validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, tvOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, macOS Ventura 13.7.1. A remote attacker may |
| CVE-2024-55186 -- An IDOR (Insecure Direct Object Reference) vulnerability exists in oqtane Framework 6.0.0, allowing a logged-in user to access inbox messages of other users by manipulating the notification ID in the request URL. By changing the notification ID, an attack |
| CVE-2024-55341 -- A stored cross-site scripting (XSS) vulnerability in Piranha CMS 11.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by creating a page via the /manager/pages and then adding a markdown content with the XSS payload. |
| CVE-2024-55342 -- A file upload functionality in Piranha CMS 11.1 allows authenticated remote attackers to upload a crafted PDF file to /manager/media. This PDF can contain malicious JavaScript code, which is executed when a victim user opens or interacts with the PDF in t |
| CVE-2024-55470 -- Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack o |
| CVE-2024-55471 -- Oqtane Framework is vulnerable to Insecure Direct Object Reference (IDOR) in Oqtane.Controllers.UserController. This allows unauthorized users to access sensitive information of other users by manipulating the id parameter. |
| CVE-2024-55509 -- SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the delete.php component. |
| CVE-2024-56329 -- Socialstream is a third-party package for Laravel Jetstream. It replaces the published authentication and profile scaffolding provided by Laravel Jetstream, with scaffolding that has support for Laravel Socialite. When linking a social account to an alrea |
| CVE-2024-56330 -- Stardust is a platform for streaming isolated desktop containers. With this exploit, inter container communication (ICC) is not disabled. This would allow users within a container to access another containers agent, therefore compromising access.The probl |
| CVE-2024-56331 -- Uptime Kuma is an open source, self-hosted monitoring tool. An **Improper URL Handling Vulnerability** allows an attacker to access sensitive local files on the server by exploiting the `file:///` protocol. This vulnerability is triggered via the **"real- |
| CVE-2024-56333 -- Onyxia is a web app that aims at being the glue between multiple open source backend technologies to provide a state of art working environment for data scientists. This critical vulnerability allows authenticated users to remotely execute code within the |
| CVE-2024-56334 -- systeminformation is a System and OS information library for node.js. In affected versions SSIDs are not sanitized when before they are passed as a parameter to cmd.exe in the `getWindowsIEEE8021x` function. This means that malicious content in the SSID c |
| CVE-2024-56335 -- vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. In affected versions an attacker is capable of updating or deleting groups from an organization given a few conditions: 1. The attacker has a user ac |
| CVE-2024-56337 -- Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat.
|
| CVE-2024-56348 -- In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents |
| CVE-2024-56349 -- In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs |
| CVE-2024-56350 -- In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects |
| CVE-2024-56351 -- In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles |
| CVE-2024-56352 -- In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page |
| CVE-2024-56353 -- In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies |
| CVE-2024-56354 -- In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission |
| CVE-2024-56355 -- In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS |
| CVE-2024-56356 -- In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack |
| CVE-2024-56357 -- grist-core is a spreadsheet hosting server. A user visiting a malicious document or submitting a malicious form could have their account compromised, because it was possible to use the `javascript:` scheme with custom widget URLs and form redirect URLs. T |
| CVE-2024-56358 -- grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could have their account compromised, because JavaScript in an SVG file would be evaluated in the context of their current page. This issue has b |
| CVE-2024-56359 -- grist-core is a spreadsheet hosting server. A user visiting a malicious document and clicking on a link in a HyperLink cell using a control modifier (meaning for example Ctrl+click) could have their account compromised, since the link could use the javasc |
| CVE-2024-5955 -- Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orc |
| CVE-2024-7726 -- There exists an unauthenticated accessible JTAG port on the Kioxia PM6, PM7 and CM6 devices - On the Kioxia CM6, PM6 and PM7 disk drives it was discovered that the 2 main CPU cores of the SoC can be accessed via an open JTAG debug port that is exposed on |
| CVE-2024-8968 -- The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capab |
| CVE-2024-9503 -- The Maintenance & Coming Soon Redirect Animation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wploti_add_whitelisted_roles_option', 'wploti_remove_whitelisted_roles_option', 'wploti_add |
| CVE-2024-9619 -- The WP SHAPES plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers |
| CVE-2020-12819 -- A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by send |
| CVE-2020-12820 -- Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon (fcnacd) and potentially execute arbi |
| CVE-2020-15934 -- An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by creating a malicious script or program on the target ma |
| CVE-2020-6923 -- The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer overflow.
|
| CVE-2021-20553 -- IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr |
| CVE-2021-22501 -- Improper Restriction of XML External Entity Reference vulnerability in OpenText™ Operations Bridge Manager allows Input Data Manipulation.
|
| CVE-2021-26093 -- An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command. |
| CVE-2021-26102 -- A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configur |
| CVE-2021-26115 -- An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS comma |
| CVE-2021-29827 -- IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions |
| CVE-2021-32589 -- A Use After Free (CWE-416) vulnerability in FortiManager version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.2.10 and below, version 5.0.12 and below and F |
| CVE-2021-39081 -- IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
|
| CVE-2021-39081 -- IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. |
| CVE-2022-27595 -- An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands.
|
| CVE-2022-27600 -- An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack.
|
| CVE-2022-33954 -- IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected credentials. |
| CVE-2022-44513 -- Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploita |
| CVE-2022-44517 -- Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo |
| CVE-2022-44519 -- Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability |
| CVE-2022-44520 -- Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o |
| CVE-2023-21586 -- Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an appli |
| CVE-2023-23354 -- A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. |
| CVE-2023-23356 -- A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands.
|
| CVE-2023-23357 -- A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read applicat |
| CVE-2023-30443 -- IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. |
| CVE-2023-4617 -- Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values.
|
| CVE-2023-7005 -- A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol used for communication, and can be utilized to compromise the lock, such as through revealing the unlockKey field. |
| CVE-2024-10244 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ISDO Software Web Software allows SQL Injection.This issue affects Web Software: before 3.6. |
| CVE-2024-10548 -- The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.15 via the Project Task List ('/wp-json/pm/v2/projects/1/task-lists') REST API endpoint. This makes it possible for authe |
| CVE-2024-11364 -- Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. If exploited, a threat ac |
| CVE-2024-11616 -- Netskope was made aware of a security vulnerability in Netskope Endpoint DLP’s Content Control Driver where a double-fetch issue leads to heap overflow. The vulnerability arises from the fact that the NumberOfBytes argument to ExAllocatePoolWithTag, and t |
| CVE-2024-11740 -- The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.03. This is due to the software allowing users to execute an action that does not properly validate a value before runni |
| CVE-2024-11768 -- The Download Manager plugin for WordPress is vulnerable to unauthorized download of password-protected content due to improper password validation on the checkFilePassword function in all versions up to, and including, 3.3.03. This makes it possible for u |
| CVE-2024-11984 -- A unrestricted upload of file with dangerous type vulnerability in epaper draft function in Corporate Training Management System before 10.13 allows remote authenticated users to bypass file upload restrictions and perform arbitrary system commands with S |
| CVE-2024-12111 -- In a specific scenario a LDAP user can abuse the authentication process in OpenText Privileged Access Manager that allows authentication bypass. This issue affects Privileged Access Manager version 23.3(4.4); 24.3(4.5)
|
| CVE-2024-12121 -- The Broken Link Checker | Finder plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the 'moblc_check_link' function. This makes it possible for authenticated attackers, with Author-level |
| CVE-2024-12175 -- Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. If exploited, a threat actor could leverage |
| CVE-2024-12331 -- The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_install_plugin' function in all versions up to, and including, 1.8.6. This makes it possible for authent |
| CVE-2024-12560 -- The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via the 'btn_block_duplicate_post' function. This makes it possible for a |
| CVE-2024-12569 -- Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack allows an attacker to read camera credentials stored in the Recording Server under specific conditions.
|
| CVE-2024-12626 -- The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘a-0-o-search_field_value’ parameter in all versions up to, and including, |
| CVE-2024-12672 -- A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code |
| CVE-2024-12700 -- There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged) to upload an jsp shell and execute code with the privileges of user running the web server. |
| CVE-2024-12727 -- A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows access to the reporting database and can lead to remote code execution if a specific configuration of Secure PDF eXchang |
| CVE-2024-12728 -- A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3 (20.0.3). |
| CVE-2024-12729 -- A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1). |
| CVE-2024-12782 -- A vulnerability has been found in Fujifilm Apeos C3070, Apeos C5570 and Apeos C6580 up to 24.8.28 and classified as critical. This vulnerability affects unknown code of the file /home/index.html#hashHome of the component Web Interface. The manipulation le |
| CVE-2024-12783 -- A vulnerability was found in itsourcecode Vehicle Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /billaction.php. The manipulation of the argument extra-cost leads to cross site scripting. The a |
| CVE-2024-12784 -- A vulnerability was found in itsourcecode Vehicle Management System 1.0. It has been classified as critical. Affected is an unknown function of the file editbill.php. The manipulation of the argument id leads to sql injection. It is possible to launch the |
| CVE-2024-12785 -- A vulnerability was found in itsourcecode Vehicle Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file sendmail.php. The manipulation of the argument id leads to sql injection. The |
| CVE-2024-12786 -- A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Downloader.helper of the component XPC Service. The manipul |
| CVE-2024-12787 -- A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/check_student_login.php. The manipulation of the argument |
| CVE-2024-12788 -- A vulnerability was found in Codezips Technical Discussion Forum 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file signinpost.php. The manipulation of the argument username leads to sql injection. The attack |
| CVE-2024-12789 -- A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initi |
| CVE-2024-12790 -- A vulnerability was found in code-projects Hostel Management Site 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file room-details.php. The manipulation leads to cross site scripting. The attack can be initiated r |
| CVE-2024-12791 -- A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotel |
| CVE-2024-12792 -- A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launche |
| CVE-2024-12793 -- A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path tra |
| CVE-2024-12794 -- A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to |
| CVE-2024-12798 -- ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core
|
| CVE-2024-12801 -- Server-Side Request Forgery (SSRF) in SaxEventRecorder by QOS.CH logback version 1.5.12 on the Java platform, allows an attacker to
|
| CVE-2024-2201 -- A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.
|
| CVE-2024-25131 -- A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to |
| CVE-2024-35141 -- IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges.
|
| CVE-2024-35141 -- IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges. |
| CVE-2024-37962 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agency Dominion Fusion allows Stored XSS.This issue affects Fusion: from n/a through 1.6.1. |
| CVE-2024-38819 -- Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to t |
| CVE-2024-38864 -- Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2.0p38 and <= 2.1.0p49 (EOL) allows a local attacker to read sensitive data. |
| CVE-2024-4229 -- Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resul |
| CVE-2024-4230 -- External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious cod |
| CVE-2024-45818 -- The hypervisor contains code to accelerate VGA memory accesses for HVM
|
| CVE-2024-45819 -- PVH guests have their ACPI tables constructed by the toolstack. The
|
| CVE-2024-47093 -- Improper neutralization of input in Nagvis before version 1.9.42 which can lead to XSS |
| CVE-2024-49336 -- IBM Security Guardium 11.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. |
| CVE-2024-49765 -- Discourse is an open source platform for community discussion. Sites that are using discourse connect but still have local logins enabled could allow attackers to bypass discourse connect to create accounts and login. This problem is patched in the latest |
| CVE-2024-51471 -- IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being written into memory outside of the intended buffer size. |
| CVE-2024-51532 -- Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary sy |
| CVE-2024-52589 -- Discourse is an open source platform for community discussion. Moderators can see the Screened emails list in the admin dashboard, and through that can learn the email of a user. This problem is patched in the latest version of Discourse. Users unable to |
| CVE-2024-52794 -- Discourse is an open source platform for community discussion. Users clicking on the lightbox thumbnails could be affected. This problem is patched in the latest version of Discourse. Users are advised to upgrade. There are no known workarounds for this v |
| CVE-2024-52896 -- IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. |
| CVE-2024-52897 -- IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. |
| CVE-2024-52897 -- IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned.
|
| CVE-2024-53991 -- Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to use `FileStore::LocalStore` which means uploads and backups are stored locally on disk. If an attacker knows the name of the D |
| CVE-2024-54009 -- Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to version 10.4.5 could be remotely exploited to allow disclosure of information.
|
| CVE-2024-54150 -- cjwt is a C JSON Web Token (JWT) Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between signing methods. If the system doesn't differentiate b |
| CVE-2024-54663 -- An issue was discovered in the Webmail Classic UI in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A Local File Inclusion (LFI) vulnerability exists in the /h/rest endpoint, allowing authenticated remote attackers to include and access sensitive files |
| CVE-2024-54790 -- A SQL Injection vulnerability was found in /index.php in PHPGurukul Pre-School Enrollment System v1.0, which allows remote attackers to execute arbitrary code via the visittime parameter. |
| CVE-2024-54982 -- An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass authentication via a crafted NAS message. |
| CVE-2024-54983 -- An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a crafted NAS message. |
| CVE-2024-54984 -- An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message. |
| CVE-2024-55081 -- An XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input. |
| CVE-2024-55082 -- A Server-Side Request Forgery (SSRF) in the endpoint http://{your-server}/url-to-pdf of Stirling-PDF 0.35.1 allows attackers to access sensitive information via a crafted request. |
| CVE-2024-55196 -- Insufficiently Protected Credentials in the Mail Server Configuration in GoPhish v0.12.1 allows an attacker to access cleartext passwords for the configured IMAP and SMTP servers. |
| CVE-2024-55603 -- Kanboard is project management software that focuses on the Kanban methodology. In affected versions sessions are still usable even though their lifetime has exceeded. Kanboard implements a cutom session handler (`app/Core/Session/SessionHandler.php`), to |
| CVE-2024-56159 -- Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as css and font files, the sourcemap files **for the serv |
| CVE-2024-56200 -- Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the |
| CVE-2024-56327 -- pyrage is a set of Python bindings for the rage file encryption library (age in Rust). `pyrage` uses the Rust `age` crate for its underlying operations, and `age` is vulnerable to GHSA-4fg7-vxc8-qx5w. All details of GHSA-4fg7-vxc8-qx5w are relevant to `py |
| CVE-2024-7137 -- The L2CAP receive data buffer for L2CAP packets is restricted to packet sizes smaller than the maximum supported packet size. Receiving a packet that exceeds the restricted buffer length may cause a crash. A hard reset is required to recover the crashed d |
| CVE-2024-7138 -- An assert may be triggered, causing a temporary denial of service when a peer device sends a specially crafted malformed L2CAP packet. If a watchdog timer is not enabled, a hard reset is required to recover the device.
|
| CVE-2024-7139 -- Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service.
|
| CVE-2024-9101 -- A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is un |
| CVE-2024-9102 -- phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Value (CSV) file, but it does not neutralize special elements that could be interpreted as a comman |
| CVE-2024-9154 -- A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system level on the device. This issue affects Ewon Flexy 205: through 14.8s0 (#2633). |
