Weekly Vulnerabilities Reports > May 6 to 12, 2024

Missing Authorization vulnerability in Leevio Happy Addons for Elementor.This issue affects Happy Addons for Elementor: from n/a through 3.10.1.

Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16.

GLPI is a Free Asset and IT Management Software package.

An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system.

In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input validation.

In sendIntentSender of ActivityManagerService.java, there is a possible background activity launch due to a logic error.

In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto.

In multiple locations, there is a possible notification listener grant to an app running in the work profile due to a logic error in the code.

In onCreate of WifiDialogActivity.java, there is a possible way to bypass the DISALLOW_ADD_WIFI_CONFIG restriction due to a missing permission check.

In multiple locations, there is a possible failure to persist or enforce user restrictions due to improper input validation.

In multiple locations, there is a possible bypass of health data permissions due to an improper input validation.

In multiple locations, there is a possible permissions bypass due to improper input validation.

In multiple functions of NotificationManagerService.java, there is a possible way to not show a toast message when a clipboard message has been accessed.

In assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.java, there is a possible execution of arbitrary app code as a privileged app due to a logic error in the code.

In migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to persist notifications settings due to improper input validation.

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference.

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free.

Memory corruption when multiple listeners are being registered with the same file descriptor.

Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

Memory corruption while querying module parameters from Listen Sound model client in kernel from user space.

Memory corruption in HLOS while checking for the storage type.

Memory corruption while verifying the serialized header when the key pairs are generated.

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.

Memory corruption when the IOCTL call is interrupted by a signal.

In wlan service, there is a possible out of bounds write due to improper input validation.

DHCP can add routes to a client’s routing table via the classless static route option (121).

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.

BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG-IP Next LTM/WAF instance credentials.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.

Dell PowerProtect DM5500 version 5.15.0.0 and prior contains an insecure deserialization Vulnerability.

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

In keyInstall, there is a possible out of bounds write due to a missing bounds check.

Dell PowerProtect DM5500 version 5.15.0.0 and prior contain an Arbitrary File Delete via Path Traversal vulnerability.

In multiple locations, there is a possible out of bounds write due to a heap buffer overflow.

Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

GLPI is a Free Asset and IT Management Software package.

In multiple functions of CompanionDeviceManagerService.java, there is a possible launch NotificationAccessConfirmationActivity of another user profile due to improper input validation.

In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due to resource exhaustion.

In multiple functions of SnoozeHelper.java, there is a possible way to cause a boot loop due to resource exhaustion.

In multiple functions of AppOpsService.java, there is a possible way to saturate the content of /data/system/appops_accesses.xml due to resource exhaustion.

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference.

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow.

In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow.

Information disclosure while parsing dts header atom in Video.

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.1.34.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.0.

The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'link-library' shortcode in all versions up to, and including, 7.6.11 due to insufficient input sanitization and output escaping on user supplied attributes.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.4.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.10.

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.

Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage Vulnerability in Log file.

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7.

A vulnerability was found in DedeCMS 5.7.

A vulnerability classified as problematic has been found in DedeCMS 5.7.

A vulnerability classified as problematic was found in DedeCMS 5.7.

A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7.

A vulnerability has been found in DedeCMS 5.7 and classified as problematic.

A vulnerability was found in DedeCMS 5.7 and classified as problematic.

A vulnerability was found in DedeCMS 5.7.

A vulnerability was found in DedeCMS 5.7.

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7.