Weekly Vulnerabilities Reports > July 1 to 7, 2024

Overview

269 new vulnerabilities reported during this period, including 32 critical vulnerabilities and 73 high severity vulnerabilities. This weekly summary report vulnerabilities in 1012 products from 115 vendors including Samsung, Linux, Qualcomm, Jungo, and Mitsubishielectric. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Cross-Site Request Forgery (CSRF)", "SQL Injection", and "Out-of-bounds Read".

  • 185 reported vulnerabilities are remotely exploitables.
  • 84 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 109 reported vulnerabilities are exploitable by an anonymous user.
  • Samsung has the most reported vulnerabilities, with 31 reported vulnerabilities.
  • Openatom has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

32 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-07-01 CVE-2024-38366 Cocoapods Injection vulnerability in Cocoapods Trunk.Cocoapods.Org

trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager.

10.0
2024-07-07 CVE-2024-40614 Egroupware Unspecified vulnerability in Egroupware

EGroupware before 23.1.20240624 mishandles an ORDER BY clause.

9.8
2024-07-05 CVE-2024-27712 Eskooly Unspecified vulnerability in Eskooly

An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the User Account Mangemnt component in the authentication mechanism.

9.8
2024-07-05 CVE-2024-29319 Personal Management System Server-Side Request Forgery (SSRF) vulnerability in Personal-Management-System Personal Management System 1.4.64

Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via uploading a SVG file.

9.8
2024-07-05 CVE-2024-38346 Apache Code Injection vulnerability in Apache Cloudstack

The CloudStack cluster service runs on unauthenticated port (default 9090) that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts.

9.8
2024-07-05 CVE-2024-39028 Seacms Unspecified vulnerability in Seacms

An issue was discovered in SeaCMS <=12.9 which allows remote attackers to execute arbitrary code via admin_ping.php.

9.8
2024-07-05 CVE-2024-39864 Apache Improper Initialization vulnerability in Apache Cloudstack

The CloudStack integration API service allows running its unauthenticated API server (usually on port 8096 when configured and enabled via integration.api.port global setting) for internal portal integrations and for testing purposes.

9.8
2024-07-05 CVE-2024-6298 ABB Unspecified vulnerability in ABB products

Improper Input Validation vulnerability in ABB ASPECT-Enterprise on Linux, ABB NEXUS Series on Linux, ABB MATRIX Series on Linux allows Remote Code Inclusion.This issue affects ASPECT-Enterprise: through 3.08.01; NEXUS Series: through 3.08.01; MATRIX Series: through 3.08.01.

9.8
2024-07-02 CVE-2024-4708 Myscada Use of Hard-coded Credentials vulnerability in Myscada Mypro

mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code on the affected device.

9.8
2024-07-02 CVE-2024-6439 Home Owners Collection Management System Project Unrestricted Upload of File with Dangerous Type vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0

A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical.

9.8
2024-07-02 CVE-2024-6440 Home Owners Collection Management System Project SQL Injection vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0

A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0.

9.8
2024-07-02 CVE-2024-36243 Openatom Out-of-bounds Write vulnerability in Openatom Openharmony

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write.

9.8
2024-07-02 CVE-2024-36260 Openatom Out-of-bounds Write vulnerability in Openatom Openharmony

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

9.8
2024-07-02 CVE-2024-37030 Openatom Use After Free vulnerability in Openatom Openharmony

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free.

9.8
2024-07-02 CVE-2024-37077 Openatom Out-of-bounds Write vulnerability in Openatom Openharmony

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

9.8
2024-07-02 CVE-2024-37185 Openatom Out-of-bounds Write vulnerability in Openatom Openharmony

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

9.8
2024-07-02 CVE-2023-41919 Kiloview Use of Hard-coded Credentials vulnerability in Kiloview P1 Firmware and P2 Firmware

Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access.

9.8
2024-07-02 CVE-2024-6172 Icegram SQL Injection vulnerability in Icegram Email Subscribers & Newsletters

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.25 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.

9.8
2024-07-01 CVE-2024-28200 N Able Improper Authentication vulnerability in N-Able N-Central 2023.4/2023.6/2023.7

The N-central server is vulnerable to an authentication bypass of the user interface.

9.8
2024-07-01 CVE-2024-38474 Apache
Netapp
Improper Encoding or Escaping of Output vulnerability in multiple products

Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.

9.8
2024-07-01 CVE-2024-38476 Apache
Netapp
Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
9.8
2024-07-01 CVE-2024-36401 Geoserver
Geotools
Code Injection vulnerability in multiple products

GeoServer is an open source server that allows users to share and edit geospatial data.

9.8
2024-07-01 CVE-2024-6376 Mongodb Code Injection vulnerability in Mongodb Compass

MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling.

9.8
2024-07-01 CVE-2024-38998 Requirejs Unspecified vulnerability in Requirejs

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config.

9.8
2024-07-01 CVE-2024-6419 Oretnom23 SQL Injection vulnerability in Oretnom23 Medicine Tracker System 1.0

A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0.

9.8
2024-07-05 CVE-2024-23997 Lukasbach Cross-site Scripting vulnerability in Lukasbach Yana

Lukas Bach yana =<1.0.16 is vulnerable to Cross Site Scripting (XSS) via src/electron-main.ts.

9.6
2024-07-05 CVE-2024-23998 Goanother Cross-site Scripting vulnerability in Goanother Another Redis Desktop Manager

goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via src/components/Setting.vue.

9.6
2024-07-01 CVE-2024-38367 Cocoapods Unspecified vulnerability in Cocoapods Trunk.Cocoapods.Org

trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager.

9.6
2024-07-06 CVE-2024-37260 Themeruby Server-Side Request Forgery (SSRF) vulnerability in Themeruby Foxiz

Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.This issue affects Foxiz: from n/a through 2.3.5.

9.3
2024-07-01 CVE-2024-38368 Cocoapods Unspecified vulnerability in Cocoapods Trunk.Cocoapods.Org

trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager.

9.3
2024-07-05 CVE-2024-37768 B1Ackc4T Unspecified vulnerability in B1Ackc4T 14Finger 1.1

14Finger v1.1 was discovered to contain an arbitrary user deletion vulnerability via the component /api/admin/user?id.

9.1
2024-07-01 CVE-2024-21456 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Information Disclosure while parsing beacon frame in STA.

9.1

73 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-07-05 CVE-2024-27711 Eskooly Unspecified vulnerability in Eskooly

An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the Sin-up process function in the account settings.

8.8
2024-07-05 CVE-2024-37769 B1Ackc4T Unspecified vulnerability in B1Ackc4T 14Finger 1.1

Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request.

8.8
2024-07-05 CVE-2024-6525 Dlink Deserialization of Untrusted Data vulnerability in Dlink Dar-7000 Firmware 100A53Dbr/20151231/31R02B1413C

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922.

8.8
2024-07-05 CVE-2024-6524 Shopxo Server-Side Request Forgery (SSRF) vulnerability in Shopxo

A vulnerability was found in ShopXO up to 6.1.0.

8.8
2024-07-04 CVE-2024-39943 Rejetto OS Command Injection vulnerability in Rejetto Http File Server

rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions).

8.8
2024-07-04 CVE-2024-5943 Kylephillips Cross-Site Request Forgery (CSRF) vulnerability in Kylephillips Nested Pages

The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.7.

8.8
2024-07-04 CVE-2024-6318 Wbolt Unrestricted Upload of File with Dangerous Type vulnerability in Wbolt Imgspider

The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_img_file' function in all versions up to, and including, 2.3.10.

8.8
2024-07-04 CVE-2024-6319 Wbolt Unrestricted Upload of File with Dangerous Type vulnerability in Wbolt Imgspider

The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 2.3.10.

8.8
2024-07-04 CVE-2024-2385 Livemeshelementor Unspecified vulnerability in Livemeshelementor Addons for Elementor

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.3.7 via several of the plugin's widgets through the 'style' attribute.

8.8
2024-07-03 CVE-2024-29506 Artifex Out-of-bounds Write vulnerability in Artifex Ghostscript

Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.

8.8
2024-07-03 CVE-2024-29509 Artifex Out-of-bounds Write vulnerability in Artifex Ghostscript

Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle.

8.8
2024-07-03 CVE-2024-6471 Mayurik SQL Injection vulnerability in Mayurik Online Tours & Travels Management System 1.0

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management 1.0.

8.8
2024-07-03 CVE-2024-6469 Playsms Injection vulnerability in Playsms 1.4.3

A vulnerability was found in playSMS 1.4.3.

8.8
2024-07-03 CVE-2024-2376 2Code Cross-Site Request Forgery (CSRF) vulnerability in 2Code Wpqa Builder

The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks

8.8
2024-07-02 CVE-2024-6453 Angeljudesuarez SQL Injection vulnerability in Angeljudesuarez Farm Management System 1.0

A vulnerability was found in itsourcecode Farm Management System 1.0.

8.8
2024-07-02 CVE-2024-20890 Samsung Improper Authentication vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behavior.

8.8
2024-07-02 CVE-2024-34593 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege.

8.8
2024-07-02 CVE-2024-5606 Expresstech SQL Injection vulnerability in Expresstech Quiz and Survey Master

The Quiz and Survey Master (QSM) WordPress plugin before 9.0.2 is vulnerable does not validate and escape the question_id parameter in the qsm_bulk_delete_question_from_database AJAX action, leading to a SQL injection exploitable by Contributors and above role

8.8
2024-07-02 CVE-2024-5767 Sitetweet Project Cross-Site Request Forgery (CSRF) vulnerability in Sitetweet Project Sitetweet

The sitetweet WordPress plugin through 0.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack

8.8
2024-07-02 CVE-2024-5349 LA Studioweb Unspecified vulnerability in La-Studioweb Element KIT for Elementor

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_style' parameter.

8.8
2024-07-03 CVE-2024-32937 An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79.
8.1
2024-07-01 CVE-2024-6387 Openbsd
Redhat
Suse
Debian
Canonical
Amazon
Netapp
Freebsd
Netbsd
Race Condition vulnerability in multiple products

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd).

8.1
2024-07-05 CVE-2024-39479 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: drm/i915/hwmon: Get rid of devm When both hwmon and hwmon drvdata (on which hwmon depends) are device managed resources, the expectation, on device unbind, is that hwmon will be released before drvdata.

7.8
2024-07-05 CVE-2024-39480 Linux Classic Buffer Overflow vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy() to insert the completed symbol into the command buffer. Unfortunately it passes the size of the source buffer rather than the destination to strncpy() with predictably horrible results.

7.8
2024-07-05 CVE-2024-36041 KDE Unspecified vulnerability in KDE Plasma-Workspace

KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted.

7.8
2024-07-02 CVE-2022-25478 Realtek Unspecified vulnerability in Realtek Rtsper and Rtsuer

Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 provides read and write access to the PCI configuration space of the device.

7.8
2024-07-02 CVE-2022-25480 Realtek Out-of-bounds Write vulnerability in Realtek Rtsper and Rtsuer

Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP.

7.8
2024-07-02 CVE-2024-22106 Jungo
Mitsubishielectric
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS).
7.8
2024-07-02 CVE-2024-25086 Jungo
Mitsubishielectric
Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code.
7.8
2024-07-02 CVE-2024-25088 Jungo
Mitsubishielectric
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code.
7.8
2024-07-02 CVE-2024-26314 Jungo
Mitsubishielectric
Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code.
7.8
2024-07-02 CVE-2023-51776 Jungo
Mitsubishielectric
Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code.
7.8
2024-07-02 CVE-2024-34122 Adobe Out-of-bounds Read vulnerability in Adobe Acrobat

Acrobat for Edge versions 126.0.2592.68 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.

7.8
2024-07-02 CVE-2024-20888 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper access control in OneUIHome prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

7.8
2024-07-02 CVE-2024-20891 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper access control in launchFullscreenIntent of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

7.8
2024-07-02 CVE-2024-20892 Samsung Improper Verification of Cryptographic Signature vulnerability in Samsung Android 12.0/13.0/14.0

Improper verification of signature in FilterProvider prior to SMR Jul-2024 Release 1 allows local attackers to execute privileged behaviors.

7.8
2024-07-02 CVE-2024-20893 Samsung Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation in libmediaextractorservice.so prior to SMR Jul-2024 Release 1 allows local attackers to trigger memory corruption.

7.8
2024-07-02 CVE-2024-20901 Samsung Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation in copying data to buffer cache in libsaped prior to SMR Jul-2024 Release 1 allows local attackers to write out-of-bounds memory.

7.8
2024-07-02 CVE-2024-34585 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

7.8
2024-07-02 CVE-2024-34595 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

7.8
2024-07-02 CVE-2024-32853 Dell Unspecified vulnerability in Dell Powerscale Onefs

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary privileges vulnerability.

7.8
2024-07-01 CVE-2024-32230 Ffmpeg Classic Buffer Overflow vulnerability in Ffmpeg 7.0

FFmpeg 7.0 is vulnerable to Buffer Overflow.

7.8
2024-07-01 CVE-2023-43554 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

Memory corruption while processing IOCTL handler in FastRPC.

7.8
2024-07-01 CVE-2024-21461 Qualcomm Double Free vulnerability in Qualcomm products

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

7.8
2024-07-01 CVE-2024-21465 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Memory corruption while processing key blob passed by the user.

7.8
2024-07-01 CVE-2024-21469 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.

7.8
2024-07-01 CVE-2024-21482 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs image.

7.8
2024-07-01 CVE-2024-23368 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Memory corruption when allocating and accessing an entry in an SMEM partition.

7.8
2024-07-01 CVE-2024-23372 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size.

7.8
2024-07-01 CVE-2024-23373 Qualcomm Use After Free vulnerability in Qualcomm products

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.

7.8
2024-07-01 CVE-2024-23380 Qualcomm Use After Free vulnerability in Qualcomm products

Memory corruption while handling user packets during VBO bind operation.

7.8
2024-07-07 CVE-2024-3651 KJD Unspecified vulnerability in KJD Internationalized Domain Names in Applications 3.6

A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6.

7.5
2024-07-05 CVE-2024-39210 Mayurik Unspecified vulnerability in Mayurik Best House Rental Management System 1.0

Best House Rental Management System v1.0 was discovered to contain an arbitrary file read vulnerability via the Page parameter at index.php.

7.5
2024-07-05 CVE-2024-39027 Seacms SQL Injection vulnerability in Seacms 12.9

SeaCMS v12.9 has an unauthorized SQL injection vulnerability.

7.5
2024-07-05 CVE-2024-6209 ABB Files or Directories Accessible to External Parties vulnerability in ABB products

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series v <=3.08.01 ; MATRIX Series v<=3.08.01 allows Attacker to access files unauthorized

7.5
2024-07-05 CVE-2023-52340 Linux Unspecified vulnerability in Linux Kernel

The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

7.5
2024-07-04 CVE-2024-39937 Supos Path Traversal vulnerability in Supos 5.0

supOS 5.0 allows api/image/download?fileName=../ directory traversal for reading files.

7.5
2024-07-03 CVE-2024-6427 Mesbook Allocation of Resources Without Limits or Throttling vulnerability in Mesbook 20221021.03

Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version.

7.5
2024-07-02 CVE-2024-34596 Samsung Improper Authentication vulnerability in Samsung Smartthings

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner.

7.5
2024-07-02 CVE-2024-32852 Dell Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Powerscale Onefs

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky cryptographic algorithm vulnerability.

7.5
2024-07-01 CVE-2024-38477 Apache
Netapp
NULL Pointer Dereference vulnerability in multiple products

null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

7.5
2024-07-01 CVE-2024-21586 An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart.
7.5
2024-07-01 CVE-2024-36982 Splunk NULL Pointer Dereference vulnerability in Splunk Cloud and Splunk

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon.

7.5
2024-07-01 CVE-2024-36991 Splunk Path Traversal vulnerability in Splunk

In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows.

7.5
2024-07-01 CVE-2024-36420 Flowiseai Injection vulnerability in Flowiseai Flowise 1.4.3

Flowise is a drag & drop user interface to build a customized large language model flow.

7.5
2024-07-01 CVE-2024-36421 Flowiseai Origin Validation Error vulnerability in Flowiseai Flowise 1.4.3

Flowise is a drag & drop user interface to build a customized large language model flow.

7.5
2024-07-01 CVE-2024-21457 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

INformation disclosure while handling Multi-link IE in beacon frame.

7.5
2024-07-01 CVE-2024-21458 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Information disclosure while handling SA query action frame.

7.5
2024-07-01 CVE-2024-21466 Qualcomm Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products

Information disclosure while parsing sub-IE length during new IE generation.

7.5
2024-07-03 CVE-2024-5672 A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command.
7.2
2024-07-01 CVE-2024-3123 CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly.
7.2
2024-07-03 CVE-2024-6426 Mesbook Unspecified vulnerability in Mesbook 20221021.03

Information exposure vulnerability in MESbook 20221021.03 version, the exploitation of which could allow a local attacker, with user privileges, to access different resources by changing the API value of the application.

7.1
2024-07-06 CVE-2024-39486 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: drm/drm_file: Fix pid refcounting race <[email protected]>, Maxime Ripard <[email protected]>, Thomas Zimmermann <[email protected]> filp->pid is supposed to be a refcounted pointer; however, before this patch, drm_file_update_pid() only increments the refcount of a struct pid after storing a pointer to it in filp->pid and dropping the dev->filelist_mutex, making the following race possible: process A process B ========= ========= begin drm_file_update_pid mutex_lock(&dev->filelist_mutex) rcu_replace_pointer(filp->pid, <pid B>, 1) mutex_unlock(&dev->filelist_mutex) begin drm_file_update_pid mutex_lock(&dev->filelist_mutex) rcu_replace_pointer(filp->pid, <pid A>, 1) mutex_unlock(&dev->filelist_mutex) get_pid(<pid A>) synchronize_rcu() put_pid(<pid B>) *** pid B reaches refcount 0 and is freed here *** get_pid(<pid B>) *** UAF *** synchronize_rcu() put_pid(<pid A>) As far as I know, this race can only occur with CONFIG_PREEMPT_RCU=y because it requires RCU to detect a quiescent state in code that is not explicitly calling into the scheduler. This race leads to use-after-free of a "struct pid". It is probably somewhat hard to hit because process A has to pass through a synchronize_rcu() operation while process B is between mutex_unlock() and get_pid(). Fix it by ensuring that by the time a pointer to the current task's pid is stored in the file, an extra reference to the pid has been taken. This fix also removes the condition for synchronize_rcu(); I think that optimization is unnecessary complexity, since in that case we would usually have bailed out on the lockless check above.

7.0

152 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-07-05 CVE-2024-6505 Qemu
Redhat
Out-of-bounds Read vulnerability in multiple products

A flaw was found in the virtio-net device in QEMU.

6.8
2024-07-02 CVE-2024-34587 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation in parsing application information from RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege.

6.8
2024-07-02 CVE-2024-37126 Dell Unspecified vulnerability in Dell Powerscale Onefs

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability.

6.7
2024-07-02 CVE-2024-37132 Dell Unspecified vulnerability in Dell Powerscale Onefs

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment vulnerability.

6.7
2024-07-02 CVE-2024-37133 Dell Unspecified vulnerability in Dell Powerscale Onefs

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability.

6.7
2024-07-02 CVE-2024-37134 Dell Unspecified vulnerability in Dell Powerscale Onefs

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability.

6.7
2024-07-02 CVE-2024-0158 Dell Improper Input Validation vulnerability in Dell products

Dell BIOS contains an improper input validation vulnerability.

6.7
2024-07-02 CVE-2024-32854 Dell Unspecified vulnerability in Dell Powerscale Onefs

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability.

6.7
2024-07-01 CVE-2024-20399 Cisco OS Command Injection vulnerability in Cisco Nx-Os

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands.

6.7
2024-07-07 CVE-2024-40601 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1.

6.5
2024-07-06 CVE-2024-37547 Livemesh Path Traversal vulnerability in Livemesh Elementor Addons

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Livemesh Livemesh Addons for Elementor.This issue affects Livemesh Addons for Elementor: from n/a through 8.4.0.

6.5
2024-07-05 CVE-2024-23588 Hcltech Unspecified vulnerability in Hcltech Nomad Server on Domino

HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability.

6.5
2024-07-05 CVE-2024-32498 Openstack Unspecified vulnerability in Openstack Nova

An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3.

6.5
2024-07-03 CVE-2024-36113 Discourse Missing Authorization vulnerability in Discourse

Discourse is an open-source discussion platform.

6.5
2024-07-03 CVE-2024-6428 Mattermost Unspecified vulnerability in Mattermost

Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID.

6.5
2024-07-02 CVE-2024-5865 Delinea Path Traversal vulnerability in Delinea Privileged Access Service

Vulnerability in Delinea Centrify PAS v.

6.5
2024-07-02 CVE-2024-6438 Hitout SQL Injection vulnerability in Hitout Carsale 1.0

A vulnerability has been found in Hitout Carsale 1.0 and classified as critical.

6.5
2024-07-02 CVE-2024-34588 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation?in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service.

6.5
2024-07-02 CVE-2024-34589 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation in parsing RTCP RR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service.

6.5
2024-07-01 CVE-2024-36987 Splunk Unrestricted Upload of File with Dangerous Type vulnerability in Splunk Cloud and Splunk

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint.

6.5
2024-07-01 CVE-2024-36990 Splunk Infinite Loop vulnerability in Splunk and Splunk Cloud Platform

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST endpoint in Splunk Enterprise, potentially causing a denial of service.

6.5
2024-07-01 CVE-2024-21460 Qualcomm Use of Insufficiently Random Values vulnerability in Qualcomm products

Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.

6.5
2024-07-01 CVE-2024-6375 Mongodb Missing Authorization vulnerability in Mongodb

A command for refining a collection shard key is missing an authorization check.

6.5
2024-07-02 CVE-2024-5260 The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘read_more_text’ parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping.
6.4
2024-07-06 CVE-2024-37542 Wpdevart Missing Authorization vulnerability in Wpdevart Gallery

Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.

6.3
2024-07-01 CVE-2024-39429 Google Out-of-bounds Write vulnerability in Google Android 12.0

In faceid servive, there is a possible out of bounds write due to a missing bounds check.

6.2
2024-07-01 CVE-2024-39430 Google Out-of-bounds Write vulnerability in Google Android 12.0

In faceid servive, there is a possible out of bounds write due to a missing bounds check.

6.2
2024-07-05 CVE-2024-6526 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce-Codeigniter-Bootstrap Project Ecommerce-Codeigniter-Bootstrap 20200803/20221227

A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03.

6.1
2024-07-05 CVE-2024-34481 Kontextwork Cross-site Scripting vulnerability in Kontextwork Drupal Wiki 8.30/8.31

drupal-wiki.com Drupal Wiki before 8.31.1 allows XSS via comments, captions, and image titles of a Wiki page.

6.1
2024-07-04 CVE-2024-37471 Xtendify Cross-site Scripting vulnerability in Xtendify Woffice

Cross Site Scripting (XSS) vulnerability in WofficeIO Woffice Core allows Reflected XSS.This issue affects Woffice Core: from n/a through 5.4.8.

6.1
2024-07-04 CVE-2024-37472 Xtendify Cross-site Scripting vulnerability in Xtendify Woffice

Cross Site Scripting (XSS) vulnerability in WofficeIO Woffice allows Reflected XSS.This issue affects Woffice: from n/a through 5.4.8.

6.1
2024-07-03 CVE-2024-35234 Discourse Cross-site Scripting vulnerability in Discourse

Discourse is an open-source discussion platform.

6.1
2024-07-02 CVE-2024-5544 Davidlingren Cross-site Scripting vulnerability in Davidlingren Media Library Assistant

The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the order parameter in all versions up to, and including, 3.17 due to insufficient input sanitization and output escaping.

6.1
2024-07-01 CVE-2024-36423 Flowiseai Cross-site Scripting vulnerability in Flowiseai Flowise

Flowise is a drag & drop user interface to build a customized large language model flow.

6.1
2024-07-01 CVE-2024-37145 Flowiseai Cross-site Scripting vulnerability in Flowiseai Flowise

Flowise is a drag & drop user interface to build a customized large language model flow.

6.1
2024-07-01 CVE-2024-37146 Flowiseai Cross-site Scripting vulnerability in Flowiseai Flowise

Flowise is a drag & drop user interface to build a customized large language model flow.

6.1
2024-07-01 CVE-2024-36422 Flowiseai Cross-site Scripting vulnerability in Flowiseai Flowise 1.4.3

Flowise is a drag & drop user interface to build a customized large language model flow.

6.1
2024-07-01 CVE-2024-38953 Phpok Cross-site Scripting vulnerability in PHPok 6.4.003

phpok 6.4.003 contains a Cross Site Scripting (XSS) vulnerability in the ok_f() method under the framework/api/upload_control.php file.

6.1
2024-07-01 CVE-2024-6050 Sokrates Cross-site Scripting vulnerability in Sokrates Sowa Opac

Improper Neutralization of Input During Web Page Generation vulnerability in SOKRATES-software SOWA OPAC allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects SOWA OPAC software in versions from 4.0 before 4.9.10, from 5.0 before 6.2.12.

6.1
2024-07-04 CVE-2024-39936 QT Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in QT

An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3.

5.9
2024-07-03 CVE-2024-39830 Mattermost Information Exposure Through Discrepancy vulnerability in Mattermost

Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5, when shared channels are enabled, fail to use constant time comparison for remote cluster tokens which allows an attacker to retrieve the remote cluster token via a timing attack during remote cluster token comparison.

5.9
2024-07-06 CVE-2024-6095 Mudler Server-Side Request Forgery (SSRF) vulnerability in Mudler Localai

A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery (SSRF) and partial Local File Inclusion (LFI).

5.8
2024-07-01 CVE-2024-36986 Splunk Unspecified vulnerability in Splunk Cloud and Splunk

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics Workspace.

5.7
2024-07-05 CVE-2024-39472 Linux Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog size set by mkfs") added a fixup for incorrect h_size values used for the initial umount record in old xfsprogs versions.

5.5
2024-07-05 CVE-2024-39473 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process->base_config_ext is NULL, causing NULL dereference when specifically crafted topology and sequences used.

5.5
2024-07-05 CVE-2024-39474 Linux Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL commit a421ef303008 ("mm: allow !GFP_KERNEL allocations for kvmalloc") includes support for __GFP_NOFAIL, but it presents a conflict with commit dd544141b9eb ("vmalloc: back off when the current task is OOM-killed").

5.5
2024-07-05 CVE-2024-39475 Linux Divide By Zero vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Handle err return when savagefb_check_var failed The commit 04e5eac8f3ab("fbdev: savage: Error out if pixclock equals zero") checks the value of pixclock to avoid divide-by-zero error.

5.5
2024-07-05 CVE-2024-39476 Linux Improper Locking vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with small possibility, the root cause is exactly the same as commit bed9e27baf52 ("Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"") However, Dan reported another hang after that, and junxiao investigated the problem and found out that this is caused by plugged bio can't issue from raid5d(). Current implementation in raid5d() has a weird dependence: 1) md_check_recovery() from raid5d() must hold 'reconfig_mutex' to clear MD_SB_CHANGE_PENDING; 2) raid5d() handles IO in a deadloop, until all IO are issued; 3) IO from raid5d() must wait for MD_SB_CHANGE_PENDING to be cleared; This behaviour is introduce before v2.6, and for consequence, if other context hold 'reconfig_mutex', and md_check_recovery() can't update super_block, then raid5d() will waste one cpu 100% by the deadloop, until 'reconfig_mutex' is released. Refer to the implementation from raid1 and raid10, fix this problem by skipping issue IO if MD_SB_CHANGE_PENDING is still set after md_check_recovery(), daemon thread will be woken up when 'reconfig_mutex' is released.

5.5
2024-07-05 CVE-2024-39477 Linux Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: do not call vma_add_reservation upon ENOMEM sysbot reported a splat [1] on __unmap_hugepage_range().

5.5
2024-07-05 CVE-2024-39478 Linux Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.

5.5
2024-07-05 CVE-2024-39481 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: media: mc: Fix graph walk in media_pipeline_start The graph walk tries to follow all links, even if they are not between pads.

5.5
2024-07-05 CVE-2024-39482 Linux Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btree_iter btree_iter is used in two ways: either allocated on the stack with a fixed size MAX_BSETS, or from a mempool with a dynamic size based on the specific cache set.

5.5
2024-07-05 CVE-2024-39483 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actually masked, i.e.

5.5
2024-07-05 CVE-2024-39484 Linux Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_MMC_DAVINCI=y.

5.5
2024-07-05 CVE-2024-39485 Linux Improper Initialization vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifier_entry of a notifier is not re-initialised after unregistering the notifier.

5.5
2024-07-02 CVE-2024-39322 Aimeos Project Unspecified vulnerability in Aimeos Project Ai-Controller-Frontend 2024.04.1

aimeos/ai-admin-jsonadm is the Aimeos e-commerce JSON API for administrative tasks.

5.5
2024-07-02 CVE-2022-25477 Realtek Information Exposure Through Log Files vulnerability in Realtek Rtsper and Rtsuer

Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR.

5.5
2024-07-02 CVE-2022-25479 Realtek Memory Leak vulnerability in Realtek Rtsper and Rtsuer

Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows for the leakage of kernel memory from both the stack and the heap.

5.5
2024-07-02 CVE-2024-22105 Jungo
Mitsubishielectric
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error.
5.5
2024-07-02 CVE-2024-25087 Jungo
Mitsubishielectric
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error.
5.5
2024-07-02 CVE-2023-51777 Jungo
Mitsubishielectric
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error.
5.5
2024-07-02 CVE-2023-51778 Jungo
Mitsubishielectric
Out-of-bounds Write vulnerability in multiple products

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

5.5
2024-07-02 CVE-2024-22102 Jungo
Mitsubishielectric
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error.
5.5
2024-07-02 CVE-2024-22103 Jungo
Mitsubishielectric
Out-of-bounds Write vulnerability in multiple products

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

5.5
2024-07-02 CVE-2024-22104 Jungo
Mitsubishielectric
Out-of-bounds Write vulnerability in multiple products

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

5.5
2024-07-02 CVE-2024-20895 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features.

5.5
2024-07-02 CVE-2024-20896 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Use of implicit intent for sensitive communication in Configuration message prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

5.5
2024-07-02 CVE-2024-20897 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Use of implicit intent for sensitive communication in FCM function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

5.5
2024-07-02 CVE-2024-20898 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Use of implicit intent for sensitive communication in SoftphoneClient in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

5.5
2024-07-02 CVE-2024-20899 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Use of implicit intent for sensitive communication in RCS function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

5.5
2024-07-02 CVE-2024-34594 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address.

5.5
2024-07-01 CVE-2024-21462 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Transient DOS while loading the TA ELF file.

5.5
2024-07-07 CVE-2024-6229 Quivr Cross-site Scripting vulnerability in Quivr

A stored cross-site scripting (XSS) vulnerability exists in the 'Upload Knowledge' feature of stangirard/quivr, affecting the latest version.

5.4
2024-07-06 CVE-2024-37554 Codeastrology Cross-site Scripting vulnerability in Codeastrology Ultraaddons

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodeAstrology Team UltraAddons Elementor Lite (Header & Footer Builder, Menu Builder, Cart Icon, Shortcode).This issue affects UltraAddons Elementor Lite (Header & Footer Builder, Menu Builder, Cart Icon, Shortcode): from n/a through 1.1.6.

5.4
2024-07-06 CVE-2024-37553 Axelerant Cross-site Scripting vulnerability in Axelerant Testimonials Widget

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Axelerant Testimonials Widget allows Stored XSS.This issue affects Testimonials Widget: from n/a through 4.0.4.

5.4
2024-07-06 CVE-2024-37546 Oxilab Cross-site Scripting vulnerability in Oxilab Image Hover Effects for Elementor With Lightbox and Flipbox

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in biplob018 Image Hover Effects - Caption Hover with Carousel allows Stored XSS.This issue affects Image Hover Effects - Caption Hover with Carousel: from n/a through 3.0.2.

5.4
2024-07-06 CVE-2024-37539 Delower Cross-site Scripting vulnerability in Delower WP to DO

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Delower WP To Do allows Stored XSS.This issue affects WP To Do: from n/a through 1.3.0.

5.4
2024-07-06 CVE-2024-37541 Staxwp Cross-site Scripting vulnerability in Staxwp Stax

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax allows Stored XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through 1.4.4.1.

5.4
2024-07-05 CVE-2024-29318 Personal Management System Cross-site Scripting vulnerability in Personal-Management-System Personal Management System 1.4.64

Volmarg Personal Management System 1.4.64 is vulnerable to stored cross site scripting (XSS) via upload of a SVG file with embedded javascript code.

5.4
2024-07-05 CVE-2024-6523 Zkteco Cross-site Scripting vulnerability in Zkteco Biotime 8.5.3/8.5.4/8.5.5

A vulnerability was found in ZKTeco BioTime up to 9.5.2.

5.4
2024-07-04 CVE-2024-37474 Automattic Cross-site Scripting vulnerability in Automattic Newspack ADS

Cross Site Scripting (XSS) vulnerability in Automattic Newspack Ads allows Stored XSS.This issue affects Newspack Ads: from n/a through 1.47.1.

5.4
2024-07-04 CVE-2024-37476 Automattic Cross-site Scripting vulnerability in Automattic Newspack

Cross Site Scripting (XSS) vulnerability in Automattic Newspack Campaigns allows Stored XSS.This issue affects Newspack Campaigns: from n/a through 2.31.1.

5.4
2024-07-04 CVE-2024-22277 Vmware Cross-site Scripting vulnerability in VMWare Cloud Director

VMware Cloud Director Availability contains an HTML injection vulnerability.

5.4
2024-07-04 CVE-2024-5641 Cedcommerce Cross-site Scripting vulnerability in Cedcommerce ONE Click Order Re-Order

The One Click Order Re-Order plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ced_ocor_save_general_setting' function in all versions up to, and including, 1.1.9.

5.4
2024-07-04 CVE-2024-2926 Livemeshelementor Cross-site Scripting vulnerability in Livemeshelementor Addons for Elementor

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 8.3.7 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2024-07-04 CVE-2024-3638 Livemeshelementor Cross-site Scripting vulnerability in Livemeshelementor Addons for Elementor

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Marquee Text Widget, Testimonials Widget, and Testimonial Slider widgets in all versions up to, and including, 8.3.7 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2024-07-04 CVE-2024-3639 Livemeshelementor Cross-site Scripting vulnerability in Livemeshelementor Addons for Elementor

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Posts Grid widget in all versions up to, and including, 8.3.7 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2024-07-03 CVE-2024-39248 Fikeulous Cross-site Scripting vulnerability in Fikeulous Simpcms 0.1

A cross-site scripting (XSS) vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php.

5.4
2024-07-03 CVE-2024-6052 Checkmk Cross-site Scripting vulnerability in Checkmk

Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users to execute arbitrary scripts by injecting HTML elements

5.4
2024-07-03 CVE-2024-39361 Mattermost Unspecified vulnerability in Mattermost

Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5 fail to prevent users from specifying a RemoteId for their posts which allows an attacker to specify both a remoteId and the post ID, resulting in creating a post with a user-defined post ID.

5.4
2024-07-03 CVE-2024-4482 Posimyth Cross-site Scripting vulnerability in Posimyth the Plus Addons for Elementor

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Countdown' widget in all versions up to, and including, 5.6.1 due to insufficient input sanitization and output escaping on user supplied 'text_days' attribute.

5.4
2024-07-03 CVE-2024-6263 Syedbalkhi Cross-site Scripting vulnerability in Syedbalkhi WP Lightbox 2

The WP Lightbox 2 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 3.0.6.6 due to insufficient input sanitization and output escaping.

5.4
2024-07-03 CVE-2024-6340 Leap13 Cross-site Scripting vulnerability in Leap13 Premium Addons for Elementor

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 4.10.35 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2024-07-03 CVE-2024-2234 2Code Cross-site Scripting vulnerability in 2Code Himer

The Himer WordPress theme before 2.1.1 does not sanitise and escape some of its Post settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks

5.4
2024-07-03 CVE-2024-2375 2Code Cross-site Scripting vulnerability in 2Code Wpqa Builder

The WPQA Builder WordPress plugin before 6.1.1 does not sanitise and escape some of its Slider settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks

5.4
2024-07-02 CVE-2024-39143 Coderberg Cross-site Scripting vulnerability in Coderberg Residencecms 2.10.1

A stored cross-site scripting (XSS) vulnerability exists in ResidenceCMS 2.10.1 that allows a low-privilege user to create malicious property content with HTML inside which acts as a stored XSS payload.

5.4
2024-07-02 CVE-2024-4268 Dotcamp Cross-site Scripting vulnerability in Dotcamp Ultimate Blocks

The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in all versions up to, and including, 3.1.9 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2024-07-02 CVE-2024-6264 Wpexpertplugins Cross-site Scripting vulnerability in Wpexpertplugins Post Meta Data Manager

The Post Meta Data Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘$meta_key’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping.

5.4
2024-07-02 CVE-2023-41922 Kiloview Cross-site Scripting vulnerability in Kiloview P1 Firmware and P2 Firmware

A 'Cross-site Scripting' (XSS) vulnerability, characterized by improper input neutralization during web page generation, has been discovered.

5.4
2024-07-02 CVE-2024-3513 Dotcamp Cross-site Scripting vulnerability in Dotcamp Ultimate Blocks

The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the title tag parameter in all versions up to, and including, 3.1.9 due to insufficient input sanitization and output escaping.

5.4
2024-07-02 CVE-2024-5504 Apollo13Themes Cross-site Scripting vulnerability in Apollo13Themes Rife Elementor Extensions & Templates

The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute within the plugin's Writing Effect Headline widget in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2024-07-02 CVE-2024-5219 Supsystic Cross-site Scripting vulnerability in Supsystic Easy Google Maps

The Easy Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 1.11.15 due to insufficient input sanitization and output escaping.

5.4
2024-07-02 CVE-2024-1427 Radiustheme Cross-site Scripting vulnerability in Radiustheme the Post Grid

The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the section title tag attribute in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2024-07-02 CVE-2024-4627 Rankmath Cross-site Scripting vulnerability in Rankmath SEO

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings (by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin before 1.0.219) to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

5.4
2024-07-02 CVE-2024-5419 Voidcoders Cross-site Scripting vulnerability in Voidcoders Void Contact Form 7 Widget for Elementor Page Builder

The Void Contact Form 7 Widget For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cf7_redirect_page' attribute within the plugin's Void Contact From 7 widget in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2024-07-02 CVE-2024-5938 Boot Store Project Cross-site Scripting vulnerability in Boot Store Project Boot Store

The Boot Store theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ parameter within the theme's Button shortcode in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping.

5.4
2024-07-01 CVE-2024-23737 Savignano Cross-Site Request Forgery (CSRF) vulnerability in Savignano S-Notify

Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email.

5.4
2024-07-01 CVE-2024-39303 Weblate Unspecified vulnerability in Weblate

Weblate is a web based localization tool.

5.4
2024-07-01 CVE-2024-36992 Splunk Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in execution of unauthorized JavaScript code in the browser of a user.

5.4
2024-07-01 CVE-2024-36993 Splunk Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user.

5.4
2024-07-01 CVE-2024-36994 Splunk Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user.

5.4
2024-07-03 CVE-2024-37157 Discourse Server-Side Request Forgery (SSRF) vulnerability in Discourse

Discourse is an open-source discussion platform.

5.3
2024-07-03 CVE-2024-36257 Mattermost Unspecified vulnerability in Mattermost

Mattermost versions 9.5.x <= 9.5.5 and 9.8.0, when using shared channels with multiple remote servers connected, fail to check that the remote server A requesting the server B to update the profile picture of a user is the remote that actually has the user as a local one . This allows a malicious remote A to change the profile images of users that belong to another remote server C that is connected to the server A.

5.3
2024-07-03 CVE-2024-39807 Mattermost Unspecified vulnerability in Mattermost

Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a webhook event which allows an attacker monitoring webhook events to retrieve the channel IDs of archived or restored channels.

5.3
2024-07-02 CVE-2024-39325 Aimeos Unspecified vulnerability in Aimeos Frontend Controller

aimeos/ai-controller-frontend is the Aimeos frontend controller.

5.3
2024-07-02 CVE-2024-39891 Twilio Information Exposure Through Discrepancy vulnerability in Twilio Authy and Authy Authenticator

In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024.

5.3
2024-07-02 CVE-2024-6088 Thimpress Missing Authorization vulnerability in Thimpress Learnpress

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized user registration due to a missing capability check on the 'register' function in all versions up to, and including, 4.2.6.8.1.

5.3
2024-07-02 CVE-2024-6099 Thimpress Unspecified vulnerability in Thimpress Learnpress

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthenticated bypass to user registration in versions up to, and including, 4.2.6.8.1.

5.3
2024-07-02 CVE-2024-34601 Samsung Unspecified vulnerability in Samsung Galaxystore

Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore.

5.3
2024-07-02 CVE-2024-5545 Stylemixthemes Missing Authorization vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing

The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stm_edit_delete_user_car function in all versions up to, and including, 1.4.8.

5.3
2024-07-01 CVE-2024-36996 Splunk Information Exposure Through Discrepancy vulnerability in Splunk and Splunk Cloud Platform

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance when they attempt to log in.

5.3
2024-07-01 CVE-2024-39878 Jetbrains Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection

5.3
2024-07-01 CVE-2024-39879 Jetbrains Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings

5.3
2024-07-01 CVE-2024-34696 Geoserver Unspecified vulnerability in Geoserver

GeoServer is an open source server that allows users to share and edit geospatial data.

4.9
2024-07-01 CVE-2024-3122 CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the system.
4.9
2024-07-07 CVE-2024-6539 Heyewei Cross-site Scripting vulnerability in Heyewei Springbootcms

A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28.

4.8
2024-07-07 CVE-2024-40599 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in the GuMaxDD skin for MediaWiki through 1.42.1.

4.8
2024-07-07 CVE-2024-40600 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1.

4.8
2024-07-07 CVE-2024-40602 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in the Tempo skin for MediaWiki through 1.42.1.

4.8
2024-07-07 CVE-2024-40604 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in the Nimbus skin for MediaWiki through 1.42.1.

4.8
2024-07-07 CVE-2024-40605 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in the Foreground skin for MediaWiki through 1.42.1.

4.8
2024-07-02 CVE-2024-6011 Stylemixthemes Cross-site Scripting vulnerability in Stylemixthemes Cost Calculator Builder

The Cost Calculator Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘textarea.description’ parameter in all versions up to, and including, 3.2.12 due to insufficient input sanitization and output escaping.

4.8
2024-07-02 CVE-2024-3999 Spider Themes Cross-site Scripting vulnerability in Spider-Themes Eazydocs

The EazyDocs WordPress plugin before 2.5.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

4.8
2024-07-01 CVE-2024-39427 Google Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0

In trusty service, there is a possible out of bounds write due to a missing bounds check.

4.4
2024-07-01 CVE-2024-39428 Google Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0

In trusty service, there is a possible out of bounds write due to a missing bounds check.

4.4
2024-07-07 CVE-2024-40596 Mediawiki Information Exposure Through Log Files vulnerability in Mediawiki

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1.

4.3
2024-07-07 CVE-2024-40598 Mediawiki Information Exposure Through Log Files vulnerability in Mediawiki

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1.

4.3
2024-07-07 CVE-2024-40603 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1.

4.3
2024-07-04 CVE-2024-6434 Leap13 Unspecified vulnerability in Leap13 Premium Addons for Elementor

The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 4.10.35.

4.3
2024-07-03 CVE-2024-36122 Discourse Unspecified vulnerability in Discourse

Discourse is an open-source discussion platform.

4.3
2024-07-03 CVE-2024-2040 2Code Cross-Site Request Forgery (CSRF) vulnerability in 2Code Himer

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users join private groups via a CSRF attack

4.3
2024-07-03 CVE-2024-2233 2Code Cross-Site Request Forgery (CSRF) vulnerability in 2Code Himer

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks.

4.3
2024-07-03 CVE-2024-2235 2Code Cross-Site Request Forgery (CSRF) vulnerability in 2Code Himer

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users vote on any polls, including those they don't have access to via a CSRF attack

4.3
2024-07-03 CVE-2024-4543 Yeken Cross-Site Request Forgery (CSRF) vulnerability in Yeken Snippet Shortcodes

The Snippet Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.1.4.

4.3
2024-07-02 CVE-2024-5866 Delinea Path Traversal vulnerability in Delinea Privileged Access Service

Vulnerability in Delinea Centrify PAS v.

4.3
2024-07-02 CVE-2024-20889 Samsung Improper Authentication vulnerability in Samsung Android 12.0/13.0/14.0

Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair with devices.

4.3
2024-07-02 CVE-2024-20894 Samsung Improper Handling of Exceptional Conditions vulnerability in Samsung Android 12.0/13.0/14.0

Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition.

4.3
2024-07-02 CVE-2024-34590 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation?in parsing an item type from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service.

4.3
2024-07-02 CVE-2024-34591 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service.

4.3
2024-07-02 CVE-2024-34592 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper input validation in parsing RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service.

4.3
2024-07-02 CVE-2024-6012 Stylemixthemes Missing Authorization vulnerability in Stylemixthemes Cost Calculator Builder

The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'embed-create-page' and 'embed-insert-pages' functions in all versions up to, and including, 3.2.12.

4.3
2024-07-01 CVE-2024-36989 Splunk Unspecified vulnerability in Splunk Cloud and Splunk

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.

4.3

12 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-07-02 CVE-2024-39324 Aimeos Incorrect Authorization vulnerability in Aimeos Ai-Admin-Graphql

aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface.

3.8
2024-07-01 CVE-2024-36995 Splunk Missing Authorization vulnerability in Splunk and Splunk Cloud Platform

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could create experimental items.

3.5
2024-07-03 CVE-2024-29508 Artifex Unspecified vulnerability in Artifex Ghostscript

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.

3.3
2024-07-02 CVE-2024-20900 Samsung Improper Authentication vulnerability in Samsung Android 12.0/13.0/14.0

Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication.

3.3
2024-07-02 CVE-2024-34583 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers to get device identifier.

3.3
2024-07-02 CVE-2024-34586 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0/14.0

Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local attackers to configure Knox privacy policy.

3.3
2024-07-02 CVE-2024-34597 Samsung Unspecified vulnerability in Samsung Health

Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health.

3.3
2024-07-02 CVE-2024-34599 Samsung Unspecified vulnerability in Samsung Tips

Improper input validation in Tips prior to version 6.2.9.4 in Android 14 allows local attacker to send broadcast with Tips&#39; privilege.

3.3
2024-07-02 CVE-2024-34600 Samsung Unspecified vulnerability in Samsung Flow

Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to version 4.9.13.0 allows local attackers to copy image files to external storage.

3.3
2024-07-02 CVE-2024-31071 Openatom Type Confusion vulnerability in Openatom Openharmony

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.

3.3
2024-07-02 CVE-2024-36278 Openatom Type Confusion vulnerability in Openatom Openharmony

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.

3.3
2024-07-03 CVE-2024-39353 Mattermost Unspecified vulnerability in Mattermost

Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to sanitize the RemoteClusterFrame payloads before audit logging them which allows a high privileged attacker with access to the audit logs to read message contents.

2.7