Weekly Vulnerabilities Reports > August 12 to 18, 2024

Overview

746 new vulnerabilities reported during this period, including 100 critical vulnerabilities and 314 high severity vulnerabilities. This weekly summary report vulnerabilities in 568 products from 146 vendors including Microsoft, Adobe, Linux, Tenda, and Oretnom23. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "SQL Injection", "NULL Pointer Dereference", and "Path Traversal".

  • 504 reported vulnerabilities are remotely exploitables.
  • 213 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 384 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 84 reported vulnerabilities.
  • Totolink has the most reported critical vulnerabilities, with 10 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

100 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-08-17 CVE-2024-6500 The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'parse_request' function in all versions up to, and including, 1.4.0 (for InPost for WooCommerce) as well as 1.4.4 (for InPost PL).
10.0
2024-08-12 CVE-2024-42467 Openhab Unspecified vulnerability in Openhab web Interface

openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu.

10.0
2024-08-12 CVE-2024-42480 Clastix Unspecified vulnerability in Clastix Kamaji

Kamaji is the Hosted Control Plane Manager for Kubernetes.

9.9
2024-08-12 CVE-2024-37023 Vonets Command Injection vulnerability in Vonets products

Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters.

9.9
2024-08-18 CVE-2024-7913 Angeljudesuarez SQL Injection vulnerability in Angeljudesuarez Billing System 1.0

A vulnerability was found in itsourcecode Billing System 1.0.

9.8
2024-08-18 CVE-2024-7911 Oretnom23 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0.

9.8
2024-08-18 CVE-2024-7909 Totolink Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023

A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical.

9.8
2024-08-18 CVE-2024-7908 Totolink Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023.

9.8
2024-08-18 CVE-2024-7907 Totolink Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719

A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.852_20230719.

9.8
2024-08-17 CVE-2024-7898 Tosei Corporation Unspecified vulnerability in Tosei-Corporation Online Store Management System 4.0.2/4.0.3/4.0.4

A vulnerability classified as critical was found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04.

9.8
2024-08-16 CVE-2024-43042 Pluck CMS Improper Restriction of Excessive Authentication Attempts vulnerability in Pluck-Cms Pluck 4.7.18

Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack.

9.8
2024-08-16 CVE-2022-33162 IBM Unspecified vulnerability in IBM products

IBM Security Directory Integrator 7.2.0 and Security Verify Directory Integrator 10.0.0 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources, at the privilege level of a standard unprivileged user.

9.8
2024-08-16 CVE-2024-42638 H3C Use of Hard-coded Credentials vulnerability in H3C Magic B1St Firmware 100R012

H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.

9.8
2024-08-16 CVE-2024-42462 Upkeeper Improper Authentication vulnerability in Upkeeper Manager

Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Bypass.This issue affects upKeeper Manager: through 5.1.9.

9.8
2024-08-16 CVE-2024-42465 Upkeeper Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager

Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9.

9.8
2024-08-16 CVE-2024-42466 Upkeeper Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager

Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9.

9.8
2024-08-16 CVE-2024-7851 Oretnom23 Unspecified vulnerability in Oretnom23 Yoga Class Registration System 1.0

A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and classified as critical.

9.8
2024-08-15 CVE-2024-7839 Angeljudesuarez SQL Injection vulnerability in Angeljudesuarez Billing System 1.0

A vulnerability classified as critical has been found in itsourcecode Billing System 1.0.

9.8
2024-08-15 CVE-2024-7838 Kevinwong SQL Injection vulnerability in Kevinwong Online Food Ordering System 1.0

A vulnerability was found in itsourcecode Online Food Ordering System 1.0.

9.8
2024-08-15 CVE-2024-42843 Projectworlds SQL Injection vulnerability in Projectworlds Online Examination System 1.0

Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php.

9.8
2024-08-15 CVE-2024-42947 Tenda Unspecified vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows attackers to execute arbitrary commands via a crafted HTTP request.

9.8
2024-08-15 CVE-2024-42966 Totolink Unspecified vulnerability in Totolink N350Rt Firmware 9.3.5U.6139B20201216

Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.

9.8
2024-08-15 CVE-2024-42967 Totolink Unspecified vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309

Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.

9.8
2024-08-15 CVE-2024-42978 Tenda Unspecified vulnerability in Tenda Fh1206 Firmware V02.03.01.35

An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request.

9.8
2024-08-15 CVE-2024-7833 Dlink Command Injection vulnerability in Dlink Di-8100 Firmware 16.07

A vulnerability was found in D-Link DI-8100 16.07.

9.8
2024-08-15 CVE-2024-7828 Dlink Classic Buffer Overflow vulnerability in Dlink products

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814.

9.8
2024-08-15 CVE-2024-7829 Dlink Classic Buffer Overflow vulnerability in Dlink products

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814.

9.8
2024-08-15 CVE-2024-7830 Dlink Classic Buffer Overflow vulnerability in Dlink products

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814.

9.8
2024-08-15 CVE-2024-7831 Dlink Classic Buffer Overflow vulnerability in Dlink products

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical.

9.8
2024-08-15 CVE-2024-7811 Rems SQL Injection vulnerability in Rems Daily Expenses Monitoring APP 1.0

A vulnerability classified as critical has been found in SourceCodester Daily Expenses Monitoring App 1.0.

9.8
2024-08-15 CVE-2024-7808 Fabianros SQL Injection vulnerability in Fabianros JOB Portal 1.0

A vulnerability was found in code-projects Job Portal 1.0.

9.8
2024-08-15 CVE-2024-7797 Oretnom23 SQL Injection vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0.

9.8
2024-08-15 CVE-2024-7798 Oretnom23 SQL Injection vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0.

9.8
2024-08-14 CVE-2024-7794 Adrianmercurio SQL Injection vulnerability in Adrianmercurio Vehicle Management System 1.0

A vulnerability was found in itsourcecode Vehicle Management System 1.0.

9.8
2024-08-14 CVE-2024-42360 Wurmlab Command Injection vulnerability in Wurmlab Sequenceserver

SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use.

9.8
2024-08-14 CVE-2024-5914 Paloaltonetworks Command Injection vulnerability in Paloaltonetworks Cortex Xsoar Commonscripts

A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container.

9.8
2024-08-14 CVE-2024-7731 Secom SQL Injection vulnerability in Secom Dr.Id Access Control 3.3.2

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.

9.8
2024-08-14 CVE-2024-7732 Secom SQL Injection vulnerability in Secom Dr.Id Attendance System 3.3.0.320160517/3.4.0.0.3.11

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.

9.8
2024-08-13 CVE-2024-28986 Solarwinds Deserialization of Untrusted Data vulnerability in Solarwinds web Help Desk

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine.

9.8
2024-08-13 CVE-2024-7748 Rems SQL Injection vulnerability in Rems Accounts Manager APP 1.0

A vulnerability, which was classified as critical, has been found in SourceCodester Accounts Manager App 1.0.

9.8
2024-08-13 CVE-2024-7742 Ltcms Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20

A vulnerability was found in wanglongcn ltcms 1.0.20.

9.8
2024-08-13 CVE-2024-7743 Ltcms Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20

A vulnerability was found in wanglongcn ltcms 1.0.20.

9.8
2024-08-13 CVE-2024-7740 Ltcms Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20

A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical.

9.8
2024-08-13 CVE-2024-7569 Ivanti Unspecified vulnerability in Ivanti Neurons for Itsm 2023.2/2023.3/2023.4

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information.

9.8
2024-08-13 CVE-2024-7593 Ivanti Improper Authentication vulnerability in Ivanti Virtual Traffic Management

Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.

9.8
2024-08-13 CVE-2024-38063 Microsoft Unspecified vulnerability in Microsoft products

Windows TCP/IP Remote Code Execution Vulnerability

9.8
2024-08-13 CVE-2024-38140 Microsoft Unspecified vulnerability in Microsoft products

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

9.8
2024-08-13 CVE-2024-38199 Microsoft Unspecified vulnerability in Microsoft products

Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

9.8
2024-08-13 CVE-2024-7746 Traccar Improper Authentication vulnerability in Traccar

Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism.  These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability.

9.8
2024-08-13 CVE-2024-41623 D3Dsecurity Unspecified vulnerability in D3Dsecurity D8801 Firmware 9.1.17.1.420180428

An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload

9.8
2024-08-13 CVE-2024-41730 SAP Missing Authorization vulnerability in SAP Business Objects Business Intelligence Platform Enterprise430/Enterprise440

In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint.

9.8
2024-08-13 CVE-2024-7707 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35

A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical.

9.8
2024-08-12 CVE-2024-43360 Zoneminder SQL Injection vulnerability in Zoneminder

ZoneMinder is a free, open source closed-circuit television software application.

9.8
2024-08-12 CVE-2024-42546 Totolink Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504

TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.

9.8
2024-08-12 CVE-2024-42547 Totolink Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504

TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.

9.8
2024-08-12 CVE-2024-42543 Totolink Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.

9.8
2024-08-12 CVE-2024-42545 Totolink Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.

9.8
2024-08-12 CVE-2023-7249 Opentext Path Traversal vulnerability in Opentext Directory Services

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1.

9.8
2024-08-12 CVE-2024-38530 Openeclass Unrestricted Upload of File with Dangerous Type vulnerability in Openeclass

The Open eClass platform (formerly known as GUnet eClass) is a complete Course Management System.

9.8
2024-08-12 CVE-2024-42478 Ggerganov Out-of-bounds Read vulnerability in Ggerganov Llama.Cpp

llama.cpp provides LLM inference in C/C++.

9.8
2024-08-12 CVE-2024-42479 Ggerganov Out-of-bounds Write vulnerability in Ggerganov Llama.Cpp

llama.cpp provides LLM inference in C/C++.

9.8
2024-08-12 CVE-2024-42520 Totolink Classic Buffer Overflow vulnerability in Totolink A3002R Firmware 4.0.0B20230531.1404

TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl.

9.8
2024-08-12 CVE-2024-6917 Veribase OS Command Injection vulnerability in Veribase Order Management

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection.This issue affects Veribase Order Management: before v4.010.2.

9.8
2024-08-12 CVE-2024-21878 Enphase OS Command Injection vulnerability in Enphase IQ Gateway Firmware

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection.

9.8
2024-08-12 CVE-2024-39791 Vonets Out-of-bounds Write vulnerability in Vonets products

Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.

9.8
2024-08-12 CVE-2024-40472 Rems SQL Injection vulnerability in Rems Daily Calories Monitoring Tool 1.0

Sourcecodester Daily Calories Monitoring Tool v1.0 is vulnerable to SQL Injection via "delete-calorie.php."

9.8
2024-08-12 CVE-2024-40480 Jayesh Unspecified vulnerability in Jayesh Online Exam System 1.0

A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access.

9.8
2024-08-12 CVE-2024-41570 Havocframework Server-Side Request Forgery (SSRF) vulnerability in Havocframework Havoc

An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server.

9.8
2024-08-12 CVE-2024-42001 Vonets Forced Browsing vulnerability in Vonets products

An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session.

9.8
2024-08-12 CVE-2024-42469 Openhab Path Traversal vulnerability in Openhab

openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu.

9.8
2024-08-12 CVE-2024-42473 Openfga Incorrect Authorization vulnerability in Openfga 1.5.7/1.5.8

OpenFGA is an authorization/permission engine.

9.8
2024-08-12 CVE-2024-7503 The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.5.
9.8
2024-08-12 CVE-2024-7613 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 1.2.0.8(8155)

A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical.

9.8
2024-08-12 CVE-2024-7614 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 1.2.0.8(8155)

A vulnerability was found in Tenda FH1206 1.2.0.8(8155).

9.8
2024-08-12 CVE-2024-7615 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 1.2.0.8(8155)

A vulnerability was found in Tenda FH1206 1.2.0.8.

9.8
2024-08-12 CVE-2024-7616 Edimax Command Injection vulnerability in Edimax Ic-5150W Firmware and Ic-6220Dc Firmware

A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06.

9.8
2024-08-12 CVE-2024-7635 Code Projects SQL Injection vulnerability in Code-Projects Simple Ticket Booking 1.0

A vulnerability was found in code-projects Simple Ticket Booking 1.0.

9.8
2024-08-12 CVE-2024-7636 Code Projects SQL Injection vulnerability in Code-Projects Simple Ticket Booking 1.0

A vulnerability was found in code-projects Simple Ticket Booking 1.0.

9.8
2024-08-12 CVE-2024-7637 Fabianros SQL Injection vulnerability in Fabianros Online Polling 1.0

A vulnerability was found in code-projects Online Polling 1.0.

9.8
2024-08-12 CVE-2024-7638 Mayurik SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0

A vulnerability classified as critical has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0.

9.8
2024-08-12 CVE-2024-7639 Mayurik SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0

A vulnerability classified as critical was found in SourceCodester Kortex Lite Advocate Office Management System 1.0.

9.8
2024-08-12 CVE-2024-7640 Mayurik SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0

A vulnerability, which was classified as critical, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0.

9.8
2024-08-12 CVE-2024-7641 Mayurik SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0

A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0.

9.8
2024-08-12 CVE-2024-7642 Mayurik SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0

A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical.

9.8
2024-08-12 CVE-2024-7643 Rems SQL Injection vulnerability in Rems Leads Manager Tool 1.0

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical.

9.8
2024-08-12 CVE-2024-7680 Angeljudesuarez SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0

A vulnerability was found in itsourcecode Tailoring Management System 1.0.

9.8
2024-08-12 CVE-2024-7681 College Management System Project SQL Injection vulnerability in College Management System Project College Management System 1.0

A vulnerability was found in code-projects College Management System 1.0.

9.8
2024-08-12 CVE-2024-7682 Fabianros SQL Injection vulnerability in Fabianros JOB Portal 1.0

A vulnerability was found in code-projects Job Portal 1.0.

9.8
2024-08-13 CVE-2024-38108 Microsoft Cross-site Scripting vulnerability in Microsoft Azure Stack HUB

Azure Stack Hub Spoofing Vulnerability

9.3
2024-08-15 CVE-2024-43366 Matter Labs Infinite Loop vulnerability in Matter-Labs Zkvyper

zkvyper is a Vyper compiler.

9.1
2024-08-14 CVE-2024-38652 Ivanti Path Traversal vulnerability in Ivanti Avalanche

Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion.

9.1
2024-08-13 CVE-2024-38159 Microsoft Unspecified vulnerability in Microsoft Windows 10 1607 and Windows Server 2016

Windows Network Virtualization Remote Code Execution Vulnerability

9.1
2024-08-13 CVE-2024-38160 Microsoft Unspecified vulnerability in Microsoft Windows 10 1607 and Windows Server 2016

Windows Network Virtualization Remote Code Execution Vulnerability

9.1
2024-08-13 CVE-2024-41940 Siemens Unspecified vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0

A vulnerability has been identified in SINEC NMS (All versions < V3.0).

9.1
2024-08-13 CVE-2024-33003 SAP Unspecified vulnerability in SAP Commerce Cloud

Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters.

9.1
2024-08-12 CVE-2024-21876 Enphase Path Traversal vulnerability in Enphase IQ Gateway Firmware

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225.

9.1
2024-08-12 CVE-2024-42470 Openhab Missing Authorization vulnerability in Openhab

openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu.

9.1
2024-08-14 CVE-2024-39397 Adobe Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker.

9.0
2024-08-13 CVE-2023-26211 Fortinet Cross-site Scripting vulnerability in Fortinet Fortisoar

An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web script or HTML via the Communications module.

9.0
2024-08-12 CVE-2024-38219 Microsoft Type Confusion vulnerability in Microsoft Edge Chromium

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

9.0

314 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-08-18 CVE-2024-7906 Dedebiz Unrestricted Upload of File with Dangerous Type vulnerability in Dedebiz 6.3.0

A vulnerability classified as critical was found in DedeBIZ 6.3.0.

8.8
2024-08-18 CVE-2024-7904 Dedebiz Unrestricted Upload of File with Dangerous Type vulnerability in Dedebiz 6.3.0

A vulnerability was found in DedeBIZ 6.3.0.

8.8
2024-08-18 CVE-2024-7903 Dedebiz Unrestricted Upload of File with Dangerous Type vulnerability in Dedebiz 6.3.0

A vulnerability was found in DedeBIZ 6.3.0.

8.8
2024-08-17 CVE-2024-7897 Tosei Corporation Command Injection vulnerability in Tosei-Corporation Online Store Management System 4.0.2/4.0.3/4.0.4

A vulnerability classified as critical has been found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04.

8.8
2024-08-17 CVE-2024-7896 Tosei Corporation Command Injection vulnerability in Tosei-Corporation Online Store Management System 4.0.2/4.0.3/4.0.4

A vulnerability was found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04.

8.8
2024-08-17 CVE-2024-43847 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid memory access while processing fragmented packets The monitor ring and the reo reinject ring share the same ring mask index. When the driver receives an interrupt for the reo reinject ring, the monitor ring is also processed, leading to invalid memory access.

8.8
2024-08-16 CVE-2024-7145 Crocoblock Path Traversal vulnerability in Crocoblock Jetelements

The JetElements plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.6.20 via the 'progress_type' parameter.

8.8
2024-08-16 CVE-2024-7146 The JetTabs for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.3 via the 'switcher_preset' parameter.
8.8
2024-08-16 CVE-2024-7853 Oretnom23 SQL Injection vulnerability in Oretnom23 Yoga Class Registration System 1.0

A vulnerability was found in SourceCodester Yoga Class Registration System up to 1.0.

8.8
2024-08-15 CVE-2024-42681 Xuxueli Incorrect Default Permissions vulnerability in Xuxueli Xxl-Job 2.4.1

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component.

8.8
2024-08-15 CVE-2024-42676 Isellerpal Unrestricted Upload of File with Dangerous Type vulnerability in Isellerpal Enterprise Resource Management System

File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows a remote attacker to execute arbitrary code via the /nssys/common/Upload.

8.8
2024-08-15 CVE-2024-7832 Dlink Classic Buffer Overflow vulnerability in Dlink products

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical.

8.8
2024-08-15 CVE-2024-43275 Xyzscripts Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert PHP Code Snippet

Cross-Site Request Forgery (CSRF) vulnerability in xyzscripts.Com Insert PHP Code Snippet.This issue affects Insert PHP Code Snippet: from n/a through 1.3.6.

8.8
2024-08-15 CVE-2024-7810 Tamparongj 03 SQL Injection vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0.

8.8
2024-08-14 CVE-2024-7792 Rems SQL Injection vulnerability in Rems Task Progress Tracker 1.0

A vulnerability was found in SourceCodester Task Progress Tracker 1.0.

8.8
2024-08-14 CVE-2024-39809 F5 Insufficient Session Expiration vulnerability in F5 Big-Ip Next Central Manager 20.1.0

The Central Manager user session refresh token does not expire when a user logs out.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

8.8
2024-08-14 CVE-2024-23497 Intel Out-of-bounds Write vulnerability in Intel Ethernet 800 Series Controllers Driver

Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

8.8
2024-08-14 CVE-2024-23981 Intel Incorrect Calculation vulnerability in Intel Ethernet 800 Series Controllers Driver

Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

8.8
2024-08-14 CVE-2024-24986 Intel Unspecified vulnerability in Intel Ethernet 800 Series Controllers Driver

Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

8.8
2024-08-14 CVE-2024-4389 The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadFile function in all versions up to, and including, 3.1.1.
8.8
2024-08-13 CVE-2024-38109 Microsoft Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health BOT

An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.

8.8
2024-08-13 CVE-2024-38114 Microsoft Unspecified vulnerability in Microsoft products

Windows IP Routing Management Snapin Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-38115 Microsoft Unspecified vulnerability in Microsoft products

Windows IP Routing Management Snapin Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-38116 Microsoft Unspecified vulnerability in Microsoft products

Windows IP Routing Management Snapin Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-38120 Microsoft Unspecified vulnerability in Microsoft products

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-38121 Microsoft Unspecified vulnerability in Microsoft products

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-38128 Microsoft Unspecified vulnerability in Microsoft products

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-38130 Microsoft Unspecified vulnerability in Microsoft products

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-38131 Microsoft Unspecified vulnerability in Microsoft products

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-38144 Microsoft Unspecified vulnerability in Microsoft products

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

8.8
2024-08-13 CVE-2024-38154 Microsoft Unspecified vulnerability in Microsoft products

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-38180 Microsoft Unspecified vulnerability in Microsoft products

Windows SmartScreen Security Feature Bypass Vulnerability

8.8
2024-08-13 CVE-2024-38189 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Project Remote Code Execution Vulnerability

8.8
2024-08-13 CVE-2024-36446 Mitel Unspecified vulnerability in Mitel Mivoice Mx-One

The provisioning manager component of Mitel MiVoice MX-ONE through 7.6 SP1 could allow an authenticated attacker to conduct an authentication bypass attack due to improper access control.

8.8
2024-08-13 CVE-2022-45862 Fortinet Insufficient Session Expiration vulnerability in Fortinet products

An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.

8.8
2024-08-13 CVE-2024-42737 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist.

8.8
2024-08-13 CVE-2024-42738 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg.

8.8
2024-08-13 CVE-2024-42739 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg.

8.8
2024-08-13 CVE-2024-43138 Mage People Path Traversal vulnerability in Mage-People Event Manager and Tickets Selling for Woocommerce

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MagePeople Team Event Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Event Manager for WooCommerce: from n/a through 4.2.1.

8.8
2024-08-13 CVE-2024-43140 G5Plus Path Traversal vulnerability in G5Plus Ultimate Bootstrap Elements for Elementor

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.4.

8.8
2024-08-13 CVE-2024-43129 Wpdeveloper Path Traversal vulnerability in Wpdeveloper Betterdocs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper BetterDocs allows PHP Local File Inclusion.This issue affects BetterDocs: from n/a through 3.5.8.

8.8
2024-08-13 CVE-2024-43135 Themewinter Path Traversal vulnerability in Themewinter Wpcafe

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through 2.2.28.

8.8
2024-08-13 CVE-2024-41939 Siemens Incorrect Authorization vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0

A vulnerability has been identified in SINEC NMS (All versions < V3.0).

8.8
2024-08-13 CVE-2024-41976 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1).

8.8
2024-08-13 CVE-2024-6823 The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation involving the mla-inline-edit-upload-scripts AJAX action in all versions up to, and including, 3.18.
8.8
2024-08-12 CVE-2023-48171 Owasp Unspecified vulnerability in Owasp Defectdojo

An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component.

8.8
2024-08-12 CVE-2024-42741 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg.

8.8
2024-08-12 CVE-2024-42742 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules.

8.8
2024-08-12 CVE-2024-42743 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg .

8.8
2024-08-12 CVE-2024-42744 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser.

8.8
2024-08-12 CVE-2024-42745 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg.

8.8
2024-08-12 CVE-2024-42747 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg.

8.8
2024-08-12 CVE-2024-42748 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg.

8.8
2024-08-12 CVE-2024-41475 SIR Origin Validation Error vulnerability in SIR Gnuboard 6.0.7

Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration.

8.8
2024-08-12 CVE-2024-42623 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/delete/1

8.8
2024-08-12 CVE-2024-42624 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/delete/10.

8.8
2024-08-12 CVE-2024-42625 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/add

8.8
2024-08-12 CVE-2024-42626 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add.

8.8
2024-08-12 CVE-2024-42627 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3.

8.8
2024-08-12 CVE-2024-39091 Annke OS Command Injection vulnerability in Annke Crater 2 Firmware 5.4.1.221222153318

An OS command injection vulnerability in the ccm_debug component of MIPC Camera firmware prior to v5.4.1.240424171021 allows attackers within the same network to execute arbitrary code via a crafted HTML request.

8.8
2024-08-12 CVE-2024-42489 Xwiki Injection vulnerability in Xwiki PRO Macros

Pro Macros provides XWiki rendering macros.

8.8
2024-08-12 CVE-2024-42628 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3.

8.8
2024-08-12 CVE-2024-42629 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10.

8.8
2024-08-12 CVE-2024-42630 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_file.

8.8
2024-08-12 CVE-2024-42631 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1.

8.8
2024-08-12 CVE-2024-42632 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add.

8.8
2024-08-12 CVE-2024-0113 Nvidia Path Traversal vulnerability in Nvidia products

NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI.

8.8
2024-08-12 CVE-2024-21879 Enphase OS Command Injection vulnerability in Enphase IQ Gateway Firmware

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225.

8.8
2024-08-12 CVE-2024-36034 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus

Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.

8.8
2024-08-12 CVE-2024-36035 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus

Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.

8.8
2024-08-12 CVE-2024-40475 Mayurik Unspecified vulnerability in Mayurik Best House Rental Management System 1.0

SourceCodester Best House Rental Management System v1.0 is vulnerable to Incorrect Access Control via /rental/payment_report.php, /rental/balance_report.php, /rental/invoices.php, /rental/tenants.php, and /rental/users.php.

8.8
2024-08-12 CVE-2024-5487 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus

Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.

8.8
2024-08-12 CVE-2024-5527 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus

Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.

8.8
2024-08-12 CVE-2024-7272 Ffmpeg Out-of-bounds Write vulnerability in Ffmpeg

A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5.

8.8
2024-08-12 CVE-2024-7557 Redhat Unspecified vulnerability in Redhat Openshift AI and Openshift Data Science

A vulnerability was found in OpenShift AI that allows for authentication bypass and privilege escalation across models within the same namespace.

8.8
2024-08-12 CVE-2024-7661 Oretnom23 Cross-Site Request Forgery (CSRF) vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability was found in SourceCodester Car Driving School Management System 1.0.

8.8
2024-08-13 CVE-2024-6788 A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password.
8.6
2024-08-12 CVE-2024-40500 Scilico Cross-site Scripting vulnerability in Scilico I-Librarian

Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component.

8.6
2024-08-12 CVE-2024-29082 Vonets Improper Access Control vulnerability in Vonets products

Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints.

8.6
2024-08-14 CVE-2024-39825 Zoom Out-of-bounds Write vulnerability in Zoom products

Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access.

8.5
2024-08-14 CVE-2024-39401 Adobe OS Command Injection vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker.

8.4
2024-08-14 CVE-2024-39402 Adobe OS Command Injection vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker.

8.4
2024-08-12 CVE-2024-38218 Microsoft Edge (HTML-based) Memory Corruption Vulnerability
8.4
2024-08-16 CVE-2024-43472 Microsoft Unspecified vulnerability in Microsoft Edge Chromium

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

8.3
2024-08-15 CVE-2024-7868 Xpdfreader Use of Uninitialized Resource vulnerability in Xpdfreader Xpdf

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder.

8.2
2024-08-14 CVE-2024-28947 Intel Unspecified vulnerability in Intel Server Board S2600St Firmware

Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access.

8.2
2024-08-14 CVE-2024-34163 Intel Unspecified vulnerability in Intel products

Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access.

8.2
2024-08-13 CVE-2024-38211 Microsoft Cross-site Scripting vulnerability in Microsoft Dynamics 365 9.1

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

8.2
2024-08-13 CVE-2024-42374 SAP XML Injection (aka Blind XPath Injection) vulnerability in SAP BEX web Java Runtime Export web Service

BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted from an untrusted source.

8.2
2024-08-17 CVE-2023-0714 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type validation in versions up to, and including, 3.2.4.
8.1
2024-08-15 CVE-2024-7624 The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 3.3.101.
8.1
2024-08-15 CVE-2024-7628 The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.15.2.
8.1
2024-08-14 CVE-2024-39400 Adobe Cross-site Scripting vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability.

8.1
2024-08-13 CVE-2024-7570 Ivanti Improper Certificate Validation vulnerability in Ivanti Neurons for Itsm 2023.2/2023.3/2023.4

Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user.

8.1
2024-08-13 CVE-2024-29995 Microsoft Unspecified vulnerability in Microsoft products

Windows Kerberos Elevation of Privilege Vulnerability

8.1
2024-08-12 CVE-2024-41651 Prestashop Server-Side Request Forgery (SSRF) vulnerability in Prestashop

An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality.

8.1
2024-08-12 CVE-2024-30188 Apache Unspecified vulnerability in Apache Dolphinscheduler

File read and write vulnerability in Apache DolphinScheduler ,  authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2. Users are recommended to upgrade to version 3.2.2, which fixes the issue.

8.1
2024-08-12 CVE-2024-42163 Fiware Inadequate Encryption Strength vulnerability in Fiware Keyrock

Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to take over the account of any user by predicting the token for the password reset link.

8.1
2024-08-12 CVE-2024-7589 Freebsd Race Condition vulnerability in Freebsd

A signal handler in sshd(8) may call a logging function that is not async-signal-safe.

8.1
2024-08-13 CVE-2024-41977 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1).

8.0
2024-08-12 CVE-2024-40476 Mayurik Cross-Site Request Forgery (CSRF) vulnerability in Mayurik Best House Rental Management 1.0

A Cross-Site Request Forgery (CSRF) vulnerability was found in SourceCodester Best House Rental Management System v1.0.

8.0
2024-08-14 CVE-2024-25576 Intel Unspecified vulnerability in Intel Agilex 7 Fpga Firmware

improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow a privileged user to enable escalation of privilege via local access.

7.9
2024-08-17 CVE-2024-43825 Linux Out-of-bounds Write vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: iio: Fix the sorting functionality in iio_gts_build_avail_time_table The sorting in iio_gts_build_avail_time_table is not working as intended. It could result in an out-of-bounds access when the time is zero. Here are more details: 1.

7.8
2024-08-17 CVE-2024-43839 Linux Out-of-bounds Write vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures To have enough space to write all possible sprintf() args.

7.8
2024-08-17 CVE-2024-43842 Linux Improper Validation of Array Index vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size. But then 'rate->he_gi' is used as array index instead of 'status->he_gi'. This can lead to go beyond array boundaries in case of 'rate->he_gi' is not equal to 'status->he_gi' and is bigger than array size.

7.8
2024-08-17 CVE-2024-43843 Linux Incorrect Calculation of Buffer Size vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix out-of-bounds issue when preparing trampoline image We get the size of the trampoline image during the dry run phase and allocate memory based on that size.

7.8
2024-08-17 CVE-2024-43852 Linux Off-by-one Error vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order conditions to fix off by one bug LTC2991_T_INT_CH_NR is 4.

7.8
2024-08-17 CVE-2024-43858 Linux Improper Validation of Array Index vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree

7.8
2024-08-17 CVE-2024-42271 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->path is used as indicator whether somebody else is taking care of severing the path (or it is already removed / never existed). This needs to be done with atomic compare and swap, otherwise there is a small window where iucv_sock_close() will try to work with a path that has already been severed and freed by iucv_callback_connrej() called by iucv_tasklet_fn(). Example: [452744.123844] Call Trace: [452744.123845] ([<0000001e87f03880>] 0x1e87f03880) [452744.123966] [<00000000d593001e>] iucv_path_sever+0x96/0x138 [452744.124330] [<000003ff801ddbca>] iucv_sever_path+0xc2/0xd0 [af_iucv] [452744.124336] [<000003ff801e01b6>] iucv_sock_close+0xa6/0x310 [af_iucv] [452744.124341] [<000003ff801e08cc>] iucv_sock_release+0x3c/0xd0 [af_iucv] [452744.124345] [<00000000d574794e>] __sock_release+0x5e/0xe8 [452744.124815] [<00000000d5747a0c>] sock_close+0x34/0x48 [452744.124820] [<00000000d5421642>] __fput+0xba/0x268 [452744.124826] [<00000000d51b382c>] task_work_run+0xbc/0xf0 [452744.124832] [<00000000d5145710>] do_notify_resume+0x88/0x90 [452744.124841] [<00000000d5978096>] system_call+0xe2/0x2c8 [452744.125319] Last Breaking-Event-Address: [452744.125321] [<00000000d5930018>] iucv_path_sever+0x90/0x138 [452744.125324] [452744.125325] Kernel panic - not syncing: Fatal exception in interrupt Note that bh_lock_sock() is not serializing the tasklet context against process context, because the check for sock_owned_by_user() and corresponding handling is missing. Ideas for a future clean-up patch: A) Correct usage of bh_lock_sock() in tasklet context, as described in Re-enqueue, if needed.

7.8
2024-08-17 CVE-2024-42280 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp after calling dev_kfree_skb(*sp).

7.8
2024-08-17 CVE-2024-42284 Linux Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str() should return non-zero value if the UDP media address is invalid.

7.8
2024-08-17 CVE-2024-42285 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iw_conn_req_handler() associates a new struct rdma_id_private (conn_id) with an existing struct iw_cm_id (cm_id) as follows: conn_id->cm_id.iw = cm_id; cm_id->context = conn_id; cm_id->cm_handler = cma_iw_handler; rdma_destroy_id() frees both the cm_id and the struct rdma_id_private.

7.8
2024-08-17 CVE-2024-42301 Linux Improper Validation of Array Index vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I encountered during the actual issue: [ 66.575408s] [pid:5118,cpu4,QThread,4]Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: do_hardware_base_addr+0xcc/0xd0 [parport] [ 66.575408s] [pid:5118,cpu4,QThread,5]CPU: 4 PID: 5118 Comm: QThread Tainted: G S W O 5.10.97-arm64-desktop #7100.57021.2 [ 66.575439s] [pid:5118,cpu4,QThread,6]TGID: 5087 Comm: EFileApp [ 66.575439s] [pid:5118,cpu4,QThread,7]Hardware name: HUAWEI HUAWEI QingYun PGUX-W515x-B081/SP1PANGUXM, BIOS 1.00.07 04/29/2024 [ 66.575439s] [pid:5118,cpu4,QThread,8]Call trace: [ 66.575469s] [pid:5118,cpu4,QThread,9] dump_backtrace+0x0/0x1c0 [ 66.575469s] [pid:5118,cpu4,QThread,0] show_stack+0x14/0x20 [ 66.575469s] [pid:5118,cpu4,QThread,1] dump_stack+0xd4/0x10c [ 66.575500s] [pid:5118,cpu4,QThread,2] panic+0x1d8/0x3bc [ 66.575500s] [pid:5118,cpu4,QThread,3] __stack_chk_fail+0x2c/0x38 [ 66.575500s] [pid:5118,cpu4,QThread,4] do_hardware_base_addr+0xcc/0xd0 [parport]

7.8
2024-08-17 CVE-2024-42302 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpc_handler() awaits readiness of the secondary bus below the Downstream Port where the DPC event occurred.

7.8
2024-08-17 CVE-2024-42313 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding.

7.8
2024-08-17 CVE-2024-42314 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix extent map use-after-free when adding pages to compressed bio At add_ra_bio_pages() we are accessing the extent map to calculate 'add_size' after we dropped our reference on the extent map, resulting in a use-after-free.

7.8
2024-08-16 CVE-2024-2175 An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges.
7.8
2024-08-16 CVE-2024-4763 An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges to kernel.
7.8
2024-08-15 CVE-2024-43373 J4K0Xb Path Traversal vulnerability in J4K0Xb Webcrack

webcrack is a tool for reverse engineering javascript.

7.8
2024-08-15 CVE-2024-7262 Kingsoft Path Traversal vulnerability in Kingsoft WPS Office

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive spreadsheet document

7.8
2024-08-15 CVE-2024-7263 Kingsoft Path Traversal vulnerability in Kingsoft WPS Office

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough.

7.8
2024-08-15 CVE-2024-42679 Cysoft168 SQL Injection vulnerability in Cysoft168 Super Easy Enterprise Management System

SQL Injection vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the/ajax/Login.ashx component.

7.8
2024-08-14 CVE-2024-5915 Paloaltonetworks Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Globalprotect

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.

7.8
2024-08-14 CVE-2024-20789 Adobe Use After Free vulnerability in Adobe Dimension

Dimension versions 3.4.11 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-34117 Adobe Use After Free vulnerability in Adobe Photoshop

Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-34124 Adobe Out-of-bounds Write vulnerability in Adobe Dimension

Dimension versions 3.4.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-34133 Adobe Out-of-bounds Write vulnerability in Adobe Illustrator

Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39383 Adobe Use After Free vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39386 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39388 Adobe Use After Free vulnerability in Adobe Substance 3D Stager 2.0.1/2.1.3/3.0.2

Substance3D - Stager versions 3.0.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39389 Adobe Out-of-bounds Write vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39390 Adobe Out-of-bounds Write vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39391 Adobe Out-of-bounds Write vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39393 Adobe Out-of-bounds Read vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.

7.8
2024-08-14 CVE-2024-39394 Adobe Out-of-bounds Write vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39422 Adobe Use After Free vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39423 Adobe Out-of-bounds Write vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39424 Adobe Use After Free vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-39426 Adobe Out-of-bounds Read vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.

7.8
2024-08-14 CVE-2024-41830 Adobe Use After Free vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-41831 Adobe Use After Free vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-41840 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-41850 Adobe Out-of-bounds Write vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-41851 Adobe Integer Overflow or Wraparound vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-41852 Adobe Out-of-bounds Write vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-41853 Adobe Out-of-bounds Write vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-41856 Adobe Unspecified vulnerability in Adobe Illustrator

Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-41865 Adobe Untrusted Search Path vulnerability in Adobe Dimension

Dimension versions 3.4.11 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution.

7.8
2024-08-14 CVE-2024-23495 Intel Incorrect Default Permissions vulnerability in Intel Distribution for GDB and Oneapi Base Toolkit

Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-23907 Intel Uncontrolled Search Path Element vulnerability in Intel products

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-23908 Intel Incorrect Permission Assignment for Critical Resource vulnerability in Intel Flexlm License Daemons for Intel Fpga

Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-23909 Intel Uncontrolled Search Path Element vulnerability in Intel Field Programmable Gate Array Software Development KIT for Opencl

Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-24977 Intel Uncontrolled Search Path Element vulnerability in Intel License Manager for Flexim

Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-25561 Intel Incorrect Permission Assignment for Critical Resource vulnerability in Intel products

Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-26022 Intel Unspecified vulnerability in Intel Aptio V Uefi Firmware Integrator Tools

Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-26025 Intel Incorrect Default Permissions vulnerability in Intel Advisor and Oneapi Base Toolkit

Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-26027 Intel Uncontrolled Search Path Element vulnerability in Intel Simics Package Manager

Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-28046 Intel Uncontrolled Search Path Element vulnerability in Intel Graphics Performance Analyzers 21.2

Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-28887 Intel Uncontrolled Search Path Element vulnerability in Intel products

Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-29015 Intel Uncontrolled Search Path Element vulnerability in Intel Vtune Profiler 2017/2018/2019

Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-39283 Intel Unspecified vulnerability in Intel TDX Module Software

Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-08-14 CVE-2024-41858 Adobe Integer Overflow or Wraparound vulnerability in Adobe Incopy

InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-41864 Adobe Out-of-bounds Write vulnerability in Adobe Substance 3D Designer 12.4.0/13.1.0

Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-08-14 CVE-2024-38163 Windows Update Stack Elevation of Privilege Vulnerability
7.8
2024-08-13 CVE-2024-7738 Yzane Path Traversal vulnerability in Yzane Markdown PDF 1.5.0

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0.

7.8
2024-08-13 CVE-2024-38084 Microsoft Unspecified vulnerability in Microsoft Officeplus

Microsoft OfficePlus Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38098 Microsoft Unspecified vulnerability in Microsoft Azure Connected Machine Agent

Azure Connected Machine Agent Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38107 Microsoft Unspecified vulnerability in Microsoft products

Windows Power Dependency Coordinator Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38117 Microsoft Unspecified vulnerability in Microsoft products

NTFS Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38125 Microsoft Unspecified vulnerability in Microsoft products

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38127 Microsoft Unspecified vulnerability in Microsoft products

Windows Hyper-V Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38133 Microsoft Unspecified vulnerability in Microsoft products

Windows Kernel Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38134 Microsoft Out-of-bounds Read vulnerability in Microsoft products

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38135 Microsoft Unspecified vulnerability in Microsoft products

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38141 Microsoft Unspecified vulnerability in Microsoft products

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38142 Microsoft Unspecified vulnerability in Microsoft products

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38147 Microsoft Unspecified vulnerability in Microsoft products

Microsoft DWM Core Library Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38150 Microsoft Unspecified vulnerability in Microsoft products

Windows DWM Core Library Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38152 Microsoft Unspecified vulnerability in Microsoft products

Windows OLE Remote Code Execution Vulnerability

7.8
2024-08-13 CVE-2024-38153 Microsoft Unspecified vulnerability in Microsoft products

Windows Kernel Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38162 Microsoft Unspecified vulnerability in Microsoft Azure Connected Machine Agent

Azure Connected Machine Agent Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38169 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Office Visio Remote Code Execution Vulnerability

7.8
2024-08-13 CVE-2024-38171 Microsoft Unspecified vulnerability in Microsoft products

Microsoft PowerPoint Remote Code Execution Vulnerability

7.8
2024-08-13 CVE-2024-38172 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Office Long Term Servicing Channel

Microsoft Excel Remote Code Execution Vulnerability

7.8
2024-08-13 CVE-2024-38177 Microsoft Unspecified vulnerability in Microsoft APP Installer

Windows App Installer Spoofing Vulnerability

7.8
2024-08-13 CVE-2024-38184 Microsoft Unspecified vulnerability in Microsoft products

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38185 Microsoft Unspecified vulnerability in Microsoft products

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38186 Microsoft Unspecified vulnerability in Microsoft products

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38187 Microsoft Unspecified vulnerability in Microsoft products

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38191 Microsoft Unspecified vulnerability in Microsoft products

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38193 Microsoft Unspecified vulnerability in Microsoft products

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38195 Microsoft Unspecified vulnerability in Microsoft Azure Cyclecloud

Azure CycleCloud Remote Code Execution Vulnerability

7.8
2024-08-13 CVE-2024-38196 Microsoft Unspecified vulnerability in Microsoft products

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2024-38215 Microsoft Unspecified vulnerability in Microsoft products

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

7.8
2024-08-13 CVE-2022-27486 Fortinet OS Command Injection vulnerability in Fortinet Fortiddos and Fortiddos-F

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.4 allows an authenticated attacker to execute shell code as `root` via `execute` CLI commands.

7.8
2024-08-13 CVE-2024-21757 Fortinet Unspecified vulnerability in Fortinet Fortianalyzer and Fortimanager

A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup.

7.8
2024-08-13 CVE-2024-36398 Siemens Unspecified vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0

A vulnerability has been identified in SINEC NMS (All versions < V3.0).

7.8
2024-08-12 CVE-2024-27442 Zimbra Improper Handling of Exceptional Conditions vulnerability in Zimbra Collaboration

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0.

7.8
2024-08-14 CVE-2024-39399 Adobe Path Traversal vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read.

7.7
2024-08-14 CVE-2024-39403 Adobe Cross-site Scripting vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields.

7.6
2024-08-18 CVE-2024-6221 Corydolphin Unspecified vulnerability in Corydolphin Flask-Cors 4.0.1

A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default, without any configuration option.

7.5
2024-08-16 CVE-2024-7845 Tamparongj 03 SQL Injection vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical.

7.5
2024-08-15 CVE-2024-7843 Tamparongj 03 Unspecified vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0

A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0.

7.5
2024-08-15 CVE-2024-34727 Google Classic Buffer Overflow vulnerability in Google Android

In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow.

7.5
2024-08-15 CVE-2024-7841 Oretnom23 SQL Injection vulnerability in Oretnom23 Clinics Patient Management System 1.0

A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System 1.0.

7.5
2024-08-15 CVE-2024-7842 Tamparongj 03 Unspecified vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Graduate Tracer System 1.0.

7.5
2024-08-15 CVE-2024-42940 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function.

7.5
2024-08-15 CVE-2024-42941 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the wanmode parameter in the fromAdvSetWan function.

7.5
2024-08-15 CVE-2024-42942 Tendacn Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function.

7.5
2024-08-15 CVE-2024-42943 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function.

7.5
2024-08-15 CVE-2024-42944 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromNatlimit function.

7.5
2024-08-15 CVE-2024-42945 Tendacn Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromAddressNat function.

7.5
2024-08-15 CVE-2024-42946 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function.

7.5
2024-08-15 CVE-2024-42948 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function.

7.5
2024-08-15 CVE-2024-42949 Tendacn Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the qos parameter in the fromqossetting function.

7.5
2024-08-15 CVE-2024-42950 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in the fromSafeClientFilter function.

7.5
2024-08-15 CVE-2024-42951 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the mit_pptpusrpw parameter in the fromWizardHandle function.

7.5
2024-08-15 CVE-2024-42952 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromqossetting function.

7.5
2024-08-15 CVE-2024-42953 Tendacn Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPW parameter in the fromWizardHandle function.

7.5
2024-08-15 CVE-2024-42954 Tendacn Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function.

7.5
2024-08-15 CVE-2024-42955 Tenda Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408)

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function.

7.5
2024-08-15 CVE-2024-42968 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the Go parameter in the fromSafeUrlFilter function.

7.5
2024-08-15 CVE-2024-42969 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function.

7.5
2024-08-15 CVE-2024-42973 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSetlpBind function.

7.5
2024-08-15 CVE-2024-42974 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function.

7.5
2024-08-15 CVE-2024-42976 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function.

7.5
2024-08-15 CVE-2024-42977 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the qos parameter in the fromqossetting function.

7.5
2024-08-15 CVE-2024-42979 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ProtForm function.

7.5
2024-08-15 CVE-2024-42980 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function.

7.5
2024-08-15 CVE-2024-42981 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function.

7.5
2024-08-15 CVE-2024-42982 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function.

7.5
2024-08-15 CVE-2024-42983 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the pptpPPW parameter in the fromAdvSetWan function.

7.5
2024-08-15 CVE-2024-42984 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function.

7.5
2024-08-15 CVE-2024-42985 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromNatlimit function.

7.5
2024-08-15 CVE-2024-42986 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.1.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function.

7.5
2024-08-15 CVE-2024-42987 Tenda Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.1.35

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the modino parameter in the fromPptpUserAdd function.

7.5
2024-08-15 CVE-2024-7813 Prison Management System Project Insufficiently Protected Credentials vulnerability in Prison Management System Project Prison Management System 1.0

A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0.

7.5
2024-08-15 CVE-2024-7800 Oretnom23 SQL Injection vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability classified as critical has been found in SourceCodester Simple Online Bidding System 1.0.

7.5
2024-08-14 CVE-2024-27120 Celsiusbenelux Path Traversal vulnerability in Celsiusbenelux Comfortkey

A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux.

7.5
2024-08-14 CVE-2023-50314 IBM Unspecified vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks.

7.5
2024-08-14 CVE-2024-28799 IBM Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite

IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configurations, during back-end commands which may result in the unexpected disclosure of this information.

7.5
2024-08-14 CVE-2024-39778 F5 Unspecified vulnerability in F5 products

When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5
2024-08-14 CVE-2024-39792 F5 Operation on a Resource after Expiration or Release vulnerability in F5 Nginx Plus R30/R31/R32

When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5
2024-08-14 CVE-2024-41164 F5 NULL Pointer Dereference vulnerability in F5 products

When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5
2024-08-14 CVE-2024-41727 F5 Allocation of Resources Without Limits or Throttling vulnerability in F5 products

In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5
2024-08-14 CVE-2024-23499 Intel Unspecified vulnerability in Intel Ethernet 800 Series Controllers Driver

Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an unauthenticated user to potentially enable denial of service via network access.

7.5
2024-08-14 CVE-2024-7729 The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files.
7.5
2024-08-14 CVE-2024-36136 Ivanti Off-by-one Error vulnerability in Ivanti Avalanche

An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.

7.5
2024-08-14 CVE-2024-37399 Ivanti NULL Pointer Dereference vulnerability in Ivanti Avalanche

A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.

7.5
2024-08-14 CVE-2024-38653 Ivanti XXE vulnerability in Ivanti Avalanche

XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server.

7.5
2024-08-14 CVE-2024-7753 Oretnom23 Forced Browsing vulnerability in Oretnom23 Clinic'S Patient Management System 1.0

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0.

7.5
2024-08-14 CVE-2024-7754 Oretnom23 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0.

7.5
2024-08-13 CVE-2024-7750 Oretnom23 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0

A vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical.

7.5
2024-08-13 CVE-2024-7751 Oretnom23 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0 and classified as critical.

7.5
2024-08-13 CVE-2024-37968 Microsoft Unspecified vulnerability in Microsoft products

Windows DNS Spoofing Vulnerability

7.5
2024-08-13 CVE-2024-38126 Microsoft Unspecified vulnerability in Microsoft products

Windows Network Address Translation (NAT) Denial of Service Vulnerability

7.5
2024-08-13 CVE-2024-38132 Microsoft Unspecified vulnerability in Microsoft products

Windows Network Address Translation (NAT) Denial of Service Vulnerability

7.5
2024-08-13 CVE-2024-38138 Microsoft Unspecified vulnerability in Microsoft products

Windows Deployment Services Remote Code Execution Vulnerability

7.5
2024-08-13 CVE-2024-38145 Microsoft Unspecified vulnerability in Microsoft products

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

7.5
2024-08-13 CVE-2024-38146 Microsoft Unspecified vulnerability in Microsoft products

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

7.5
2024-08-13 CVE-2024-38148 Microsoft Unspecified vulnerability in Microsoft products

Windows Secure Channel Denial of Service Vulnerability

7.5
2024-08-13 CVE-2024-38168 Microsoft Unspecified vulnerability in Microsoft .Net and Visual Studio 2022

.NET and Visual Studio Denial of Service Vulnerability

7.5
2024-08-13 CVE-2024-38178 Microsoft Unspecified vulnerability in Microsoft products

Scripting Engine Memory Corruption Vulnerability

7.5
2024-08-13 CVE-2024-38198 Microsoft Unspecified vulnerability in Microsoft products

Windows Print Spooler Elevation of Privilege Vulnerability

7.5
2024-08-13 CVE-2024-35124 IBM Missing Authentication for Critical Function vulnerability in IBM Openbmc

A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC.

7.5
2024-08-13 CVE-2024-40697 IBM Weak Password Requirements vulnerability in IBM Common Licensing 9.0

IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

7.5
2024-08-13 CVE-2024-41681 Siemens Inadequate Encryption Strength vulnerability in Siemens Location Intelligence

A vulnerability has been identified in Location Intelligence family (All versions < V4.4).

7.5
2024-08-13 CVE-2024-41904 Siemens Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Sinec Traffic Analyzer

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0).

7.5
2024-08-12 CVE-2024-37930 Theme Sphere Missing Authorization vulnerability in Theme-Sphere Smartmag

Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in ThemeSphere SmartMag allows Excavation, Accessing Functionality Not Properly Constrained by ACLs.This issue affects SmartMag: from n/a through 9.3.0.

7.5
2024-08-12 CVE-2024-42481 Skyport Resource Exhaustion vulnerability in Skyport Skyportd

Skyport Daemon (skyportd) is the daemon for the Skyport Panel.

7.5
2024-08-12 CVE-2024-42485 Pxlrbt Path Traversal vulnerability in Pxlrbt Filament Excel

Filament Excel enables excel export for Filament admin resources.

7.5
2024-08-12 CVE-2024-33535 Zimbra Path Traversal vulnerability in Zimbra Collaboration

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0.

7.5
2024-08-12 CVE-2024-42477 Ggerganov Memory Leak vulnerability in Ggerganov Llama.Cpp

llama.cpp provides LLM inference in C/C++.

7.5
2024-08-12 CVE-2024-39338 Axios Server-Side Request Forgery (SSRF) vulnerability in Axios 1.5.1

axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.

7.5
2024-08-12 CVE-2024-39815 Vonets Unspecified vulnerability in Vonets products

Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service.

7.5
2024-08-12 CVE-2024-41936 Vonets Path Traversal vulnerability in Vonets products

A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication.

7.5
2024-08-12 CVE-2024-42468 Openhab Path Traversal vulnerability in Openhab

openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu.

7.5
2024-08-12 CVE-2024-6760 Freebsd Unspecified vulnerability in Freebsd

A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which they would not otherwise have access, such as the local password database.

7.5
2024-08-12 CVE-2024-7006 Libtiff
Redhat
NULL Pointer Dereference vulnerability in multiple products

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`.

7.5
2024-08-12 CVE-2024-7399 Samsung Path Traversal vulnerability in Samsung Magicinfo 9 Server

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

7.5
2024-08-12 CVE-2024-7659 Projectsend Use of Insufficiently Random Values vulnerability in Projectsend

A vulnerability, which was classified as problematic, was found in projectsend up to r1605.

7.5
2024-08-12 CVE-2024-7693 Raidenmaild Path Traversal vulnerability in Raidenmaild

Raiden MAILD Remote Management System from Team Johnlong Software has a Relative Path Traversal vulnerability, allowing unauthenticated remote attackers to read arbitrary file on the remote server.

7.5
2024-08-12 CVE-2024-7697 Transsion Unspecified vulnerability in Transsion Carlcare 5.9.5

Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks.

7.5
2024-08-14 CVE-2024-39398 Adobe Improper Restriction of Excessive Authentication Attempts vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass.

7.4
2024-08-15 CVE-2024-7799 Oretnom23 Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0.

7.3
2024-08-14 CVE-2024-23489 Intel Uncontrolled Search Path Element vulnerability in Intel Virtual Raid on CPU 8.0.0.4035

Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.3
2024-08-14 CVE-2024-23491 Intel Uncontrolled Search Path Element vulnerability in Intel Distribution for GDB and Oneapi Base Toolkit

Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.3
2024-08-14 CVE-2024-28172 Intel Uncontrolled Search Path Element vulnerability in Intel Oneapi HPC Toolkit and Trace Analyzer and Collector

Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.3
2024-08-14 CVE-2024-28876 Intel Uncontrolled Search Path Element vulnerability in Intel MPI Library and Oneapi HPC Toolkit

Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.3
2024-08-18 CVE-2024-7917 Douco Unrestricted Upload of File with Dangerous Type vulnerability in Douco Douphp 1.7

A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822.

7.2
2024-08-18 CVE-2024-7910 Online Railway Reservation System Project Unrestricted Upload of File with Dangerous Type vulnerability in Online Railway Reservation System Project Online Railway Reservation System 1.0

A vulnerability was found in CodeAstro Online Railway Reservation System 1.0 and classified as critical.

7.2
2024-08-18 CVE-2024-7905 Dedebiz Unrestricted Upload of File with Dangerous Type vulnerability in Dedebiz 6.3.0

A vulnerability classified as critical has been found in DedeBIZ 6.3.0.

7.2
2024-08-17 CVE-2024-7899 Innocms Code Injection vulnerability in Innocms 0.3.1

A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1.

7.2
2024-08-17 CVE-2023-3416 The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'subscriptionCouponId' parameter via the 'create_stripe_subscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
7.2
2024-08-17 CVE-2022-1751 The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via the /image.php file.
7.2
2024-08-16 CVE-2024-7301 The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.24.8 due to insufficient input sanitization and output escaping.
7.2
2024-08-14 CVE-2024-37373 Ivanti Unspecified vulnerability in Ivanti Avalanche

Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE.

7.2
2024-08-13 CVE-2024-37287 Elastic Unspecified vulnerability in Elastic Kibana

A flaw allowing arbitrary code execution was discovered in Kibana.

7.2
2024-08-13 CVE-2024-41903 Siemens Unspecified vulnerability in Siemens Sinec Traffic Analyzer

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0).

7.2
2024-08-12 CVE-2024-21880 Enphase OS Command Injection vulnerability in Enphase IQ Gateway Firmware

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Enphase) allows OS Command Injection.This issue affects Envoy: 4.x <= 7.x

7.2
2024-08-12 CVE-2024-42166 Fiware OS Command Injection vulnerability in Fiware Keyrock

The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly.

7.2
2024-08-12 CVE-2024-42167 Fiware OS Command Injection vulnerability in Fiware Keyrock

The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly.

7.2
2024-08-12 CVE-2024-7694 Teamt5 Unrestricted Upload of File with Dangerous Type vulnerability in Teamt5 Threatsonar Anti-Ransomware

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files.

7.2
2024-08-13 CVE-2024-38170 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Office Long Term Servicing Channel

Microsoft Excel Remote Code Execution Vulnerability

7.1
2024-08-13 CVE-2024-38502 Pepperl Fuchs Cross-site Scripting vulnerability in Pepperl-Fuchs products

An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once.

7.1
2024-08-13 CVE-2024-5849 Pepperl Fuchs Cross-site Scripting vulnerability in Pepperl-Fuchs products

An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information from a user or reboot the affected device once.

7.1
2024-08-14 CVE-2024-39420 Adobe Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.21005, 24.001.30159, 20.005.30655, 24.002.20965, 24.002.20964, 24.001.30123, 24.003.20054 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to arbitrary code execution.

7.0
2024-08-14 CVE-2024-39425 Adobe Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation.

7.0
2024-08-13 CVE-2024-38106 Microsoft Unspecified vulnerability in Microsoft products

Windows Kernel Elevation of Privilege Vulnerability

7.0
2024-08-13 CVE-2024-38136 Microsoft Race Condition vulnerability in Microsoft products

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

7.0
2024-08-13 CVE-2024-38137 Microsoft Race Condition vulnerability in Microsoft products

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

7.0
2024-08-13 CVE-2024-38157 Microsoft Unspecified vulnerability in Microsoft Azure IOT HUB Device Client SDK

Azure IoT SDK Remote Code Execution Vulnerability

7.0
2024-08-13 CVE-2024-38158 Microsoft Unspecified vulnerability in Microsoft Azure IOT HUB Device Client SDK

Azure IoT SDK Remote Code Execution Vulnerability

7.0
2024-08-13 CVE-2024-38201 Microsoft Unspecified vulnerability in Microsoft Azure Stack HUB

Azure Stack Hub Elevation of Privilege Vulnerability

7.0

326 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-08-17 CVE-2023-5505 The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder.
6.8
2024-08-15 CVE-2024-42488 Cilium Race Condition vulnerability in Cilium

Cilium is a networking, observability, and security solution with an eBPF-based dataplane.

6.8
2024-08-15 CVE-2024-31798 Gncchome Use of Hard-coded Credentials vulnerability in Gncchome Gncc C2 Firmware

Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices

6.8
2024-08-15 CVE-2024-31800 Gncchome Improper Authentication vulnerability in Gncchome Gncc C2 Firmware

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port.

6.8
2024-08-14 CVE-2024-39406 Adobe Path Traversal vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read.

6.8
2024-08-13 CVE-2024-38161 Microsoft Unspecified vulnerability in Microsoft products

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

6.8
2024-08-13 CVE-2024-38223 Microsoft Unspecified vulnerability in Microsoft products

Windows Initial Machine Configuration Elevation of Privilege Vulnerability

6.8
2024-08-14 CVE-2024-42440 Zoom Unspecified vulnerability in Zoom products

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

6.7
2024-08-14 CVE-2024-42441 Zoom Unspecified vulnerability in Zoom products

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

6.7
2024-08-14 CVE-2024-38483 Dell Unspecified vulnerability in Dell products

Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component.

6.7
2024-08-13 CVE-2024-38173 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Outlook Remote Code Execution Vulnerability

6.7
2024-08-14 CVE-2024-25562 Intel Unspecified vulnerability in Intel Distribution for GDB and Oneapi Base Toolkit

Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.

6.6
2024-08-17 CVE-2022-4532 The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.
6.5
2024-08-16 CVE-2023-47728 IBM Information Exposure Through an Error Message vulnerability in IBM Cloud PAK for Security and Qradar Suite

IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the request.

6.5
2024-08-16 CVE-2024-4781 A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted.
6.5
2024-08-16 CVE-2024-4782 A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer's functionality until a manual system reboot occurs.
6.5
2024-08-16 CVE-2024-5209 A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted.
6.5
2024-08-16 CVE-2024-5210 A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted.
6.5
2024-08-16 CVE-2024-6004 A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted.
6.5
2024-08-16 CVE-2024-42463 Upkeeper Authorization Bypass Through User-Controlled Key vulnerability in Upkeeper Manager

Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9.

6.5
2024-08-16 CVE-2024-42464 Upkeeper Authorization Bypass Through User-Controlled Key vulnerability in Upkeeper Manager

Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9.

6.5
2024-08-15 CVE-2024-22217 Terminalfour Server-Side Request Forgery (SSRF) vulnerability in Terminalfour

A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on.

6.5
2024-08-15 CVE-2024-40705 IBM Unspecified vulnerability in IBM Infosphere Information Server 11.7/11.7.0.1/11.7.0.2

IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads.

6.5
2024-08-15 CVE-2024-6347 Nissan Global Unspecified vulnerability in Nissan-Global Blind Spot Detection Sensor ECU Firmware

* Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima (2022) allows attackers to trigger denial-of-service (DoS) by unauthorized access to the ECU's programming session. * No preconditions implemented for ECU management functionality through UDS session in the Blind Spot Detection Sensor ECU in Nissan Altima (2022) allows attackers to disrupt normal ECU operations by triggering a control command without authentication.

6.5
2024-08-15 CVE-2024-7420 Xyzscripts Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert PHP Code Snippet

The Insert PHP Code Snippet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6.

6.5
2024-08-14 CVE-2024-31882 IBM Injection vulnerability in IBM DB2

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user.

6.5
2024-08-14 CVE-2024-35136 IBM Unspecified vulnerability in IBM DB2

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default conditions.

6.5
2024-08-14 CVE-2024-35152 IBM Unspecified vulnerability in IBM DB2 11.5.8/11.5.9

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation.

6.5
2024-08-14 CVE-2024-37529 IBM Unspecified vulnerability in IBM DB2

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation.

6.5
2024-08-14 CVE-2024-39818 Zoom Insufficiently Protected Credentials vulnerability in Zoom products

Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access.

6.5
2024-08-14 CVE-2024-39822 Zoom Unspecified vulnerability in Zoom products

Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.

6.5
2024-08-14 CVE-2024-42436 Zoom Out-of-bounds Write vulnerability in Zoom products

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

6.5
2024-08-14 CVE-2024-42437 Zoom Out-of-bounds Write vulnerability in Zoom products

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

6.5
2024-08-14 CVE-2024-42438 Zoom Out-of-bounds Write vulnerability in Zoom products

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

6.5
2024-08-14 CVE-2024-42439 Zoom Untrusted Search Path vulnerability in Zoom products

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access.

6.5
2024-08-14 CVE-2024-25157 Fortra Improper Authentication vulnerability in Fortra Goanywhere Managed File Transfer

An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages.

6.5
2024-08-13 CVE-2024-38165 Microsoft Unspecified vulnerability in Microsoft Windows 11 22H2 and Windows 11 23H2

Windows Compressed Folder Tampering Vulnerability

6.5
2024-08-13 CVE-2024-38167 Microsoft Unspecified vulnerability in Microsoft .Net and Visual Studio 2022

.NET and Visual Studio Information Disclosure Vulnerability

6.5
2024-08-13 CVE-2024-38197 Microsoft Unspecified vulnerability in Microsoft Teams 5.12.1

Microsoft Teams for iOS Spoofing Vulnerability

6.5
2024-08-13 CVE-2024-38213 Microsoft Unspecified vulnerability in Microsoft products

Windows Mark of the Web Security Feature Bypass Vulnerability

6.5
2024-08-13 CVE-2024-38214 Microsoft Unspecified vulnerability in Microsoft products

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

6.5
2024-08-13 CVE-2024-41905 Siemens Unspecified vulnerability in Siemens Sinec Traffic Analyzer

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0).

6.5
2024-08-13 CVE-2024-41906 Siemens Unspecified vulnerability in Siemens Sinec Traffic Analyzer

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0).

6.5
2024-08-13 CVE-2024-41978 Siemens Information Exposure Through Log Files vulnerability in Siemens products

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1).

6.5
2024-08-13 CVE-2024-42376 SAP Missing Authorization vulnerability in SAP Shared Service Framework

SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges.

6.5
2024-08-12 CVE-2023-41884 Zoneminder SQL Injection vulnerability in Zoneminder

ZoneMinder is a free, open source Closed-circuit television software application.

6.5
2024-08-12 CVE-2024-42474 Snowflake Path Traversal vulnerability in Snowflake Streamlit

Streamlit is a data oriented application development framework for python.

6.5
2024-08-12 CVE-2024-7700 Theforeman Command Injection vulnerability in Theforeman Foreman

A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page.

6.5
2024-08-12 CVE-2024-42482 Fish Shop Unspecified vulnerability in Fish-Shop Syntax-Check

fish-shop/syntax-check is a GitHub action for syntax checking fish shell files.

6.5
2024-08-12 CVE-2024-21877 Enphase Path Traversal vulnerability in Enphase IQ Gateway Firmware

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability through a url parameter in Enphase IQ Gateway (formerly known as Envoy) allows File Manipulation.

6.5
2024-08-12 CVE-2024-38200 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Office Spoofing Vulnerability

6.5
2024-08-12 CVE-2024-41332 Oretnom23 Unspecified vulnerability in Oretnom23 Computer Laboratory Management System 1.0

Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories.

6.5
2024-08-12 CVE-2024-4359 The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 5.7.2 via the SVG widget and a lack of sufficient file validation in the render_svg function.
6.5
2024-08-12 CVE-2024-6758 Sprecher Automation Unspecified vulnerability in Sprecher-Automation products

Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.

6.5
2024-08-12 CVE-2024-7408 Airveda Cleartext Transmission of Sensitive Information vulnerability in Airveda Pm2.5 Pm10 Monitor Firmware

This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of sensitive information in plain text during AP pairing mode.

6.5
2024-08-12 CVE-2024-7662 Oretnom23 Cross-Site Request Forgery (CSRF) vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability was found in SourceCodester Car Driving School Management System 1.0.

6.5
2024-08-17 CVE-2024-7703 The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.37 due to insufficient input sanitization and output escaping.
6.4
2024-08-16 CVE-2024-7147 The JetBlocks for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple placeholder parameters in all versions up to, and including, 1.3.12 due to insufficient input sanitization and output escaping.
6.4
2024-08-15 CVE-2024-7064 The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping.
6.4
2024-08-14 CVE-2024-6532 The Sheet to Table Live Sync for Google Sheet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STWT_Sheet_Table shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes.
6.4
2024-08-13 CVE-2023-20578 AMD Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products

A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.

6.4
2024-08-13 CVE-2024-7247 The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Custom Gallery and Countdown widgets in all versions up to, and including, 5.7.2 due to insufficient input sanitization and output escaping on user supplied attributes.
6.4
2024-08-13 CVE-2024-7092 The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘no_more_items_text’ parameter in all versions up to, and including, 5.9.27 due to insufficient input sanitization and output escaping.
6.4
2024-08-12 CVE-2024-6639 The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdx_list_item' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes.
6.4
2024-08-12 CVE-2024-4360 The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 5.7.2 due to insufficient input sanitization and output escaping on user supplied attributes like 'title_tag'.
6.4
2024-08-13 CVE-2024-33005 SAP Missing Authorization vulnerability in SAP products

Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server can impersonate other users and may perform some unintended actions.

6.3
2024-08-15 CVE-2024-7867 Xpdfreader Integer Overflow or Wraparound vulnerability in Xpdfreader Xpdf

In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.

6.2
2024-08-18 CVE-2024-43313 Formfacade Cross-site Scripting vulnerability in Formfacade

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FormFacade allows Reflected XSS.This issue affects FormFacade: from n/a through 1.3.2.

6.1
2024-08-18 CVE-2024-43238 Getwemail Cross-site Scripting vulnerability in Getwemail Wemail

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs weMail allows Reflected XSS.This issue affects weMail: from n/a through 1.14.5.

6.1
2024-08-18 CVE-2024-43276 Orbisius Cross-site Scripting vulnerability in Orbisius Child Theme Creator

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Svetoslav Marinov (Slavi) Child Theme Creator allows Reflected XSS.This issue affects Child Theme Creator: from n/a through 1.5.4.

6.1
2024-08-18 CVE-2024-43327 Teleogistic Cross-site Scripting vulnerability in Teleogistic Invite Anyone

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7.

6.1
2024-08-18 CVE-2024-43330 Wpbeaveraddons Cross-site Scripting vulnerability in Wpbeaveraddons Powerpack Lite for Beaver Builder

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in IdeaBox Creations PowerPack for Beaver Builder allows Reflected XSS.This issue affects PowerPack for Beaver Builder: from n/a before 2.37.4.

6.1
2024-08-17 CVE-2024-7902 Public Knowledge Project Open Redirect vulnerability in Public Knowledge Project Open Journal Systems

A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic.

6.1
2024-08-17 CVE-2023-4507 The Admission AppManager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'q' parameter in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping.
6.1
2024-08-17 CVE-2023-4604 The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘post’ parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping.
6.1
2024-08-16 CVE-2024-43809 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page

6.1
2024-08-15 CVE-2024-27729 Friendica Cross-site Scripting vulnerability in Friendica 2023.12

Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature.

6.1
2024-08-15 CVE-2024-42678 Cysoft168 Cross-site Scripting vulnerability in Cysoft168 Super Easy Enterprise Management System

Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component.

6.1
2024-08-14 CVE-2024-42353 Pylonsproject Open Redirect vulnerability in Pylonsproject Webob

WebOb provides objects for HTTP requests and responses.

6.1
2024-08-14 CVE-2024-7752 Oretnom23 Cross-site Scripting vulnerability in Oretnom23 Clinic'S Patient Management System 1.0

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0.

6.1
2024-08-13 CVE-2024-7739 Yzane Cross-site Scripting vulnerability in Yzane Markdown PDF 1.5.0

A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0.

6.1
2024-08-13 CVE-2024-38501 Pepperl Fuchs Cross-site Scripting vulnerability in Pepperl-Fuchs products

An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device.

6.1
2024-08-12 CVE-2024-43358 Zoneminder Cross-site Scripting vulnerability in Zoneminder

ZoneMinder is a free, open source closed-circuit television software application.

6.1
2024-08-12 CVE-2024-43359 Zoneminder Cross-site Scripting vulnerability in Zoneminder

ZoneMinder is a free, open source closed-circuit television software application.

6.1
2024-08-12 CVE-2024-21550 Steve Community Cross-site Scripting vulnerability in Steve-Community Steve

SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central server for management of registered charge points.

6.1
2024-08-12 CVE-2024-27443 Zimbra Cross-site Scripting vulnerability in Zimbra Collaboration

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0.

6.1
2024-08-12 CVE-2024-0115 Nvidia Unspecified vulnerability in Nvidia Cv-Cuda

NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process.

6.1
2024-08-12 CVE-2024-40484 Phpgurukul Cross-site Scripting vulnerability in PHPgurukul OLD AGE Home Management System 1.0

A Reflected Cross Site Scripting (XSS) vulnerability was found in "/oahms/search.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter.

6.1
2024-08-12 CVE-2024-41481 Typora Cross-site Scripting vulnerability in Typora

Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the Mermaid component.

6.1
2024-08-12 CVE-2024-41482 Typora Cross-site Scripting vulnerability in Typora

Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the MathJax component.

6.1
2024-08-12 CVE-2024-7574 The Christmasify! plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.5.
6.1
2024-08-12 CVE-2024-7649 The Opal Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via checkout form fields in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping.
6.1
2024-08-12 CVE-2024-7660 Rems Cross-site Scripting vulnerability in Rems File Manager APP 1.0

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic.

6.1
2024-08-12 CVE-2024-7677 Oretnom23 Cross-site Scripting vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability was found in SourceCodester Car Driving School Management System 1.0.

6.1
2024-08-12 CVE-2024-7678 Oretnom23 Cross-site Scripting vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability was found in SourceCodester Car Driving School Management System 1.0.

6.1
2024-08-15 CVE-2024-31905 IBM Missing Encryption of Sensitive Data vulnerability in IBM Qradar Network Packet Capture 7.5.0

IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.

5.9
2024-08-14 CVE-2023-50315 IBM Unspecified vulnerability in IBM Websphere Application Server 8.5.0.0/9.0.0.0

IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks.

5.9
2024-08-14 CVE-2024-27267 IBM Unspecified vulnerability in IBM Java SDK

The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads.

5.9
2024-08-12 CVE-2024-41909 Apache Improper Validation of Integrity Check Value vulnerability in Apache Mina Sshd

Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795.

5.9
2024-08-17 CVE-2024-43817 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again 1.

5.5
2024-08-17 CVE-2024-43818 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: Adjust error handling in case of absent codec device acpi_get_first_physical_node() can return NULL in several cases (no such device, ACPI table error, reference count drop to 0, etc). Existing check just emit error message, but doesn't perform return. Then this NULL pointer is passed to devm_acpi_dev_add_driver_gpios() where it is dereferenced. Adjust this error handling by adding error code return. Found by Linux Verification Center (linuxtesting.org) with SVACE.

5.5
2024-08-17 CVE-2024-43819 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm->arch.gmap set to 0 and would thus result in a null pointer dereference further in. Memory management needs to be performed in userspace and using the ioctls KVM_S390_UCAS_MAP and KVM_S390_UCAS_UNMAP. Also improve s390 specific documentation for KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2. [[email protected]: commit message spelling fix, subject prefix fix]

5.5
2024-08-17 CVE-2024-43821 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference In function lpfc_xcvr_data_show, the memory allocation with kmalloc might fail, thereby making rdp_context a null pointer.

5.5
2024-08-17 CVE-2024-43822 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: ASoc: PCM6240: Return directly after a failed devm_kzalloc() in pcmdevice_i2c_probe() The value “-ENOMEM” was assigned to the local variable “ret” in one if branch after a devm_kzalloc() call failed at the beginning. This error code will trigger then a pcmdevice_remove() call with a passed null pointer so that an undesirable dereference will be performed. Thus return the appropriate error code directly.

5.5
2024-08-17 CVE-2024-43823 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() If IORESOURCE_MEM is not provided in Device Tree due to any error, resource_list_first_type() will return NULL and pci_parse_request_of_pci_ranges() will just emit a warning. This will cause a NULL pointer dereference.

5.5
2024-08-17 CVE-2024-43824 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() Instead of getting the epc_features from pci_epc_get_features() API, use the cached pci_epf_test::epc_features value to avoid the NULL check.

5.5
2024-08-17 CVE-2024-43827 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check before access structs In enable_phantom_plane, we should better check null pointer before accessing various structs.

5.5
2024-08-17 CVE-2024-43828 Linux Infinite Loop vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct.

5.5
2024-08-17 CVE-2024-43829 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Add check for drm_cvt_mode Add check for the return value of drm_cvt_mode() and return the error if it fails in order to avoid NULL pointer dereference.

5.5
2024-08-17 CVE-2024-43833 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2_async_create_ancillary_links(), ancillary links are created for lens and flash sub-devices.

5.5
2024-08-17 CVE-2024-43834 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of page_pool_destroy() If the driver uses a page pool, it creates a page pool with page_pool_create(). The reference count of page pool is 1 as default. A page pool will be destroyed only when a reference count reaches 0. page_pool_destroy() is used to destroy page pool, it decreases a reference count. When a page pool is destroyed, ->disconnect() is called, which is mem_allocator_disconnect(). This function internally acquires mutex_lock(). If the driver uses XDP, it registers a memory model with xdp_rxq_info_reg_mem_model(). The xdp_rxq_info_reg_mem_model() internally increases a page pool reference count if a memory model is a page pool. Now the reference count is 2. To destroy a page pool, the driver should call both page_pool_destroy() and xdp_unreg_mem_model(). The xdp_unreg_mem_model() internally calls page_pool_destroy(). Only page_pool_destroy() decreases a reference count. If a driver calls page_pool_destroy() then xdp_unreg_mem_model(), we will face an invalid wait context warning. Because xdp_unreg_mem_model() calls page_pool_destroy() with rcu_read_lock(). The page_pool_destroy() internally acquires mutex_lock(). Splat looks like: ============================= [ BUG: Invalid wait context ] 6.10.0-rc6+ #4 Tainted: G W ----------------------------- ethtool/1806 is trying to lock: ffffffff90387b90 (mem_id_lock){+.+.}-{4:4}, at: mem_allocator_disconnect+0x73/0x150 other info that might help us debug this: context-{5:5} 3 locks held by ethtool/1806: stack backtrace: CPU: 0 PID: 1806 Comm: ethtool Tainted: G W 6.10.0-rc6+ #4 f916f41f172891c800f2fed Hardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021 Call Trace: <TASK> dump_stack_lvl+0x7e/0xc0 __lock_acquire+0x1681/0x4de0 ? _printk+0x64/0xe0 ? __pfx_mark_lock.part.0+0x10/0x10 ? __pfx___lock_acquire+0x10/0x10 lock_acquire+0x1b3/0x580 ? mem_allocator_disconnect+0x73/0x150 ? __wake_up_klogd.part.0+0x16/0xc0 ? __pfx_lock_acquire+0x10/0x10 ? dump_stack_lvl+0x91/0xc0 __mutex_lock+0x15c/0x1690 ? mem_allocator_disconnect+0x73/0x150 ? __pfx_prb_read_valid+0x10/0x10 ? mem_allocator_disconnect+0x73/0x150 ? __pfx_llist_add_batch+0x10/0x10 ? console_unlock+0x193/0x1b0 ? lockdep_hardirqs_on+0xbe/0x140 ? __pfx___mutex_lock+0x10/0x10 ? tick_nohz_tick_stopped+0x16/0x90 ? __irq_work_queue_local+0x1e5/0x330 ? irq_work_queue+0x39/0x50 ? __wake_up_klogd.part.0+0x79/0xc0 ? mem_allocator_disconnect+0x73/0x150 mem_allocator_disconnect+0x73/0x150 ? __pfx_mem_allocator_disconnect+0x10/0x10 ? mark_held_locks+0xa5/0xf0 ? rcu_is_watching+0x11/0xb0 page_pool_release+0x36e/0x6d0 page_pool_destroy+0xd7/0x440 xdp_unreg_mem_model+0x1a7/0x2a0 ? __pfx_xdp_unreg_mem_model+0x10/0x10 ? kfree+0x125/0x370 ? bnxt_free_ring.isra.0+0x2eb/0x500 ? bnxt_free_mem+0x5ac/0x2500 xdp_rxq_info_unreg+0x4a/0xd0 bnxt_free_mem+0x1356/0x2500 bnxt_close_nic+0xf0/0x3b0 ? __pfx_bnxt_close_nic+0x10/0x10 ? ethnl_parse_bit+0x2c6/0x6d0 ? __pfx___nla_validate_parse+0x10/0x10 ? __pfx_ethnl_parse_bit+0x10/0x10 bnxt_set_features+0x2a8/0x3e0 __netdev_update_features+0x4dc/0x1370 ? ethnl_parse_bitset+0x4ff/0x750 ? __pfx_ethnl_parse_bitset+0x10/0x10 ? __pfx___netdev_update_features+0x10/0x10 ? mark_held_locks+0xa5/0xf0 ? _raw_spin_unlock_irqrestore+0x42/0x70 ? __pm_runtime_resume+0x7d/0x110 ethnl_set_features+0x32d/0xa20 To fix this problem, it uses rhashtable_lookup_fast() instead of rhashtable_lookup() with rcu_read_lock(). Using xa without rcu_read_lock() here is safe. xa is freed by __xdp_mem_allocator_rcu_free() and this is called by call_rcu() of mem_xa_remove(). The mem_xa_remove() is called by page_pool_destroy() if a reference count reaches 0. The xa is already protected by the reference count mechanism well in the control plane. So removing rcu_read_lock() for page_pool_destroy() is safe.

5.5
2024-08-17 CVE-2024-43835 In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix napi_skb_cache_put warning After the commit bdacf3e34945 ("net: Use nested-BH locking for napi_alloc_cache.") was merged, the following warning began to appear: WARNING: CPU: 5 PID: 1 at net/core/skbuff.c:1451 napi_skb_cache_put+0x82/0x4b0 __warn+0x12f/0x340 napi_skb_cache_put+0x82/0x4b0 napi_skb_cache_put+0x82/0x4b0 report_bug+0x165/0x370 handle_bug+0x3d/0x80 exc_invalid_op+0x1a/0x50 asm_exc_invalid_op+0x1a/0x20 __free_old_xmit+0x1c8/0x510 napi_skb_cache_put+0x82/0x4b0 __free_old_xmit+0x1c8/0x510 __free_old_xmit+0x1c8/0x510 __pfx___free_old_xmit+0x10/0x10 The issue arises because virtio is assuming it's running in NAPI context even when it's not, such as in the netpoll case. To resolve this, modify virtnet_poll_tx() to only set NAPI when budget is available.
5.5
2024-08-17 CVE-2024-43836 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: pse-pd: Fix possible null-deref Fix a possible null dereference when a PSE supports both c33 and PoDL, but only one of the netlink attributes is specified.

5.5
2024-08-17 CVE-2024-43837 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT When loading a EXT program without specifying `attr->attach_prog_fd`, the `prog->aux->dst_prog` will be null.

5.5
2024-08-17 CVE-2024-43838 Linux Integer Overflow or Wraparound vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: bpf: fix overflow check in adjust_jmp_off() adjust_jmp_off() incorrectly used the insn->imm field for all overflow check, which is incorrect as that should only be done or the BPF_JMP32 | BPF_JA case, not the general jump instruction case.

5.5
2024-08-17 CVE-2024-43840 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG When BPF_TRAMP_F_CALL_ORIG is set, the trampoline calls __bpf_tramp_enter() and __bpf_tramp_exit() functions, passing them the struct bpf_tramp_image *im pointer as an argument in R0. The trampoline generation code uses emit_addr_mov_i64() to emit instructions for moving the bpf_tramp_image address into R0, but emit_addr_mov_i64() assumes the address to be in the vmalloc() space and uses only 48 bits.

5.5
2024-08-17 CVE-2024-43844 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: wow: fix GTK offload H2C skbuff issue We mistakenly put skb too large and that may exceed skb->end. Therefore, we fix it. skbuff: skb_over_panic: text:ffffffffc09e9a9d len:416 put:204 head:ffff8fba04eca780 data:ffff8fba04eca7e0 tail:0x200 end:0x140 dev:<NULL> ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:192! invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 1 PID: 4747 Comm: kworker/u4:44 Tainted: G O 6.6.30-02659-gc18865c4dfbd #1 86547039b47e46935493f615ee31d0b2d711d35e Hardware name: HP Meep/Meep, BIOS Google_Meep.11297.262.0 03/18/2021 Workqueue: events_unbound async_run_entry_fn RIP: 0010:skb_panic+0x5d/0x60 Code: c6 63 8b 8f bb 4c 0f 45 f6 48 c7 c7 4d 89 8b bb 48 89 ce 44 89 d1 41 56 53 41 53 ff b0 c8 00 00 00 e8 27 5f 23 00 48 83 c4 20 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 RSP: 0018:ffffaa700144bad0 EFLAGS: 00010282 RAX: 0000000000000089 RBX: 0000000000000140 RCX: 14432c5aad26c900 RDX: 0000000000000000 RSI: 00000000ffffdfff RDI: 0000000000000001 RBP: ffffaa700144bae0 R08: 0000000000000000 R09: ffffaa700144b920 R10: 00000000ffffdfff R11: ffffffffbc28fbc0 R12: ffff8fba4e57a010 R13: 0000000000000000 R14: ffffffffbb8f8b63 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8fba7bd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007999c4ad1000 CR3: 000000015503a000 CR4: 0000000000350ee0 Call Trace: <TASK> ? __die_body+0x1f/0x70 ? die+0x3d/0x60 ? do_trap+0xa4/0x110 ? skb_panic+0x5d/0x60 ? do_error_trap+0x6d/0x90 ? skb_panic+0x5d/0x60 ? handle_invalid_op+0x30/0x40 ? skb_panic+0x5d/0x60 ? exc_invalid_op+0x3c/0x50 ? asm_exc_invalid_op+0x16/0x20 ? skb_panic+0x5d/0x60 skb_put+0x49/0x50 rtw89_fw_h2c_wow_gtk_ofld+0xbd/0x220 [rtw89_core 778b32de31cd1f14df2d6721ae99ba8a83636fa5] rtw89_wow_resume+0x31f/0x540 [rtw89_core 778b32de31cd1f14df2d6721ae99ba8a83636fa5] rtw89_ops_resume+0x2b/0xa0 [rtw89_core 778b32de31cd1f14df2d6721ae99ba8a83636fa5] ieee80211_reconfig+0x84/0x13e0 [mac80211 818a894e3b77da6298269c59ed7cdff065a4ed52] ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d] ? dev_printk_emit+0x51/0x70 ? _dev_info+0x6e/0x90 ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d] wiphy_resume+0x89/0x180 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d] ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d] dpm_run_callback+0x3c/0x140 device_resume+0x1f9/0x3c0 ? __pfx_dpm_watchdog_handler+0x10/0x10 async_resume+0x1d/0x30 async_run_entry_fn+0x29/0xd0 process_scheduled_works+0x1d8/0x3d0 worker_thread+0x1fc/0x2f0 kthread+0xed/0x110 ? __pfx_worker_thread+0x10/0x10 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x38/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 </TASK> Modules linked in: ccm 8021q r8153_ecm cdc_ether usbnet r8152 mii dm_integrity async_xor xor async_tx lz4 lz4_compress zstd zstd_compress zram zsmalloc uinput rfcomm cmac algif_hash rtw89_8922ae(O) algif_skcipher rtw89_8922a(O) af_alg rtw89_pci(O) rtw89_core(O) btusb(O) snd_soc_sst_bxt_da7219_max98357a btbcm(O) snd_soc_hdac_hdmi btintel(O) snd_soc_intel_hda_dsp_common snd_sof_probes btrtl(O) btmtk(O) snd_hda_codec_hdmi snd_soc_dmic uvcvideo videobuf2_vmalloc uvc videobuf2_memops videobuf2_v4l2 videobuf2_common snd_sof_pci_intel_apl snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_intel_hda soundwire_intel soundwire_generic_allocation snd_sof_intel_hda_mlink soundwire_cadence snd_sof_pci snd_sof_xtensa_dsp mac80211 snd_soc_acpi_intel_match snd_soc_acpi snd_sof snd_sof_utils soundwire_bus snd_soc_max98357a snd_soc_avs snd_soc_hda_codec snd_hda_ext_core snd_intel_dspcfg snd_intel_sdw_acpi snd_soc_da7219 snd_hda_codec snd_hwdep snd_hda_core veth ip6table_nat xt_MASQUERADE xt_cgroup fuse bluetooth ecdh_generic cfg80211 ecc gsmi: Log Shutdown ---truncated---

5.5
2024-08-17 CVE-2024-43846 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent object does not have a parent itself.

5.5
2024-08-17 CVE-2024-43848 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix TTLM teardown work The worker calculates the wrong sdata pointer, so if it ever runs, it'll crash.

5.5
2024-08-17 CVE-2024-43849 Linux Improper Locking vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locator_addr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locator_addr fields concurrently.

5.5
2024-08-17 CVE-2024-43850 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove The following warning is seen during bwmon_remove due to refcount imbalance, fix this by releasing the OPPs after use. Logs: WARNING: at drivers/opp/core.c:1640 _opp_table_kref_release+0x150/0x158 Hardware name: Qualcomm Technologies, Inc.

5.5
2024-08-17 CVE-2024-43851 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: soc: xilinx: rename cpu_number1 to dummy_cpu_number The per cpu variable cpu_number1 is passed to xlnx_event_handler as argument "dev_id", but it is not used in this function.

5.5
2024-08-17 CVE-2024-43853 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgroup_lock In the cgroup_path_ns function. 2.$cat /proc/<pid>/cpuset repeatly. 3.$mount -t cgroup -o cpuset cpuset /sys/fs/cgroup/cpuset/ $umount /sys/fs/cgroup/cpuset/ repeatly. The race that cause this bug can be shown as below: (umount) | (cat /proc/<pid>/cpuset) css_release | proc_cpuset_show css_release_work_fn | css = task_get_css(tsk, cpuset_cgrp_id); css_free_rwork_fn | cgroup_path_ns(css->cgroup, ...); cgroup_destroy_root | mutex_lock(&cgroup_mutex); rebind_subsystems | cgroup_free_root | | // cgrp was freed, UAF | cgroup_path_ns_locked(cgrp,..); When the cpuset is initialized, the root node top_cpuset.css.cgrp will point to &cgrp_dfl_root.cgrp.

5.5
2024-08-17 CVE-2024-43854 Linux Memory Leak vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being written media.

5.5
2024-08-17 CVE-2024-43855 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in progress.

5.5
2024-08-17 CVE-2024-43856 Linux Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devres_destroy() to remove and free the data structure used to track the DMA allocation.

5.5
2024-08-17 CVE-2024-43857 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null reference error when checking end of zone This patch fixes a potentially null pointer being accessed by is_end_zone_blkaddr() that checks the last block of a zone when f2fs is mounted as a single device.

5.5
2024-08-17 CVE-2024-43859 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate preallocated blocks in f2fs_file_open() chenyuwen reports a f2fs bug as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000011 fscrypt_set_bio_crypt_ctx+0x78/0x1e8 f2fs_grab_read_bio+0x78/0x208 f2fs_submit_page_read+0x44/0x154 f2fs_get_read_data_page+0x288/0x5f4 f2fs_get_lock_data_page+0x60/0x190 truncate_partial_data_page+0x108/0x4fc f2fs_do_truncate_blocks+0x344/0x5f0 f2fs_truncate_blocks+0x6c/0x134 f2fs_truncate+0xd8/0x200 f2fs_iget+0x20c/0x5ac do_garbage_collect+0x5d0/0xf6c f2fs_gc+0x22c/0x6a4 f2fs_disable_checkpoint+0xc8/0x310 f2fs_fill_super+0x14bc/0x1764 mount_bdev+0x1b4/0x21c f2fs_mount+0x20/0x30 legacy_get_tree+0x50/0xbc vfs_get_tree+0x5c/0x1b0 do_new_mount+0x298/0x4cc path_mount+0x33c/0x5fc __arm64_sys_mount+0xcc/0x15c invoke_syscall+0x60/0x150 el0_svc_common+0xb8/0xf8 do_el0_svc+0x28/0xa0 el0_svc+0x24/0x84 el0t_64_sync_handler+0x88/0xec It is because inode.i_crypt_info is not initialized during below path: - mount - f2fs_fill_super - f2fs_disable_checkpoint - f2fs_gc - f2fs_iget - f2fs_truncate So, let's relocate truncation of preallocated blocks to f2fs_file_open(), after fscrypt_file_open().

5.5
2024-08-17 CVE-2024-43860 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Skip over memory region when node value is NULL In imx_rproc_addr_init() "nph = of_count_phandle_with_args()" just counts number of phandles.

5.5
2024-08-17 CVE-2023-52889 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created.

5.5
2024-08-17 CVE-2024-42262 Linux Memory Leak vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 484de39fa5f5b7bd0c5f2e2c5265167250ef7501)

5.5
2024-08-17 CVE-2024-42263 Linux Memory Leak vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 753ce4fea62182c77e1691ab4f9022008f25b62e)

5.5
2024-08-17 CVE-2024-42268 Linux Improper Locking vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlink_remote_reload_actions_performed() which results in triggering lock assert like the following: WARNING: CPU: 4 PID: 1164 at net/devlink/core.c:261 devl_assert_locked+0x3e/0x50 … CPU: 4 PID: 1164 Comm: kworker/u96:6 Tainted: G S W 6.10.0-rc2+ #116 Hardware name: Supermicro SYS-2028TP-DECTR/X10DRT-PT, BIOS 2.0 12/18/2015 Workqueue: mlx5_fw_reset_events mlx5_sync_reset_reload_work [mlx5_core] RIP: 0010:devl_assert_locked+0x3e/0x50 … Call Trace: <TASK> ? __warn+0xa4/0x210 ? devl_assert_locked+0x3e/0x50 ? report_bug+0x160/0x280 ? handle_bug+0x3f/0x80 ? exc_invalid_op+0x17/0x40 ? asm_exc_invalid_op+0x1a/0x20 ? devl_assert_locked+0x3e/0x50 devlink_notify+0x88/0x2b0 ? mlx5_attach_device+0x20c/0x230 [mlx5_core] ? __pfx_devlink_notify+0x10/0x10 ? process_one_work+0x4b6/0xbb0 process_one_work+0x4b6/0xbb0 […]

5.5
2024-08-17 CVE-2024-42269 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). ip6table_nat_table_init() accesses net->gen->ptr[ip6table_nat_net_ops.id], but the function is exposed to user space before the entry is allocated via register_pernet_subsys(). Let's call register_pernet_subsys() before xt_register_template().

5.5
2024-08-17 CVE-2024-42270 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). We had a report that iptables-restore sometimes triggered null-ptr-deref at boot time.

5.5
2024-08-17 CVE-2024-42272 Linux Use of Uninitialized Resource vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: sched: act_ct: take care of padding in struct zones_ht_key Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zones_ht_key got a struct net pointer. Make sure rhashtable_lookup() is not using the padding bytes which are not initialized. BUG: KMSAN: uninit-value in rht_ptr_rcu include/linux/rhashtable.h:376 [inline] BUG: KMSAN: uninit-value in __rhashtable_lookup include/linux/rhashtable.h:607 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup include/linux/rhashtable.h:646 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline] BUG: KMSAN: uninit-value in tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329 rht_ptr_rcu include/linux/rhashtable.h:376 [inline] __rhashtable_lookup include/linux/rhashtable.h:607 [inline] rhashtable_lookup include/linux/rhashtable.h:646 [inline] rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline] tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329 tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408 tcf_action_init_1+0x6cc/0xb30 net/sched/act_api.c:1425 tcf_action_init+0x458/0xf00 net/sched/act_api.c:1488 tcf_action_add net/sched/act_api.c:2061 [inline] tc_ctl_action+0x4be/0x19d0 net/sched/act_api.c:2118 rtnetlink_rcv_msg+0x12fc/0x1410 net/core/rtnetlink.c:6647 netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2550 rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6665 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:745 ____sys_sendmsg+0x877/0xb60 net/socket.c:2597 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2651 __sys_sendmsg net/socket.c:2680 [inline] __do_sys_sendmsg net/socket.c:2689 [inline] __se_sys_sendmsg net/socket.c:2687 [inline] __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2687 x64_sys_call+0x2dd6/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Local variable key created at: tcf_ct_flow_table_get+0x4a/0x2260 net/sched/act_ct.c:324 tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408

5.5
2024-08-17 CVE-2024-42277 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en In sprd_iommu_cleanup() before calling function sprd_iommu_hw_en() dom->sdev is equal to NULL, which leads to null dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE.

5.5
2024-08-17 CVE-2024-42278 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data() This function has a reversed if statement so it's either a no-op or it leads to a NULL dereference.

5.5
2024-08-17 CVE-2024-42282 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: net: mediatek: Fix potential NULL pointer dereference in dummy net_device handling Move the freeing of the dummy net_device from mtk_free_dev() to mtk_remove(). Previously, if alloc_netdev_dummy() failed in mtk_probe(), eth->dummy_dev would be NULL.

5.5
2024-08-17 CVE-2024-42283 Linux Use of Uninitialized Resource vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage.

5.5
2024-08-17 CVE-2024-42286 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvme_local_port correctly The driver load failed with error message, qla2xxx [0000:04:00.0]-ffff:0: register_localport failed: ret=ffffffef and with a kernel crash, BUG: unable to handle kernel NULL pointer dereference at 0000000000000070 Workqueue: events_unbound qla_register_fcport_fn [qla2xxx] RIP: 0010:nvme_fc_register_remoteport+0x16/0x430 [nvme_fc] RSP: 0018:ffffaaa040eb3d98 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff9dfb46b78c00 RCX: 0000000000000000 RDX: ffff9dfb46b78da8 RSI: ffffaaa040eb3e08 RDI: 0000000000000000 RBP: ffff9dfb612a0a58 R08: ffffffffaf1d6270 R09: 3a34303a30303030 R10: 34303a303030305b R11: 2078787832616c71 R12: ffff9dfb46b78dd4 R13: ffff9dfb46b78c24 R14: ffff9dfb41525300 R15: ffff9dfb46b78da8 FS: 0000000000000000(0000) GS:ffff9dfc67c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000070 CR3: 000000018da10004 CR4: 00000000000206f0 Call Trace: qla_nvme_register_remote+0xeb/0x1f0 [qla2xxx] ? qla2x00_dfs_create_rport+0x231/0x270 [qla2xxx] qla2x00_update_fcport+0x2a1/0x3c0 [qla2xxx] qla_register_fcport_fn+0x54/0xc0 [qla2xxx] Exit the qla_nvme_register_remote() function when qla_nvme_register_hba() fails and correctly validate nvme_local_port.

5.5
2024-08-17 CVE-2024-42288 Linux Out-of-bounds Write vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly.

5.5
2024-08-17 CVE-2024-42289 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: During vport delete send async logout explicitly During vport delete, it is observed that during unload we hit a crash because of stale entries in outstanding command array.

5.5
2024-08-17 CVE-2024-42294 Linux Improper Locking vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0:0":7 blocked for more than 188 seconds. [ 2538.459427] Call trace: [ 2538.459430] __switch_to+0x174/0x338 [ 2538.459436] __schedule+0x628/0x9c4 [ 2538.459442] schedule+0x7c/0xe8 [ 2538.459447] schedule_preempt_disabled+0x24/0x40 [ 2538.459453] __mutex_lock+0x3ec/0xf04 [ 2538.459456] __mutex_lock_slowpath+0x14/0x24 [ 2538.459459] mutex_lock+0x30/0xd8 [ 2538.459462] del_gendisk+0xdc/0x350 [ 2538.459466] sd_remove+0x30/0x60 [ 2538.459470] device_release_driver_internal+0x1c4/0x2c4 [ 2538.459474] device_release_driver+0x18/0x28 [ 2538.459478] bus_remove_device+0x15c/0x174 [ 2538.459483] device_del+0x1d0/0x358 [ 2538.459488] __scsi_remove_device+0xa8/0x198 [ 2538.459493] scsi_forget_host+0x50/0x70 [ 2538.459497] scsi_remove_host+0x80/0x180 [ 2538.459502] usb_stor_disconnect+0x68/0xf4 [ 2538.459506] usb_unbind_interface+0xd4/0x280 [ 2538.459510] device_release_driver_internal+0x1c4/0x2c4 [ 2538.459514] device_release_driver+0x18/0x28 [ 2538.459518] bus_remove_device+0x15c/0x174 [ 2538.459523] device_del+0x1d0/0x358 [ 2538.459528] usb_disable_device+0x84/0x194 [ 2538.459532] usb_disconnect+0xec/0x300 [ 2538.459537] hub_event+0xb80/0x1870 [ 2538.459541] process_scheduled_works+0x248/0x4dc [ 2538.459545] worker_thread+0x244/0x334 [ 2538.459549] kthread+0x114/0x1bc [ 2538.461001] INFO: task "fsck.":15415 blocked for more than 188 seconds. [ 2538.461014] Call trace: [ 2538.461016] __switch_to+0x174/0x338 [ 2538.461021] __schedule+0x628/0x9c4 [ 2538.461025] schedule+0x7c/0xe8 [ 2538.461030] blk_queue_enter+0xc4/0x160 [ 2538.461034] blk_mq_alloc_request+0x120/0x1d4 [ 2538.461037] scsi_execute_cmd+0x7c/0x23c [ 2538.461040] ioctl_internal_command+0x5c/0x164 [ 2538.461046] scsi_set_medium_removal+0x5c/0xb0 [ 2538.461051] sd_release+0x50/0x94 [ 2538.461054] blkdev_put+0x190/0x28c [ 2538.461058] blkdev_release+0x28/0x40 [ 2538.461063] __fput+0xf8/0x2a8 [ 2538.461066] __fput_sync+0x28/0x5c [ 2538.461070] __arm64_sys_close+0x84/0xe8 [ 2538.461073] invoke_syscall+0x58/0x114 [ 2538.461078] el0_svc_common+0xac/0xe0 [ 2538.461082] do_el0_svc+0x1c/0x28 [ 2538.461087] el0_svc+0x38/0x68 [ 2538.461090] el0t_64_sync_handler+0x68/0xbc [ 2538.461093] el0t_64_sync+0x1a8/0x1ac T1: T2: sd_remove del_gendisk __blk_mark_disk_dead blk_freeze_queue_start ++q->mq_freeze_depth bdev_release mutex_lock(&disk->open_mutex) sd_release scsi_execute_cmd blk_queue_enter wait_event(!q->mq_freeze_depth) mutex_lock(&disk->open_mutex) SCSI does not set GD_OWNS_QUEUE, so QUEUE_FLAG_DYING is not set in this scenario.

5.5
2024-08-17 CVE-2024-42297 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fs_evict_inode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664 dispose_list fs/inode.c:697 [inline] evict_inodes+0x5f8/0x690 fs/inode.c:747 generic_shutdown_super+0x9d/0x2c0 fs/super.c:675 kill_block_super+0x44/0x90 fs/super.c:1667 kill_f2fs_super+0x303/0x3b0 fs/f2fs/super.c:4894 deactivate_locked_super+0xc1/0x130 fs/super.c:484 cleanup_mnt+0x426/0x4c0 fs/namespace.c:1256 task_work_run+0x24a/0x300 kernel/task_work.c:180 ptrace_notify+0x2cd/0x380 kernel/signal.c:2399 ptrace_report_syscall include/linux/ptrace.h:411 [inline] ptrace_report_syscall_exit include/linux/ptrace.h:473 [inline] syscall_exit_work kernel/entry/common.c:251 [inline] syscall_exit_to_user_mode_prepare kernel/entry/common.c:278 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline] syscall_exit_to_user_mode+0x15c/0x280 kernel/entry/common.c:296 do_syscall_64+0x50/0x110 arch/x86/entry/common.c:88 entry_SYSCALL_64_after_hwframe+0x63/0x6b The root cause is: - do_sys_open - f2fs_lookup - __f2fs_find_entry - f2fs_i_depth_write - f2fs_mark_inode_dirty_sync - f2fs_dirty_inode - set_inode_flag(inode, FI_DIRTY_INODE) - umount - kill_f2fs_super - kill_block_super - generic_shutdown_super - sync_filesystem : sb is readonly, skip sync_filesystem() - evict_inodes - iput - f2fs_evict_inode - f2fs_bug_on(sbi, is_inode_flag_set(inode, FI_DIRTY_INODE)) : trigger kernel panic When we try to repair i_current_depth in readonly filesystem, let's skip dirty inode to avoid panic in later f2fs_evict_inode().

5.5
2024-08-17 CVE-2024-42298 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value.

5.5
2024-08-17 CVE-2024-42307 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assumed 'serverclose_wq' could be null (see line 1895) The patch which introduced the serverclose workqueue used the wrong oredering in error paths in init_cifs() for freeing it on errors.

5.5
2024-08-17 CVE-2024-42309 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer dereference on failure of drm_mode_duplicate().

5.5
2024-08-17 CVE-2024-42310 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate().

5.5
2024-08-17 CVE-2024-42311 Linux Use of Uninitialized Resource vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ===================================================== BUG: KMSAN: uninit-value in hfs_revalidate_dentry+0x307/0x3f0 fs/hfs/sysdep.c:30 hfs_revalidate_dentry+0x307/0x3f0 fs/hfs/sysdep.c:30 d_revalidate fs/namei.c:862 [inline] lookup_fast+0x89e/0x8e0 fs/namei.c:1649 walk_component fs/namei.c:2001 [inline] link_path_walk+0x817/0x1480 fs/namei.c:2332 path_lookupat+0xd9/0x6f0 fs/namei.c:2485 filename_lookup+0x22e/0x740 fs/namei.c:2515 user_path_at_empty+0x8b/0x390 fs/namei.c:2924 user_path_at include/linux/namei.h:57 [inline] do_mount fs/namespace.c:3689 [inline] __do_sys_mount fs/namespace.c:3898 [inline] __se_sys_mount+0x66b/0x810 fs/namespace.c:3875 __x64_sys_mount+0xe4/0x140 fs/namespace.c:3875 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b BUG: KMSAN: uninit-value in hfs_ext_read_extent fs/hfs/extent.c:196 [inline] BUG: KMSAN: uninit-value in hfs_get_block+0x92d/0x1620 fs/hfs/extent.c:366 hfs_ext_read_extent fs/hfs/extent.c:196 [inline] hfs_get_block+0x92d/0x1620 fs/hfs/extent.c:366 block_read_full_folio+0x4ff/0x11b0 fs/buffer.c:2271 hfs_read_folio+0x55/0x60 fs/hfs/inode.c:39 filemap_read_folio+0x148/0x4f0 mm/filemap.c:2426 do_read_cache_folio+0x7c8/0xd90 mm/filemap.c:3553 do_read_cache_page mm/filemap.c:3595 [inline] read_cache_page+0xfb/0x2f0 mm/filemap.c:3604 read_mapping_page include/linux/pagemap.h:755 [inline] hfs_btree_open+0x928/0x1ae0 fs/hfs/btree.c:78 hfs_mdb_get+0x260c/0x3000 fs/hfs/mdb.c:204 hfs_fill_super+0x1fb1/0x2790 fs/hfs/super.c:406 mount_bdev+0x628/0x920 fs/super.c:1359 hfs_mount+0xcd/0xe0 fs/hfs/super.c:456 legacy_get_tree+0x167/0x2e0 fs/fs_context.c:610 vfs_get_tree+0xdc/0x5d0 fs/super.c:1489 do_new_mount+0x7a9/0x16f0 fs/namespace.c:3145 path_mount+0xf98/0x26a0 fs/namespace.c:3475 do_mount fs/namespace.c:3488 [inline] __do_sys_mount fs/namespace.c:3697 [inline] __se_sys_mount+0x919/0x9e0 fs/namespace.c:3674 __ia32_sys_mount+0x15b/0x1b0 fs/namespace.c:3674 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline] __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178 do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246 entry_SYSENTER_compat_after_hwframe+0x70/0x82 Uninit was created at: __alloc_pages+0x9a6/0xe00 mm/page_alloc.c:4590 __alloc_pages_node include/linux/gfp.h:238 [inline] alloc_pages_node include/linux/gfp.h:261 [inline] alloc_slab_page mm/slub.c:2190 [inline] allocate_slab mm/slub.c:2354 [inline] new_slab+0x2d7/0x1400 mm/slub.c:2407 ___slab_alloc+0x16b5/0x3970 mm/slub.c:3540 __slab_alloc mm/slub.c:3625 [inline] __slab_alloc_node mm/slub.c:3678 [inline] slab_alloc_node mm/slub.c:3850 [inline] kmem_cache_alloc_lru+0x64d/0xb30 mm/slub.c:3879 alloc_inode_sb include/linux/fs.h:3018 [inline] hfs_alloc_inode+0x5a/0xc0 fs/hfs/super.c:165 alloc_inode+0x83/0x440 fs/inode.c:260 new_inode_pseudo fs/inode.c:1005 [inline] new_inode+0x38/0x4f0 fs/inode.c:1031 hfs_new_inode+0x61/0x1010 fs/hfs/inode.c:186 hfs_mkdir+0x54/0x250 fs/hfs/dir.c:228 vfs_mkdir+0x49a/0x700 fs/namei.c:4126 do_mkdirat+0x529/0x810 fs/namei.c:4149 __do_sys_mkdirat fs/namei.c:4164 [inline] __se_sys_mkdirat fs/namei.c:4162 [inline] __x64_sys_mkdirat+0xc8/0x120 fs/namei.c:4162 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b It missed to initialize .tz_secondswest, .cached_start and .cached_blocks fields in struct hfs_inode_info after hfs_alloc_inode(), fix it.

5.5
2024-08-17 CVE-2024-42315 Linux Improper Locking vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set.

5.5
2024-08-17 CVE-2024-42316 Linux Divide By Zero vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressure_calc_level() evict_folios() uses a second pass to reclaim folios that have gone through page writeback and become clean before it finishes the first pass, since folio_rotate_reclaimable() cannot handle those folios due to the isolation. The second pass tries to avoid potential double counting by deducting scan_control->nr_scanned.

5.5
2024-08-17 CVE-2024-42320 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails.

5.5
2024-08-15 CVE-2024-7866 Xpdfreader Uncontrolled Recursion vulnerability in Xpdfreader Xpdf

In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.

5.5
2024-08-15 CVE-2024-42677 Isellerpal Unspecified vulnerability in Isellerpal Enterprise Resource Management System

An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker to obtain sensitive information via the /nssys/common/filehandle.

5.5
2024-08-15 CVE-2024-42680 Cysoft168 Path Traversal vulnerability in Cysoft168 Super Easy Enterprise Management System

An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark.

5.5
2024-08-15 CVE-2024-25024 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Cloud PAK for Security and Qradar Suite

IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user.

5.5
2024-08-14 CVE-2024-20790 Adobe Out-of-bounds Read vulnerability in Adobe Dimension

Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-34118 Adobe Unspecified vulnerability in Adobe Illustrator

Illustrator versions 28.5, 27.9.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to an application denial-of-service condition.

5.5
2024-08-14 CVE-2024-34125 Adobe Out-of-bounds Read vulnerability in Adobe Dimension

Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-34126 Adobe Out-of-bounds Read vulnerability in Adobe Dimension

Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-34127 Adobe Out-of-bounds Read vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-34134 Adobe Out-of-bounds Read vulnerability in Adobe Illustrator

Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-34135 Adobe Out-of-bounds Read vulnerability in Adobe Illustrator

Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-34136 Adobe NULL Pointer Dereference vulnerability in Adobe Illustrator

Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS).

5.5
2024-08-14 CVE-2024-34137 Adobe NULL Pointer Dereference vulnerability in Adobe Illustrator

Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition.

5.5
2024-08-14 CVE-2024-34138 Adobe NULL Pointer Dereference vulnerability in Adobe Illustrator

Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS).

5.5
2024-08-14 CVE-2024-39387 Adobe Out-of-bounds Read vulnerability in Adobe Bridge

Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-39395 Adobe NULL Pointer Dereference vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS).

5.5
2024-08-14 CVE-2024-41719 F5 Information Exposure Through Log Files vulnerability in F5 Big-Ip Next Central Manager

When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5 iHealth credentials will be logged in the BIG-IP Central Manager logs.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.5
2024-08-14 CVE-2024-41832 Adobe Out-of-bounds Read vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-41833 Adobe Out-of-bounds Read vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-41834 Adobe Out-of-bounds Read vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-41835 Adobe Out-of-bounds Read vulnerability in Adobe products

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-41854 Adobe Out-of-bounds Read vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-41866 Adobe NULL Pointer Dereference vulnerability in Adobe Indesign

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS).

5.5
2024-08-14 CVE-2024-42259 Linux Incorrect Calculation of Buffer Size vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset.

5.5
2024-08-14 CVE-2024-24580 Intel Unspecified vulnerability in Intel products

Improper conditions check in some Intel(R) Data Center GPU Max Series 1100 and 1550 products may allow a privileged user to potentially enable denial of service via local access.

5.5
2024-08-14 CVE-2024-27461 Intel Incorrect Default Permissions vulnerability in Intel Memory and Storage Tool GUI

Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access.

5.5
2024-08-14 CVE-2024-28050 Intel Unspecified vulnerability in Intel ARC a Graphics and Iris XE Graphics

Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access.

5.5
2024-08-14 CVE-2024-41860 Adobe Out-of-bounds Read vulnerability in Adobe Substance 3D Sampler 4.2.1

Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-41861 Adobe Out-of-bounds Read vulnerability in Adobe Substance 3D Sampler 4.2.1

Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-41862 Adobe Out-of-bounds Read vulnerability in Adobe Substance 3D Sampler 4.2.1

Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-14 CVE-2024-41863 Adobe Out-of-bounds Read vulnerability in Adobe Substance 3D Sampler 4.2.1

Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-08-13 CVE-2024-38118 Microsoft Use of Uninitialized Resource vulnerability in Microsoft products

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

5.5
2024-08-13 CVE-2024-38122 Microsoft Use of Uninitialized Resource vulnerability in Microsoft products

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

5.5
2024-08-13 CVE-2024-38151 Microsoft Unspecified vulnerability in Microsoft products

Windows Kernel Information Disclosure Vulnerability

5.5
2024-08-13 CVE-2024-38155 Microsoft Unspecified vulnerability in Microsoft products

Security Center Broker Information Disclosure Vulnerability

5.5
2024-08-13 CVE-2024-36505 Fortinet Unspecified vulnerability in Fortinet Fortios

An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.

5.5
2024-08-12 CVE-2024-42258 Linux Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1].

5.5
2024-08-18 CVE-2024-7916 Insurance Management System Project Cross-site Scripting vulnerability in Insurance Management System Project Insurance Management System 1.0

A vulnerability classified as problematic was found in nafisulbari/itsourcecode Insurance Management System 1.0.

5.4
2024-08-18 CVE-2024-7914 Oretnom23 Cross-site Scripting vulnerability in Oretnom23 Yoga Class Registration System 1.0

A vulnerability classified as problematic has been found in SourceCodester Yoga Class Registration System 1.0.

5.4
2024-08-18 CVE-2024-43308 Gutentor Cross-site Scripting vulnerability in Gutentor

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gutentor Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor allows Stored XSS.This issue affects Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor: from n/a through 3.3.5.

5.4
2024-08-18 CVE-2024-43309 Wpsocio Cross-site Scripting vulnerability in Wpsocio WP Telegram Widget and Join Link

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Socio WP Telegram Widget and Join Link allows Stored XSS.This issue affects WP Telegram Widget and Join Link: from n/a through 2.1.27.

5.4
2024-08-18 CVE-2024-43318 E2Pdf Cross-site Scripting vulnerability in E2Pdf

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in E2Pdf.Com allows Stored XSS.This issue affects e2pdf: from n/a through 1.25.05.

5.4
2024-08-18 CVE-2024-43329 Cpothemes Cross-site Scripting vulnerability in Cpothemes Allegiant

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Chill Allegiant allegiant allows Stored XSS.This issue affects Allegiant: from n/a through 1.2.7.

5.4
2024-08-18 CVE-2024-43335 Cyberchimps Cross-site Scripting vulnerability in Cyberchimps Responsive Blocks

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8.

5.4
2024-08-18 CVE-2024-43342 Bdthemes Cross-site Scripting vulnerability in Bdthemes Ultimate Store KIT

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.6.4.

5.4
2024-08-17 CVE-2024-7901 Scada LTS Cross-site Scripting vulnerability in Scada-Lts 2.7.8

A vulnerability has been found in Scada-LTS 2.7.8 and classified as problematic.

5.4
2024-08-16 CVE-2024-43381 Yogeshojha Cross-site Scripting vulnerability in Yogeshojha Rengine

reNgine is an automated reconnaissance framework for web applications.

5.4
2024-08-16 CVE-2024-43807 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page

5.4
2024-08-16 CVE-2024-43808 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin

5.4
2024-08-16 CVE-2024-43810 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin

5.4
2024-08-16 CVE-2024-7144 Crocoblock Cross-site Scripting vulnerability in Crocoblock Jetelements

The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'slide_id' parameters in all versions up to, and including, 2.6.20 due to insufficient input sanitization and output escaping.

5.4
2024-08-16 CVE-2024-7852 Oretnom23 Cross-site Scripting vulnerability in Oretnom23 Yoga Class Registration System 1.0

A vulnerability was found in SourceCodester Yoga Class Registration System 1.0 and classified as problematic.

5.4
2024-08-15 CVE-2024-7844 Tamparongj 03 Cross-site Scripting vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0

A vulnerability has been found in SourceCodester Online Graduate Tracer System 1.0 and classified as problematic.

5.4
2024-08-15 CVE-2024-6533 Monospace Cross-site Scripting vulnerability in Monospace Directus 10.13.0

Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client.

5.4
2024-08-15 CVE-2024-7812 Mayurik Cross-site Scripting vulnerability in Mayurik Best House Rental Management System 1.0

A vulnerability classified as problematic was found in SourceCodester Best House Rental Management System 1.0.

5.4
2024-08-14 CVE-2024-7793 Rems Cross-site Scripting vulnerability in Rems Task Progress Tracker 1.0

A vulnerability was found in SourceCodester Task Progress Tracker 1.0.

5.4
2024-08-14 CVE-2024-7790 Stitionai Cross-site Scripting vulnerability in Stitionai Devika

A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input.

5.4
2024-08-14 CVE-2024-39418 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

5.4
2024-08-13 CVE-2024-7749 Rems Cross-site Scripting vulnerability in Rems Accounts Manager APP 1.0

A vulnerability, which was classified as problematic, was found in SourceCodester Accounts Manager App 1.0.

5.4
2024-08-13 CVE-2024-7733 Xjd2020 Cross-site Scripting vulnerability in Xjd2020 Fastcms

A vulnerability, which was classified as problematic, was found in FastCMS up to 0.1.5.

5.4
2024-08-13 CVE-2024-41613 Symphony CMS Cross-site Scripting vulnerability in Symphony-Cms Symphony CMS 2.7.10

A Cross Site Scripting (XSS) vulnerability in Symphony CMS 2.7.10 allows remote attackers to inject arbitrary web script or HTML by editing note.

5.4
2024-08-13 CVE-2024-41907 Siemens Unspecified vulnerability in Siemens Sinec Traffic Analyzer

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0).

5.4
2024-08-13 CVE-2024-42373 SAP Missing Authorization vulnerability in SAP Student Life Cycle Management

SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges.

5.4
2024-08-13 CVE-2024-41732 SAP Unspecified vulnerability in SAP Netweaver Application Server Abap

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls.

5.4
2024-08-13 CVE-2024-41735 SAP Cross-site Scripting vulnerability in SAP Commerce Backoffice Hycom2205

SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability causing low impact on confidentiality and integrity of the application.

5.4
2024-08-12 CVE-2024-33533 Zimbra Cross-site Scripting vulnerability in Zimbra Collaboration

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, issue 1 of 2.

5.4
2024-08-12 CVE-2024-33536 Zimbra Cross-site Scripting vulnerability in Zimbra Collaboration

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0.

5.4
2024-08-12 CVE-2023-38018 IBM Session Fixation vulnerability in IBM Aspera Shares 1.10.0

IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system.

5.4
2024-08-12 CVE-2024-40473 Mayurik Cross-site Scripting vulnerability in Mayurik Best House Rental Management System 1.0

A Stored Cross Site Scripting (XSS) vulnerability was found in "manage_houses.php" in SourceCodester Best House Rental Management System v1.0.

5.4
2024-08-12 CVE-2024-40474 Mayurik Cross-site Scripting vulnerability in Mayurik Best House Rental Management System 1.0

A Reflected Cross Site Scripting (XSS) vulnerability was found in "edit-cate.php" in SourceCodester House Rental Management System v1.0.

5.4
2024-08-12 CVE-2024-40478 Jayesh Cross-site Scripting vulnerability in Jayesh Online Exam System 1.0

A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields

5.4
2024-08-12 CVE-2024-40481 Phpgurukul Cross-site Scripting vulnerability in PHPgurukul OLD AGE Home Management System 1.0

A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/view-enquiry.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page "message" parameter.

5.4
2024-08-12 CVE-2024-42165 Fiware Use of Insufficiently Random Values vulnerability in Fiware Keyrock

Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link.

5.4
2024-08-12 CVE-2024-7621 The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the process_wpfeedback_misc_options() function in all versions up to, and including, 4.0.2.
5.4
2024-08-12 CVE-2024-7644 Rems Cross-site Scripting vulnerability in Rems Leads Manager Tool 1.0

A vulnerability was found in SourceCodester Leads Manager Tool 1.0.

5.4
2024-08-12 CVE-2024-7645 Oretnom23 Cross-Site Request Forgery (CSRF) vulnerability in Oretnom23 Clinic'S Patient Management System 1.0

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0.

5.4
2024-08-12 CVE-2024-7657 Gilacms Cross-site Scripting vulnerability in Gilacms Gila CMS 1.10.9

A vulnerability classified as problematic was found in Gila CMS 1.10.9.

5.4
2024-08-12 CVE-2024-7683 Mayurik Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0

A vulnerability classified as problematic has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0.

5.4
2024-08-12 CVE-2024-7684 Mayurik Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0

A vulnerability classified as problematic was found in SourceCodester Kortex Lite Advocate Office Management System 1.0.

5.4
2024-08-12 CVE-2024-7685 Mayurik Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0

A vulnerability, which was classified as problematic, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0.

5.4
2024-08-12 CVE-2024-7686 Mayurik Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0

A vulnerability, which was classified as problematic, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0.

5.4
2024-08-18 CVE-2024-7912 Online Railway Reservation System Project Unspecified vulnerability in Online Railway Reservation System Project Online Railway Reservation System 1.0

A vulnerability was found in CodeAstro Online Railway Reservation System 1.0.

5.3
2024-08-17 CVE-2023-4024 Softlabbd Missing Authorization vulnerability in Softlabbd Radio Player

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73.

5.3
2024-08-17 CVE-2023-4025 Softlabbd Missing Authorization vulnerability in Softlabbd Radio Player

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73.

5.3
2024-08-17 CVE-2023-4027 Softlabbd Missing Authorization vulnerability in Softlabbd Radio Player

The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73.

5.3
2024-08-17 CVE-2023-4730 The LadiApp plugn for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init_endpoint() function hooked via 'init' in versions up to, and including, 4.3.
5.3
2024-08-16 CVE-2024-7630 The Relevanssi – A Better Search plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.22.2 via the relevanssi_do_query() due to insufficient limitations on the posts that are returned when searching.
5.3
2024-08-15 CVE-2024-7411 The Newsletters plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 4.9.9.
5.3
2024-08-15 CVE-2024-7809 Tamparongj 03 Unspecified vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0.

5.3
2024-08-14 CVE-2024-37028 F5 Improper Authentication vulnerability in F5 Big-Ip Next Central Manager

BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.3
2024-08-13 CVE-2024-7741 Ltcms Path Traversal vulnerability in Ltcms 1.0.20

A vulnerability was found in wanglongcn ltcms 1.0.20 and classified as critical.

5.3
2024-08-13 CVE-2024-6384 Mongodb Unspecified vulnerability in Mongodb

"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier.

5.3
2024-08-13 CVE-2024-3913 Phoenixcontact Files or Directories Accessible to External Parties vulnerability in Phoenixcontact products

An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.

5.3
2024-08-13 CVE-2024-41682 Siemens Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Location Intelligence

A vulnerability has been identified in Location Intelligence family (All versions < V4.4).

5.3
2024-08-13 CVE-2024-41683 Siemens Weak Password Requirements vulnerability in Siemens Location Intelligence

A vulnerability has been identified in Location Intelligence family (All versions < V4.4).

5.3
2024-08-13 CVE-2024-39591 SAP Missing Authorization vulnerability in SAP Document Builder

SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.

5.3
2024-08-13 CVE-2024-41733 SAP Unspecified vulnerability in SAP Commerce Comcloud2211/Hycom2205

In SAP Commerce, valid user accounts can be identified during the customer registration and login processes.

5.3
2024-08-12 CVE-2024-7705 Mainwww Unrestricted Upload of File with Dangerous Type vulnerability in Mainwww Mwcms 1.0.0

A vulnerability was found in Fujian mwcms 1.0.0.

5.3
2024-08-12 CVE-2024-41888 Apache Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used.

5.3
2024-08-12 CVE-2024-41890 Apache Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link.

5.3
2024-08-12 CVE-2024-6562 The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.5.
5.3
2024-08-12 CVE-2024-6759 Freebsd Path Traversal vulnerability in Freebsd

When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/".

5.3
2024-08-12 CVE-2024-7410 The My Custom CSS PHP & ADS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.3.
5.3
2024-08-12 CVE-2024-7412 The No Update Nag plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.12.
5.3
2024-08-12 CVE-2024-7413 The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.8.1.
5.3
2024-08-12 CVE-2024-7414 The PDF Builder for WPForms plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.116.
5.3
2024-08-12 CVE-2024-7416 The Reveal Template plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.7.
5.3
2024-08-12 CVE-2024-7658 Projectsend Authorization Bypass Through User-Controlled Key vulnerability in Projectsend

A vulnerability, which was classified as problematic, has been found in projectsend up to r1605.

5.3
2024-08-12 CVE-2024-7663 Oretnom23 SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability was found in SourceCodester Car Driving School Management System 1.0.

5.3
2024-08-12 CVE-2024-7666 Oretnom23 SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability, which was classified as critical, has been found in SourceCodester Car Driving School Management System 1.0.

5.3
2024-08-12 CVE-2024-7667 Oretnom23 SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability, which was classified as critical, was found in SourceCodester Car Driving School Management System 1.0.

5.3
2024-08-12 CVE-2024-7668 Oretnom23 SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability has been found in SourceCodester Car Driving School Management System 1.0 and classified as critical.

5.3
2024-08-12 CVE-2024-7669 Oretnom23 SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability was found in SourceCodester Car Driving School Management System 1.0 and classified as critical.

5.3
2024-08-12 CVE-2024-7676 Oretnom23 SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability was found in Sourcecodester Car Driving School Management System 1.0.

5.3
2024-08-13 CVE-2024-41737 SAP Server-Side Request Forgery (SSRF) vulnerability in SAP CRM Abap Insights Management

SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests.

5.0
2024-08-15 CVE-2024-40704 IBM Insufficiently Protected Credentials vulnerability in IBM Infosphere Information Server 11.7/11.7.0.1/11.7.0.2

IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers.

4.9
2024-08-14 CVE-2024-39823 Zoom Unspecified vulnerability in Zoom products

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

4.9
2024-08-14 CVE-2024-39824 Zoom Unspecified vulnerability in Zoom products

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

4.9
2024-08-14 CVE-2024-42434 Zoom Unspecified vulnerability in Zoom products

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

4.9
2024-08-14 CVE-2024-42435 Zoom Unspecified vulnerability in Zoom products

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

4.9
2024-08-18 CVE-2024-43324 Cleversoft Cross-site Scripting vulnerability in Cleversoft Clever Addons for Elementor

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CleverSoft Clever Addons for Elementor allows Stored XSS.This issue affects Clever Addons for Elementor: from n/a through 2.2.0.

4.8
2024-08-17 CVE-2024-7900 Tpmecms Cross-site Scripting vulnerability in Tpmecms 1.3.3.2

A vulnerability, which was classified as problematic, was found in xiaohe4966 TpMeCMS 1.3.3.2.

4.8
2024-08-15 CVE-2024-7814 Online Railway Reservation System Project Cross-site Scripting vulnerability in Online Railway Reservation System Project Online Railway Reservation System 1.0

A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservation System 1.0.

4.8
2024-08-15 CVE-2024-7815 Online Railway Reservation System Project Cross-site Scripting vulnerability in Online Railway Reservation System Project Online Railway Reservation System 1.0

A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic.

4.8
2024-08-13 CVE-2024-41614 Symphony CMS Cross-site Scripting vulnerability in Symphony-Cms Symphony CMS

symphonycms <=2.7.10 is vulnerable to Cross Site Scripting (XSS) in the Comment component for articles.

4.8
2024-08-13 CVE-2024-41774 IBM Cross-site Scripting vulnerability in IBM Common Licensing 9.0

IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting.

4.8
2024-08-12 CVE-2024-4350 Concretecms Cross-site Scripting vulnerability in Concretecms Concrete CMS

Concrete CMS versions 9.0.0 to 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in RSS Displayer when user input is stored and later embedded into responses.

4.8
2024-08-12 CVE-2024-7512 Concretecms Cross-site Scripting vulnerability in Concretecms Concrete CMS

Concrete CMS versions 9.0.0 through 9.3.2 are affected by a stored XSS vulnerability in Board instances.

4.8
2024-08-17 CVE-2024-42287 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Complete command early within lock A crash was observed while performing NPIV and FW reset, BUG: kernel NULL pointer dereference, address: 000000000000001c #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 1 PREEMPT_RT SMP NOPTI RIP: 0010:dma_direct_unmap_sg+0x51/0x1e0 RSP: 0018:ffffc90026f47b88 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000021 RCX: 0000000000000002 RDX: 0000000000000021 RSI: 0000000000000000 RDI: ffff8881041130d0 RBP: ffff8881041130d0 R08: 0000000000000000 R09: 0000000000000034 R10: ffffc90026f47c48 R11: 0000000000000031 R12: 0000000000000000 R13: 0000000000000000 R14: ffff8881565e4a20 R15: 0000000000000000 FS: 00007f4c69ed3d00(0000) GS:ffff889faac80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000000001c CR3: 0000000288a50002 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <TASK> ? __die_body+0x1a/0x60 ? page_fault_oops+0x16f/0x4a0 ? do_user_addr_fault+0x174/0x7f0 ? exc_page_fault+0x69/0x1a0 ? asm_exc_page_fault+0x22/0x30 ? dma_direct_unmap_sg+0x51/0x1e0 ? preempt_count_sub+0x96/0xe0 qla2xxx_qpair_sp_free_dma+0x29f/0x3b0 [qla2xxx] qla2xxx_qpair_sp_compl+0x60/0x80 [qla2xxx] __qla2x00_abort_all_cmds+0xa2/0x450 [qla2xxx] The command completion was done early while aborting the commands in driver unload path but outside lock to avoid the WARN_ON condition of performing dma_free_attr within the lock.

4.7
2024-08-17 CVE-2023-1604 The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8.
4.7
2024-08-14 CVE-2024-7347 F5 Out-of-bounds Read vulnerability in F5 Nginx Open Source and Nginx Plus

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file.

4.7
2024-08-15 CVE-2024-31799 Gncchome Cleartext Transmission of Sensitive Information vulnerability in Gncchome Gncc C2 Firmware

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port.

4.6
2024-08-16 CVE-2022-3399 The Cookie Notice & Compliance for GDPR / CCPA plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cookie_notice_options[refuse_code_head]' parameter in versions up to, and including, 2.4.17.1 due to insufficient input sanitization and output escaping.
4.4
2024-08-14 CVE-2024-5916 Paloaltonetworks Cleartext Storage of Sensitive Information vulnerability in Paloaltonetworks Pan-Os

An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems.

4.4
2024-08-13 CVE-2024-38123 Microsoft Unspecified vulnerability in Microsoft Windows 11 24H2

Windows Bluetooth Driver Information Disclosure Vulnerability

4.4
2024-08-12 CVE-2024-6691 The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the currency value in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping.
4.4
2024-08-17 CVE-2023-3408 Bricksbuilder Cross-Site Request Forgery (CSRF) vulnerability in Bricksbuilder Bricks

The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1.

4.3
2024-08-17 CVE-2023-3409 Bricksbuilder Cross-Site Request Forgery (CSRF) vulnerability in Bricksbuilder Bricks

The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1.

4.3
2024-08-16 CVE-2024-7422 The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7.
4.3
2024-08-16 CVE-2023-7049 The Custom Field For WP Job Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2 via the the 'cm_fieldshow' shortcode due to missing validation on the 'job_id' user controlled key.
4.3
2024-08-15 CVE-2024-42487 Cilium Interpretation Conflict vulnerability in Cilium 1.16.0

Cilium is a networking, observability, and security solution with an eBPF-based dataplane.

4.3
2024-08-15 CVE-2024-7063 The ElementsKit Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.6 via the 'render_raw' function.
4.3
2024-08-15 CVE-2024-6534 Monospace Authorization Bypass Through User-Controlled Key vulnerability in Monospace Directus 10.13.0

Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user.

4.3
2024-08-14 CVE-2024-41723 F5 Unspecified vulnerability in F5 products

Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

4.3
2024-08-14 CVE-2024-39404 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39405 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39407 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39408 Adobe Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changeson behalf of a user.

4.3
2024-08-14 CVE-2024-39409 Adobe Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user.

4.3
2024-08-14 CVE-2024-39410 Adobe Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user.

4.3
2024-08-14 CVE-2024-39411 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39412 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39413 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39414 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39415 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39416 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39417 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-14 CVE-2024-39419 Adobe Unspecified vulnerability in Adobe Commerce

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.

4.3
2024-08-13 CVE-2024-41941 Siemens Incorrect Authorization vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0

A vulnerability has been identified in SINEC NMS (All versions < V3.0).

4.3
2024-08-13 CVE-2024-41734 SAP Missing Authorization vulnerability in SAP Netweaver Application Server Abap

Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information.

4.3
2024-08-13 CVE-2024-28166 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business Objects Business Intelligence Platform 430/440/Enterprise420

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application.

4.3
2024-08-13 CVE-2024-41731 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business Objects Business Intelligence Platform 430/440/Enterprise420

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application.

4.3
2024-08-13 CVE-2024-41736 SAP Unspecified vulnerability in SAP Permit to Work Uis4Hop1800/Uis4Hop1900

Under certain conditions SAP Permit to Work allows an authenticated attacker to access information which would otherwise be restricted causing low impact on the confidentiality of the application.

4.3
2024-08-13 CVE-2024-42375 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business Objects Business Intelligence Platform 420/430/440

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application.

4.3
2024-08-13 CVE-2024-42377 SAP Missing Authorization vulnerability in SAP Shared Service Framework

SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the application

4.3
2024-08-12 CVE-2024-42164 Fiware Use of Insufficiently Random Values vulnerability in Fiware Keyrock

Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link.

4.3
2024-08-12 CVE-2024-7648 The Opal Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the private notes functionality on payments which utilizes WordPress comments.
4.3
2024-08-12 CVE-2024-7664 Oretnom23 SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability classified as critical has been found in SourceCodester Car Driving School Management System 1.0.

4.3
2024-08-12 CVE-2024-7665 Oretnom23 SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0

A vulnerability classified as critical was found in SourceCodester Car Driving School Management System 1.0.

4.3
2024-08-16 CVE-2024-7501 The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.7.
4.2
2024-08-13 CVE-2024-38143 Microsoft Unspecified vulnerability in Microsoft products

Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

4.2
2024-08-13 CVE-2022-38382 IBM Insufficient Session Expiration vulnerability in IBM Cloud PAK for Security and Qradar Suite

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated user to obtain sensitive information.

4.1
2024-08-13 CVE-2024-7388 The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping.
4.0

6 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-08-13 CVE-2024-41938 Siemens Path Traversal vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0

A vulnerability has been identified in SINEC NMS (All versions < V3.0).

3.8
2024-08-17 CVE-2024-43841 Linux Unspecified vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: avoid reporting connection success with wrong SSID When user issues a connection with a different SSID than the one virt_wifi has advertised, the __cfg80211_connect_result() will trigger the warning: WARN_ON(bss_not_found). The issue is because the connection code in virt_wifi does not check the SSID from user space (it only checks the BSSID), and virt_wifi will call cfg80211_connect_result() with WLAN_STATUS_SUCCESS even if the SSID is different from the one virt_wifi has advertised. Eventually cfg80211 won't be able to find the cfg80211_bss and generate the warning. Fixed it by checking the SSID (from user space) in the connection code.

3.3
2024-08-17 CVE-2024-43845 Linux Use of Uninitialized Resource vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: udf: Fix bogus checksum computation in udf_rename() Syzbot reports uninitialized memory access in udf_rename() when updating checksum of '..' directory entry of a moved directory.

3.3
2024-08-14 CVE-2024-24973 Intel Unspecified vulnerability in Intel Distribution for GDB and Oneapi Base Toolkit

Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.

3.3
2024-08-12 CVE-2024-6692 The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Agreement Text value in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping.
3.3
2024-08-12 CVE-2024-7706 Mainwww Unrestricted Upload of File with Dangerous Type vulnerability in Mainwww Mwcms 1.0.0

A vulnerability was found in Fujian mwcms 1.0.0.

2.7