Weekly Vulnerabilities Reports > August 12 to 18, 2024
Overview
746 new vulnerabilities reported during this period, including 100 critical vulnerabilities and 314 high severity vulnerabilities. This weekly summary report vulnerabilities in 568 products from 146 vendors including Microsoft, Adobe, Linux, Tenda, and Oretnom23. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "SQL Injection", "NULL Pointer Dereference", and "Path Traversal".
- 504 reported vulnerabilities are remotely exploitables.
- 213 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 384 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 84 reported vulnerabilities.
- Totolink has the most reported critical vulnerabilities, with 10 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
100 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-08-17 | CVE-2024-6500 | The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'parse_request' function in all versions up to, and including, 1.4.0 (for InPost for WooCommerce) as well as 1.4.4 (for InPost PL). | 10.0 | |
2024-08-12 | CVE-2024-42467 | Openhab | Unspecified vulnerability in Openhab web Interface openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 10.0 |
2024-08-12 | CVE-2024-42480 | Clastix | Unspecified vulnerability in Clastix Kamaji Kamaji is the Hosted Control Plane Manager for Kubernetes. | 9.9 |
2024-08-12 | CVE-2024-37023 | Vonets | Command Injection vulnerability in Vonets products Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. | 9.9 |
2024-08-18 | CVE-2024-7913 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez Billing System 1.0 A vulnerability was found in itsourcecode Billing System 1.0. | 9.8 |
2024-08-18 | CVE-2024-7911 | Oretnom23 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Oretnom23 Simple Online Bidding System 1.0 A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. | 9.8 |
2024-08-18 | CVE-2024-7909 | Totolink | Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023 A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical. | 9.8 |
2024-08-18 | CVE-2024-7908 | Totolink | Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023 A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. | 9.8 |
2024-08-18 | CVE-2024-7907 | Totolink | Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.852_20230719. | 9.8 |
2024-08-17 | CVE-2024-7898 | Tosei Corporation | Unspecified vulnerability in Tosei-Corporation Online Store Management System 4.0.2/4.0.3/4.0.4 A vulnerability classified as critical was found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04. | 9.8 |
2024-08-16 | CVE-2024-43042 | Pluck CMS | Improper Restriction of Excessive Authentication Attempts vulnerability in Pluck-Cms Pluck 4.7.18 Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack. | 9.8 |
2024-08-16 | CVE-2022-33162 | IBM | Unspecified vulnerability in IBM products IBM Security Directory Integrator 7.2.0 and Security Verify Directory Integrator 10.0.0 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources, at the privilege level of a standard unprivileged user. | 9.8 |
2024-08-16 | CVE-2024-42638 | H3C | Use of Hard-coded Credentials vulnerability in H3C Magic B1St Firmware 100R012 H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. | 9.8 |
2024-08-16 | CVE-2024-42462 | Upkeeper | Improper Authentication vulnerability in Upkeeper Manager Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Bypass.This issue affects upKeeper Manager: through 5.1.9. | 9.8 |
2024-08-16 | CVE-2024-42465 | Upkeeper | Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9. | 9.8 |
2024-08-16 | CVE-2024-42466 | Upkeeper | Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9. | 9.8 |
2024-08-16 | CVE-2024-7851 | Oretnom23 | Unspecified vulnerability in Oretnom23 Yoga Class Registration System 1.0 A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. | 9.8 |
2024-08-15 | CVE-2024-7839 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez Billing System 1.0 A vulnerability classified as critical has been found in itsourcecode Billing System 1.0. | 9.8 |
2024-08-15 | CVE-2024-7838 | Kevinwong | SQL Injection vulnerability in Kevinwong Online Food Ordering System 1.0 A vulnerability was found in itsourcecode Online Food Ordering System 1.0. | 9.8 |
2024-08-15 | CVE-2024-42843 | Projectworlds | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php. | 9.8 |
2024-08-15 | CVE-2024-42947 | Tenda | Unspecified vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows attackers to execute arbitrary commands via a crafted HTTP request. | 9.8 |
2024-08-15 | CVE-2024-42966 | Totolink | Unspecified vulnerability in Totolink N350Rt Firmware 9.3.5U.6139B20201216 Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh. | 9.8 |
2024-08-15 | CVE-2024-42967 | Totolink | Unspecified vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh. | 9.8 |
2024-08-15 | CVE-2024-42978 | Tenda | Unspecified vulnerability in Tenda Fh1206 Firmware V02.03.01.35 An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request. | 9.8 |
2024-08-15 | CVE-2024-7833 | Dlink | Command Injection vulnerability in Dlink Di-8100 Firmware 16.07 A vulnerability was found in D-Link DI-8100 16.07. | 9.8 |
2024-08-15 | CVE-2024-7828 | Dlink | Classic Buffer Overflow vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |
2024-08-15 | CVE-2024-7829 | Dlink | Classic Buffer Overflow vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |
2024-08-15 | CVE-2024-7830 | Dlink | Classic Buffer Overflow vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |
2024-08-15 | CVE-2024-7831 | Dlink | Classic Buffer Overflow vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. | 9.8 |
2024-08-15 | CVE-2024-7811 | Rems | SQL Injection vulnerability in Rems Daily Expenses Monitoring APP 1.0 A vulnerability classified as critical has been found in SourceCodester Daily Expenses Monitoring App 1.0. | 9.8 |
2024-08-15 | CVE-2024-7808 | Fabianros | SQL Injection vulnerability in Fabianros JOB Portal 1.0 A vulnerability was found in code-projects Job Portal 1.0. | 9.8 |
2024-08-15 | CVE-2024-7797 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Simple Online Bidding System 1.0 A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. | 9.8 |
2024-08-15 | CVE-2024-7798 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Simple Online Bidding System 1.0 A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. | 9.8 |
2024-08-14 | CVE-2024-7794 | Adrianmercurio | SQL Injection vulnerability in Adrianmercurio Vehicle Management System 1.0 A vulnerability was found in itsourcecode Vehicle Management System 1.0. | 9.8 |
2024-08-14 | CVE-2024-42360 | Wurmlab | Command Injection vulnerability in Wurmlab Sequenceserver SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use. | 9.8 |
2024-08-14 | CVE-2024-5914 | Paloaltonetworks | Command Injection vulnerability in Paloaltonetworks Cortex Xsoar Commonscripts A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container. | 9.8 |
2024-08-14 | CVE-2024-7731 | Secom | SQL Injection vulnerability in Secom Dr.Id Access Control 3.3.2 Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | 9.8 |
2024-08-14 | CVE-2024-7732 | Secom | SQL Injection vulnerability in Secom Dr.Id Attendance System 3.3.0.320160517/3.4.0.0.3.11 Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | 9.8 |
2024-08-13 | CVE-2024-28986 | Solarwinds | Deserialization of Untrusted Data vulnerability in Solarwinds web Help Desk SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. | 9.8 |
2024-08-13 | CVE-2024-7748 | Rems | SQL Injection vulnerability in Rems Accounts Manager APP 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Accounts Manager App 1.0. | 9.8 |
2024-08-13 | CVE-2024-7742 | Ltcms | Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20 A vulnerability was found in wanglongcn ltcms 1.0.20. | 9.8 |
2024-08-13 | CVE-2024-7743 | Ltcms | Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20 A vulnerability was found in wanglongcn ltcms 1.0.20. | 9.8 |
2024-08-13 | CVE-2024-7740 | Ltcms | Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20 A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. | 9.8 |
2024-08-13 | CVE-2024-7569 | Ivanti | Unspecified vulnerability in Ivanti Neurons for Itsm 2023.2/2023.3/2023.4 An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information. | 9.8 |
2024-08-13 | CVE-2024-7593 | Ivanti | Improper Authentication vulnerability in Ivanti Virtual Traffic Management Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. | 9.8 |
2024-08-13 | CVE-2024-38063 | Microsoft | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |
2024-08-13 | CVE-2024-38140 | Microsoft | Unspecified vulnerability in Microsoft products Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | 9.8 |
2024-08-13 | CVE-2024-38199 | Microsoft | Unspecified vulnerability in Microsoft products Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | 9.8 |
2024-08-13 | CVE-2024-7746 | Traccar | Improper Authentication vulnerability in Traccar Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism. These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability. | 9.8 |
2024-08-13 | CVE-2024-41623 | D3Dsecurity | Unspecified vulnerability in D3Dsecurity D8801 Firmware 9.1.17.1.420180428 An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload | 9.8 |
2024-08-13 | CVE-2024-41730 | SAP | Missing Authorization vulnerability in SAP Business Objects Business Intelligence Platform Enterprise430/Enterprise440 In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. | 9.8 |
2024-08-13 | CVE-2024-7707 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35 A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical. | 9.8 |
2024-08-12 | CVE-2024-43360 | Zoneminder | SQL Injection vulnerability in Zoneminder ZoneMinder is a free, open source closed-circuit television software application. | 9.8 |
2024-08-12 | CVE-2024-42546 | Totolink | Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504 TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function. | 9.8 |
2024-08-12 | CVE-2024-42547 | Totolink | Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504 TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function. | 9.8 |
2024-08-12 | CVE-2024-42543 | Totolink | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function. | 9.8 |
2024-08-12 | CVE-2024-42545 | Totolink | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function. | 9.8 |
2024-08-12 | CVE-2023-7249 | Opentext | Path Traversal vulnerability in Opentext Directory Services Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1. | 9.8 |
2024-08-12 | CVE-2024-38530 | Openeclass | Unrestricted Upload of File with Dangerous Type vulnerability in Openeclass The Open eClass platform (formerly known as GUnet eClass) is a complete Course Management System. | 9.8 |
2024-08-12 | CVE-2024-42478 | Ggerganov | Out-of-bounds Read vulnerability in Ggerganov Llama.Cpp llama.cpp provides LLM inference in C/C++. | 9.8 |
2024-08-12 | CVE-2024-42479 | Ggerganov | Out-of-bounds Write vulnerability in Ggerganov Llama.Cpp llama.cpp provides LLM inference in C/C++. | 9.8 |
2024-08-12 | CVE-2024-42520 | Totolink | Classic Buffer Overflow vulnerability in Totolink A3002R Firmware 4.0.0B20230531.1404 TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl. | 9.8 |
2024-08-12 | CVE-2024-6917 | Veribase | OS Command Injection vulnerability in Veribase Order Management Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection.This issue affects Veribase Order Management: before v4.010.2. | 9.8 |
2024-08-12 | CVE-2024-21878 | Enphase | OS Command Injection vulnerability in Enphase IQ Gateway Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. | 9.8 |
2024-08-12 | CVE-2024-39791 | Vonets | Out-of-bounds Write vulnerability in Vonets products Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code. | 9.8 |
2024-08-12 | CVE-2024-40472 | Rems | SQL Injection vulnerability in Rems Daily Calories Monitoring Tool 1.0 Sourcecodester Daily Calories Monitoring Tool v1.0 is vulnerable to SQL Injection via "delete-calorie.php." | 9.8 |
2024-08-12 | CVE-2024-40480 | Jayesh | Unspecified vulnerability in Jayesh Online Exam System 1.0 A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access. | 9.8 |
2024-08-12 | CVE-2024-41570 | Havocframework | Server-Side Request Forgery (SSRF) vulnerability in Havocframework Havoc An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. | 9.8 |
2024-08-12 | CVE-2024-42001 | Vonets | Forced Browsing vulnerability in Vonets products An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. | 9.8 |
2024-08-12 | CVE-2024-42469 | Openhab | Path Traversal vulnerability in Openhab openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 9.8 |
2024-08-12 | CVE-2024-42473 | Openfga | Incorrect Authorization vulnerability in Openfga 1.5.7/1.5.8 OpenFGA is an authorization/permission engine. | 9.8 |
2024-08-12 | CVE-2024-7503 | The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.5. | 9.8 | |
2024-08-12 | CVE-2024-7613 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 1.2.0.8(8155) A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. | 9.8 |
2024-08-12 | CVE-2024-7614 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 1.2.0.8(8155) A vulnerability was found in Tenda FH1206 1.2.0.8(8155). | 9.8 |
2024-08-12 | CVE-2024-7615 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 1.2.0.8(8155) A vulnerability was found in Tenda FH1206 1.2.0.8. | 9.8 |
2024-08-12 | CVE-2024-7616 | Edimax | Command Injection vulnerability in Edimax Ic-5150W Firmware and Ic-6220Dc Firmware A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. | 9.8 |
2024-08-12 | CVE-2024-7635 | Code Projects | SQL Injection vulnerability in Code-Projects Simple Ticket Booking 1.0 A vulnerability was found in code-projects Simple Ticket Booking 1.0. | 9.8 |
2024-08-12 | CVE-2024-7636 | Code Projects | SQL Injection vulnerability in Code-Projects Simple Ticket Booking 1.0 A vulnerability was found in code-projects Simple Ticket Booking 1.0. | 9.8 |
2024-08-12 | CVE-2024-7637 | Fabianros | SQL Injection vulnerability in Fabianros Online Polling 1.0 A vulnerability was found in code-projects Online Polling 1.0. | 9.8 |
2024-08-12 | CVE-2024-7638 | Mayurik | SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. | 9.8 |
2024-08-12 | CVE-2024-7639 | Mayurik | SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability classified as critical was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. | 9.8 |
2024-08-12 | CVE-2024-7640 | Mayurik | SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. | 9.8 |
2024-08-12 | CVE-2024-7641 | Mayurik | SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. | 9.8 |
2024-08-12 | CVE-2024-7642 | Mayurik | SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. | 9.8 |
2024-08-12 | CVE-2024-7643 | Rems | SQL Injection vulnerability in Rems Leads Manager Tool 1.0 A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. | 9.8 |
2024-08-12 | CVE-2024-7680 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0. | 9.8 |
2024-08-12 | CVE-2024-7681 | College Management System Project | SQL Injection vulnerability in College Management System Project College Management System 1.0 A vulnerability was found in code-projects College Management System 1.0. | 9.8 |
2024-08-12 | CVE-2024-7682 | Fabianros | SQL Injection vulnerability in Fabianros JOB Portal 1.0 A vulnerability was found in code-projects Job Portal 1.0. | 9.8 |
2024-08-13 | CVE-2024-38108 | Microsoft | Cross-site Scripting vulnerability in Microsoft Azure Stack HUB Azure Stack Hub Spoofing Vulnerability | 9.3 |
2024-08-15 | CVE-2024-43366 | Matter Labs | Infinite Loop vulnerability in Matter-Labs Zkvyper zkvyper is a Vyper compiler. | 9.1 |
2024-08-14 | CVE-2024-38652 | Ivanti | Path Traversal vulnerability in Ivanti Avalanche Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion. | 9.1 |
2024-08-13 | CVE-2024-38159 | Microsoft | Unspecified vulnerability in Microsoft Windows 10 1607 and Windows Server 2016 Windows Network Virtualization Remote Code Execution Vulnerability | 9.1 |
2024-08-13 | CVE-2024-38160 | Microsoft | Unspecified vulnerability in Microsoft Windows 10 1607 and Windows Server 2016 Windows Network Virtualization Remote Code Execution Vulnerability | 9.1 |
2024-08-13 | CVE-2024-41940 | Siemens | Unspecified vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0 A vulnerability has been identified in SINEC NMS (All versions < V3.0). | 9.1 |
2024-08-13 | CVE-2024-33003 | SAP | Unspecified vulnerability in SAP Commerce Cloud Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. | 9.1 |
2024-08-12 | CVE-2024-21876 | Enphase | Path Traversal vulnerability in Enphase IQ Gateway Firmware Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225. | 9.1 |
2024-08-12 | CVE-2024-42470 | Openhab | Missing Authorization vulnerability in Openhab openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 9.1 |
2024-08-14 | CVE-2024-39397 | Adobe | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. | 9.0 |
2024-08-13 | CVE-2023-26211 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortisoar An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web script or HTML via the Communications module. | 9.0 |
2024-08-12 | CVE-2024-38219 | Microsoft | Type Confusion vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 9.0 |
314 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-08-18 | CVE-2024-7906 | Dedebiz | Unrestricted Upload of File with Dangerous Type vulnerability in Dedebiz 6.3.0 A vulnerability classified as critical was found in DedeBIZ 6.3.0. | 8.8 |
2024-08-18 | CVE-2024-7904 | Dedebiz | Unrestricted Upload of File with Dangerous Type vulnerability in Dedebiz 6.3.0 A vulnerability was found in DedeBIZ 6.3.0. | 8.8 |
2024-08-18 | CVE-2024-7903 | Dedebiz | Unrestricted Upload of File with Dangerous Type vulnerability in Dedebiz 6.3.0 A vulnerability was found in DedeBIZ 6.3.0. | 8.8 |
2024-08-17 | CVE-2024-7897 | Tosei Corporation | Command Injection vulnerability in Tosei-Corporation Online Store Management System 4.0.2/4.0.3/4.0.4 A vulnerability classified as critical has been found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04. | 8.8 |
2024-08-17 | CVE-2024-7896 | Tosei Corporation | Command Injection vulnerability in Tosei-Corporation Online Store Management System 4.0.2/4.0.3/4.0.4 A vulnerability was found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04. | 8.8 |
2024-08-17 | CVE-2024-43847 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid memory access while processing fragmented packets The monitor ring and the reo reinject ring share the same ring mask index. When the driver receives an interrupt for the reo reinject ring, the monitor ring is also processed, leading to invalid memory access. | 8.8 |
2024-08-16 | CVE-2024-7145 | Crocoblock | Path Traversal vulnerability in Crocoblock Jetelements The JetElements plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.6.20 via the 'progress_type' parameter. | 8.8 |
2024-08-16 | CVE-2024-7146 | The JetTabs for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.3 via the 'switcher_preset' parameter. | 8.8 | |
2024-08-16 | CVE-2024-7853 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Yoga Class Registration System 1.0 A vulnerability was found in SourceCodester Yoga Class Registration System up to 1.0. | 8.8 |
2024-08-15 | CVE-2024-42681 | Xuxueli | Incorrect Default Permissions vulnerability in Xuxueli Xxl-Job 2.4.1 Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component. | 8.8 |
2024-08-15 | CVE-2024-42676 | Isellerpal | Unrestricted Upload of File with Dangerous Type vulnerability in Isellerpal Enterprise Resource Management System File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows a remote attacker to execute arbitrary code via the /nssys/common/Upload. | 8.8 |
2024-08-15 | CVE-2024-7832 | Dlink | Classic Buffer Overflow vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. | 8.8 |
2024-08-15 | CVE-2024-43275 | Xyzscripts | Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert PHP Code Snippet Cross-Site Request Forgery (CSRF) vulnerability in xyzscripts.Com Insert PHP Code Snippet.This issue affects Insert PHP Code Snippet: from n/a through 1.3.6. | 8.8 |
2024-08-15 | CVE-2024-7810 | Tamparongj 03 | SQL Injection vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0 A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. | 8.8 |
2024-08-14 | CVE-2024-7792 | Rems | SQL Injection vulnerability in Rems Task Progress Tracker 1.0 A vulnerability was found in SourceCodester Task Progress Tracker 1.0. | 8.8 |
2024-08-14 | CVE-2024-39809 | F5 | Insufficient Session Expiration vulnerability in F5 Big-Ip Next Central Manager 20.1.0 The Central Manager user session refresh token does not expire when a user logs out. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | 8.8 |
2024-08-14 | CVE-2024-23497 | Intel | Out-of-bounds Write vulnerability in Intel Ethernet 800 Series Controllers Driver Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 8.8 |
2024-08-14 | CVE-2024-23981 | Intel | Incorrect Calculation vulnerability in Intel Ethernet 800 Series Controllers Driver Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 8.8 |
2024-08-14 | CVE-2024-24986 | Intel | Unspecified vulnerability in Intel Ethernet 800 Series Controllers Driver Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 8.8 |
2024-08-14 | CVE-2024-4389 | The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadFile function in all versions up to, and including, 3.1.1. | 8.8 | |
2024-08-13 | CVE-2024-38109 | Microsoft | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health BOT An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network. | 8.8 |
2024-08-13 | CVE-2024-38114 | Microsoft | Unspecified vulnerability in Microsoft products Windows IP Routing Management Snapin Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38115 | Microsoft | Unspecified vulnerability in Microsoft products Windows IP Routing Management Snapin Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38116 | Microsoft | Unspecified vulnerability in Microsoft products Windows IP Routing Management Snapin Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38120 | Microsoft | Unspecified vulnerability in Microsoft products Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38121 | Microsoft | Unspecified vulnerability in Microsoft products Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38128 | Microsoft | Unspecified vulnerability in Microsoft products Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38130 | Microsoft | Unspecified vulnerability in Microsoft products Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38131 | Microsoft | Unspecified vulnerability in Microsoft products Clipboard Virtual Channel Extension Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38144 | Microsoft | Unspecified vulnerability in Microsoft products Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38154 | Microsoft | Unspecified vulnerability in Microsoft products Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38180 | Microsoft | Unspecified vulnerability in Microsoft products Windows SmartScreen Security Feature Bypass Vulnerability | 8.8 |
2024-08-13 | CVE-2024-38189 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft Project Remote Code Execution Vulnerability | 8.8 |
2024-08-13 | CVE-2024-36446 | Mitel | Unspecified vulnerability in Mitel Mivoice Mx-One The provisioning manager component of Mitel MiVoice MX-ONE through 7.6 SP1 could allow an authenticated attacker to conduct an authentication bypass attack due to improper access control. | 8.8 |
2024-08-13 | CVE-2022-45862 | Fortinet | Insufficient Session Expiration vulnerability in Fortinet products An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials. | 8.8 |
2024-08-13 | CVE-2024-42737 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. | 8.8 |
2024-08-13 | CVE-2024-42738 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. | 8.8 |
2024-08-13 | CVE-2024-42739 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. | 8.8 |
2024-08-13 | CVE-2024-43138 | Mage People | Path Traversal vulnerability in Mage-People Event Manager and Tickets Selling for Woocommerce Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MagePeople Team Event Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Event Manager for WooCommerce: from n/a through 4.2.1. | 8.8 |
2024-08-13 | CVE-2024-43140 | G5Plus | Path Traversal vulnerability in G5Plus Ultimate Bootstrap Elements for Elementor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.4. | 8.8 |
2024-08-13 | CVE-2024-43129 | Wpdeveloper | Path Traversal vulnerability in Wpdeveloper Betterdocs Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper BetterDocs allows PHP Local File Inclusion.This issue affects BetterDocs: from n/a through 3.5.8. | 8.8 |
2024-08-13 | CVE-2024-43135 | Themewinter | Path Traversal vulnerability in Themewinter Wpcafe Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through 2.2.28. | 8.8 |
2024-08-13 | CVE-2024-41939 | Siemens | Incorrect Authorization vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0 A vulnerability has been identified in SINEC NMS (All versions < V3.0). | 8.8 |
2024-08-13 | CVE-2024-41976 | Siemens | Unspecified vulnerability in Siemens products A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). | 8.8 |
2024-08-13 | CVE-2024-6823 | The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation involving the mla-inline-edit-upload-scripts AJAX action in all versions up to, and including, 3.18. | 8.8 | |
2024-08-12 | CVE-2023-48171 | Owasp | Unspecified vulnerability in Owasp Defectdojo An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component. | 8.8 |
2024-08-12 | CVE-2024-42741 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. | 8.8 |
2024-08-12 | CVE-2024-42742 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. | 8.8 |
2024-08-12 | CVE-2024-42743 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg . | 8.8 |
2024-08-12 | CVE-2024-42744 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser. | 8.8 |
2024-08-12 | CVE-2024-42745 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. | 8.8 |
2024-08-12 | CVE-2024-42747 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. | 8.8 |
2024-08-12 | CVE-2024-42748 | Totolink | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. | 8.8 |
2024-08-12 | CVE-2024-41475 | SIR | Origin Validation Error vulnerability in SIR Gnuboard 6.0.7 Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration. | 8.8 |
2024-08-12 | CVE-2024-42623 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/delete/1 | 8.8 |
2024-08-12 | CVE-2024-42624 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/delete/10. | 8.8 |
2024-08-12 | CVE-2024-42625 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/add | 8.8 |
2024-08-12 | CVE-2024-42626 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add. | 8.8 |
2024-08-12 | CVE-2024-42627 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3. | 8.8 |
2024-08-12 | CVE-2024-39091 | Annke | OS Command Injection vulnerability in Annke Crater 2 Firmware 5.4.1.221222153318 An OS command injection vulnerability in the ccm_debug component of MIPC Camera firmware prior to v5.4.1.240424171021 allows attackers within the same network to execute arbitrary code via a crafted HTML request. | 8.8 |
2024-08-12 | CVE-2024-42489 | Xwiki | Injection vulnerability in Xwiki PRO Macros Pro Macros provides XWiki rendering macros. | 8.8 |
2024-08-12 | CVE-2024-42628 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3. | 8.8 |
2024-08-12 | CVE-2024-42629 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10. | 8.8 |
2024-08-12 | CVE-2024-42630 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_file. | 8.8 |
2024-08-12 | CVE-2024-42631 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1. | 8.8 |
2024-08-12 | CVE-2024-42632 | Frogcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add. | 8.8 |
2024-08-12 | CVE-2024-0113 | Nvidia | Path Traversal vulnerability in Nvidia products NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. | 8.8 |
2024-08-12 | CVE-2024-21879 | Enphase | OS Command Injection vulnerability in Enphase IQ Gateway Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225. | 8.8 |
2024-08-12 | CVE-2024-36034 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option. | 8.8 |
2024-08-12 | CVE-2024-36035 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording. | 8.8 |
2024-08-12 | CVE-2024-40475 | Mayurik | Unspecified vulnerability in Mayurik Best House Rental Management System 1.0 SourceCodester Best House Rental Management System v1.0 is vulnerable to Incorrect Access Control via /rental/payment_report.php, /rental/balance_report.php, /rental/invoices.php, /rental/tenants.php, and /rental/users.php. | 8.8 |
2024-08-12 | CVE-2024-5487 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option. | 8.8 |
2024-08-12 | CVE-2024-5527 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration. | 8.8 |
2024-08-12 | CVE-2024-7272 | Ffmpeg | Out-of-bounds Write vulnerability in Ffmpeg A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. | 8.8 |
2024-08-12 | CVE-2024-7557 | Redhat | Unspecified vulnerability in Redhat Openshift AI and Openshift Data Science A vulnerability was found in OpenShift AI that allows for authentication bypass and privilege escalation across models within the same namespace. | 8.8 |
2024-08-12 | CVE-2024-7661 | Oretnom23 | Cross-Site Request Forgery (CSRF) vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability was found in SourceCodester Car Driving School Management System 1.0. | 8.8 |
2024-08-13 | CVE-2024-6788 | A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password. | 8.6 | |
2024-08-12 | CVE-2024-40500 | Scilico | Cross-site Scripting vulnerability in Scilico I-Librarian Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component. | 8.6 |
2024-08-12 | CVE-2024-29082 | Vonets | Improper Access Control vulnerability in Vonets products Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. | 8.6 |
2024-08-14 | CVE-2024-39825 | Zoom | Out-of-bounds Write vulnerability in Zoom products Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access. | 8.5 |
2024-08-14 | CVE-2024-39401 | Adobe | OS Command Injection vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. | 8.4 |
2024-08-14 | CVE-2024-39402 | Adobe | OS Command Injection vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. | 8.4 |
2024-08-12 | CVE-2024-38218 | Microsoft Edge (HTML-based) Memory Corruption Vulnerability | 8.4 | |
2024-08-16 | CVE-2024-43472 | Microsoft | Unspecified vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 8.3 |
2024-08-15 | CVE-2024-7868 | Xpdfreader | Use of Uninitialized Resource vulnerability in Xpdfreader Xpdf In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. | 8.2 |
2024-08-14 | CVE-2024-28947 | Intel | Unspecified vulnerability in Intel Server Board S2600St Firmware Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access. | 8.2 |
2024-08-14 | CVE-2024-34163 | Intel | Unspecified vulnerability in Intel products Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access. | 8.2 |
2024-08-13 | CVE-2024-38211 | Microsoft | Cross-site Scripting vulnerability in Microsoft Dynamics 365 9.1 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | 8.2 |
2024-08-13 | CVE-2024-42374 | SAP | XML Injection (aka Blind XPath Injection) vulnerability in SAP BEX web Java Runtime Export web Service BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted from an untrusted source. | 8.2 |
2024-08-17 | CVE-2023-0714 | The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type validation in versions up to, and including, 3.2.4. | 8.1 | |
2024-08-15 | CVE-2024-7624 | The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 3.3.101. | 8.1 | |
2024-08-15 | CVE-2024-7628 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.15.2. | 8.1 | |
2024-08-14 | CVE-2024-39400 | Adobe | Cross-site Scripting vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. | 8.1 |
2024-08-13 | CVE-2024-7570 | Ivanti | Improper Certificate Validation vulnerability in Ivanti Neurons for Itsm 2023.2/2023.3/2023.4 Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user. | 8.1 |
2024-08-13 | CVE-2024-29995 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kerberos Elevation of Privilege Vulnerability | 8.1 |
2024-08-12 | CVE-2024-41651 | Prestashop | Server-Side Request Forgery (SSRF) vulnerability in Prestashop An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. | 8.1 |
2024-08-12 | CVE-2024-30188 | Apache | Unspecified vulnerability in Apache Dolphinscheduler File read and write vulnerability in Apache DolphinScheduler , authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2. Users are recommended to upgrade to version 3.2.2, which fixes the issue. | 8.1 |
2024-08-12 | CVE-2024-42163 | Fiware | Inadequate Encryption Strength vulnerability in Fiware Keyrock Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to take over the account of any user by predicting the token for the password reset link. | 8.1 |
2024-08-12 | CVE-2024-7589 | Freebsd | Race Condition vulnerability in Freebsd A signal handler in sshd(8) may call a logging function that is not async-signal-safe. | 8.1 |
2024-08-13 | CVE-2024-41977 | Siemens | Unspecified vulnerability in Siemens products A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). | 8.0 |
2024-08-12 | CVE-2024-40476 | Mayurik | Cross-Site Request Forgery (CSRF) vulnerability in Mayurik Best House Rental Management 1.0 A Cross-Site Request Forgery (CSRF) vulnerability was found in SourceCodester Best House Rental Management System v1.0. | 8.0 |
2024-08-14 | CVE-2024-25576 | Intel | Unspecified vulnerability in Intel Agilex 7 Fpga Firmware improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow a privileged user to enable escalation of privilege via local access. | 7.9 |
2024-08-17 | CVE-2024-43825 | Linux | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: iio: Fix the sorting functionality in iio_gts_build_avail_time_table The sorting in iio_gts_build_avail_time_table is not working as intended. It could result in an out-of-bounds access when the time is zero. Here are more details: 1. | 7.8 |
2024-08-17 | CVE-2024-43839 | Linux | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures To have enough space to write all possible sprintf() args. | 7.8 |
2024-08-17 | CVE-2024-43842 | Linux | Improper Validation of Array Index vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size. But then 'rate->he_gi' is used as array index instead of 'status->he_gi'. This can lead to go beyond array boundaries in case of 'rate->he_gi' is not equal to 'status->he_gi' and is bigger than array size. | 7.8 |
2024-08-17 | CVE-2024-43843 | Linux | Incorrect Calculation of Buffer Size vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix out-of-bounds issue when preparing trampoline image We get the size of the trampoline image during the dry run phase and allocate memory based on that size. | 7.8 |
2024-08-17 | CVE-2024-43852 | Linux | Off-by-one Error vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order conditions to fix off by one bug LTC2991_T_INT_CH_NR is 4. | 7.8 |
2024-08-17 | CVE-2024-43858 | Linux | Improper Validation of Array Index vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree | 7.8 |
2024-08-17 | CVE-2024-42271 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->path is used as indicator whether somebody else is taking care of severing the path (or it is already removed / never existed). This needs to be done with atomic compare and swap, otherwise there is a small window where iucv_sock_close() will try to work with a path that has already been severed and freed by iucv_callback_connrej() called by iucv_tasklet_fn(). Example: [452744.123844] Call Trace: [452744.123845] ([<0000001e87f03880>] 0x1e87f03880) [452744.123966] [<00000000d593001e>] iucv_path_sever+0x96/0x138 [452744.124330] [<000003ff801ddbca>] iucv_sever_path+0xc2/0xd0 [af_iucv] [452744.124336] [<000003ff801e01b6>] iucv_sock_close+0xa6/0x310 [af_iucv] [452744.124341] [<000003ff801e08cc>] iucv_sock_release+0x3c/0xd0 [af_iucv] [452744.124345] [<00000000d574794e>] __sock_release+0x5e/0xe8 [452744.124815] [<00000000d5747a0c>] sock_close+0x34/0x48 [452744.124820] [<00000000d5421642>] __fput+0xba/0x268 [452744.124826] [<00000000d51b382c>] task_work_run+0xbc/0xf0 [452744.124832] [<00000000d5145710>] do_notify_resume+0x88/0x90 [452744.124841] [<00000000d5978096>] system_call+0xe2/0x2c8 [452744.125319] Last Breaking-Event-Address: [452744.125321] [<00000000d5930018>] iucv_path_sever+0x90/0x138 [452744.125324] [452744.125325] Kernel panic - not syncing: Fatal exception in interrupt Note that bh_lock_sock() is not serializing the tasklet context against process context, because the check for sock_owned_by_user() and corresponding handling is missing. Ideas for a future clean-up patch: A) Correct usage of bh_lock_sock() in tasklet context, as described in Re-enqueue, if needed. | 7.8 |
2024-08-17 | CVE-2024-42280 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp after calling dev_kfree_skb(*sp). | 7.8 |
2024-08-17 | CVE-2024-42284 | Linux | Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str() should return non-zero value if the UDP media address is invalid. | 7.8 |
2024-08-17 | CVE-2024-42285 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iw_conn_req_handler() associates a new struct rdma_id_private (conn_id) with an existing struct iw_cm_id (cm_id) as follows: conn_id->cm_id.iw = cm_id; cm_id->context = conn_id; cm_id->cm_handler = cma_iw_handler; rdma_destroy_id() frees both the cm_id and the struct rdma_id_private. | 7.8 |
2024-08-17 | CVE-2024-42301 | Linux | Improper Validation of Array Index vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I encountered during the actual issue: [ 66.575408s] [pid:5118,cpu4,QThread,4]Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: do_hardware_base_addr+0xcc/0xd0 [parport] [ 66.575408s] [pid:5118,cpu4,QThread,5]CPU: 4 PID: 5118 Comm: QThread Tainted: G S W O 5.10.97-arm64-desktop #7100.57021.2 [ 66.575439s] [pid:5118,cpu4,QThread,6]TGID: 5087 Comm: EFileApp [ 66.575439s] [pid:5118,cpu4,QThread,7]Hardware name: HUAWEI HUAWEI QingYun PGUX-W515x-B081/SP1PANGUXM, BIOS 1.00.07 04/29/2024 [ 66.575439s] [pid:5118,cpu4,QThread,8]Call trace: [ 66.575469s] [pid:5118,cpu4,QThread,9] dump_backtrace+0x0/0x1c0 [ 66.575469s] [pid:5118,cpu4,QThread,0] show_stack+0x14/0x20 [ 66.575469s] [pid:5118,cpu4,QThread,1] dump_stack+0xd4/0x10c [ 66.575500s] [pid:5118,cpu4,QThread,2] panic+0x1d8/0x3bc [ 66.575500s] [pid:5118,cpu4,QThread,3] __stack_chk_fail+0x2c/0x38 [ 66.575500s] [pid:5118,cpu4,QThread,4] do_hardware_base_addr+0xcc/0xd0 [parport] | 7.8 |
2024-08-17 | CVE-2024-42302 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpc_handler() awaits readiness of the secondary bus below the Downstream Port where the DPC event occurred. | 7.8 |
2024-08-17 | CVE-2024-42313 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. | 7.8 |
2024-08-17 | CVE-2024-42314 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: btrfs: fix extent map use-after-free when adding pages to compressed bio At add_ra_bio_pages() we are accessing the extent map to calculate 'add_size' after we dropped our reference on the extent map, resulting in a use-after-free. | 7.8 |
2024-08-16 | CVE-2024-2175 | An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges. | 7.8 | |
2024-08-16 | CVE-2024-4763 | An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges to kernel. | 7.8 | |
2024-08-15 | CVE-2024-43373 | J4K0Xb | Path Traversal vulnerability in J4K0Xb Webcrack webcrack is a tool for reverse engineering javascript. | 7.8 |
2024-08-15 | CVE-2024-7262 | Kingsoft | Path Traversal vulnerability in Kingsoft WPS Office Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive spreadsheet document | 7.8 |
2024-08-15 | CVE-2024-7263 | Kingsoft | Path Traversal vulnerability in Kingsoft WPS Office Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough. | 7.8 |
2024-08-15 | CVE-2024-42679 | Cysoft168 | SQL Injection vulnerability in Cysoft168 Super Easy Enterprise Management System SQL Injection vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the/ajax/Login.ashx component. | 7.8 |
2024-08-14 | CVE-2024-5915 | Paloaltonetworks | Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Globalprotect A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. | 7.8 |
2024-08-14 | CVE-2024-20789 | Adobe | Use After Free vulnerability in Adobe Dimension Dimension versions 3.4.11 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-34117 | Adobe | Use After Free vulnerability in Adobe Photoshop Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-34124 | Adobe | Out-of-bounds Write vulnerability in Adobe Dimension Dimension versions 3.4.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-34133 | Adobe | Out-of-bounds Write vulnerability in Adobe Illustrator Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39383 | Adobe | Use After Free vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39386 | Adobe | Out-of-bounds Write vulnerability in Adobe Bridge Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39388 | Adobe | Use After Free vulnerability in Adobe Substance 3D Stager 2.0.1/2.1.3/3.0.2 Substance3D - Stager versions 3.0.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39389 | Adobe | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39390 | Adobe | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39391 | Adobe | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39393 | Adobe | Out-of-bounds Read vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. | 7.8 |
2024-08-14 | CVE-2024-39394 | Adobe | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39422 | Adobe | Use After Free vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39423 | Adobe | Out-of-bounds Write vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39424 | Adobe | Use After Free vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-39426 | Adobe | Out-of-bounds Read vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. | 7.8 |
2024-08-14 | CVE-2024-41830 | Adobe | Use After Free vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-41831 | Adobe | Use After Free vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-41840 | Adobe | Out-of-bounds Write vulnerability in Adobe Bridge Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-41850 | Adobe | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-41851 | Adobe | Integer Overflow or Wraparound vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-41852 | Adobe | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-41853 | Adobe | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-41856 | Adobe | Unspecified vulnerability in Adobe Illustrator Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-41865 | Adobe | Untrusted Search Path vulnerability in Adobe Dimension Dimension versions 3.4.11 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. | 7.8 |
2024-08-14 | CVE-2024-23495 | Intel | Incorrect Default Permissions vulnerability in Intel Distribution for GDB and Oneapi Base Toolkit Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-23907 | Intel | Uncontrolled Search Path Element vulnerability in Intel products Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-23908 | Intel | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Flexlm License Daemons for Intel Fpga Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-23909 | Intel | Uncontrolled Search Path Element vulnerability in Intel Field Programmable Gate Array Software Development KIT for Opencl Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-24977 | Intel | Uncontrolled Search Path Element vulnerability in Intel License Manager for Flexim Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-25561 | Intel | Incorrect Permission Assignment for Critical Resource vulnerability in Intel products Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-26022 | Intel | Unspecified vulnerability in Intel Aptio V Uefi Firmware Integrator Tools Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-26025 | Intel | Incorrect Default Permissions vulnerability in Intel Advisor and Oneapi Base Toolkit Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-26027 | Intel | Uncontrolled Search Path Element vulnerability in Intel Simics Package Manager Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-28046 | Intel | Uncontrolled Search Path Element vulnerability in Intel Graphics Performance Analyzers 21.2 Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-28887 | Intel | Uncontrolled Search Path Element vulnerability in Intel products Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-29015 | Intel | Uncontrolled Search Path Element vulnerability in Intel Vtune Profiler 2017/2018/2019 Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-39283 | Intel | Unspecified vulnerability in Intel TDX Module Software Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-08-14 | CVE-2024-41858 | Adobe | Integer Overflow or Wraparound vulnerability in Adobe Incopy InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-41864 | Adobe | Out-of-bounds Write vulnerability in Adobe Substance 3D Designer 12.4.0/13.1.0 Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-14 | CVE-2024-38163 | Windows Update Stack Elevation of Privilege Vulnerability | 7.8 | |
2024-08-13 | CVE-2024-7738 | Yzane | Path Traversal vulnerability in Yzane Markdown PDF 1.5.0 A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. | 7.8 |
2024-08-13 | CVE-2024-38084 | Microsoft | Unspecified vulnerability in Microsoft Officeplus Microsoft OfficePlus Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38098 | Microsoft | Unspecified vulnerability in Microsoft Azure Connected Machine Agent Azure Connected Machine Agent Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38107 | Microsoft | Unspecified vulnerability in Microsoft products Windows Power Dependency Coordinator Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38117 | Microsoft | Unspecified vulnerability in Microsoft products NTFS Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38125 | Microsoft | Unspecified vulnerability in Microsoft products Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38127 | Microsoft | Unspecified vulnerability in Microsoft products Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38133 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38134 | Microsoft | Out-of-bounds Read vulnerability in Microsoft products Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38135 | Microsoft | Unspecified vulnerability in Microsoft products Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38141 | Microsoft | Unspecified vulnerability in Microsoft products Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38142 | Microsoft | Unspecified vulnerability in Microsoft products Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38147 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38150 | Microsoft | Unspecified vulnerability in Microsoft products Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38152 | Microsoft | Unspecified vulnerability in Microsoft products Windows OLE Remote Code Execution Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38153 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38162 | Microsoft | Unspecified vulnerability in Microsoft Azure Connected Machine Agent Azure Connected Machine Agent Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38169 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft Office Visio Remote Code Execution Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38171 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft PowerPoint Remote Code Execution Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38172 | Microsoft | Unspecified vulnerability in Microsoft 365 Apps and Office Long Term Servicing Channel Microsoft Excel Remote Code Execution Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38177 | Microsoft | Unspecified vulnerability in Microsoft APP Installer Windows App Installer Spoofing Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38184 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38185 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38186 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38187 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38191 | Microsoft | Unspecified vulnerability in Microsoft products Kernel Streaming Service Driver Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38193 | Microsoft | Unspecified vulnerability in Microsoft products Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38195 | Microsoft | Unspecified vulnerability in Microsoft Azure Cyclecloud Azure CycleCloud Remote Code Execution Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38196 | Microsoft | Unspecified vulnerability in Microsoft products Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2024-38215 | Microsoft | Unspecified vulnerability in Microsoft products Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
2024-08-13 | CVE-2022-27486 | Fortinet | OS Command Injection vulnerability in Fortinet Fortiddos and Fortiddos-F A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.4 allows an authenticated attacker to execute shell code as `root` via `execute` CLI commands. | 7.8 |
2024-08-13 | CVE-2024-21757 | Fortinet | Unspecified vulnerability in Fortinet Fortianalyzer and Fortimanager A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup. | 7.8 |
2024-08-13 | CVE-2024-36398 | Siemens | Unspecified vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0 A vulnerability has been identified in SINEC NMS (All versions < V3.0). | 7.8 |
2024-08-12 | CVE-2024-27442 | Zimbra | Improper Handling of Exceptional Conditions vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 7.8 |
2024-08-14 | CVE-2024-39399 | Adobe | Path Traversal vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. | 7.7 |
2024-08-14 | CVE-2024-39403 | Adobe | Cross-site Scripting vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. | 7.6 |
2024-08-18 | CVE-2024-6221 | Corydolphin | Unspecified vulnerability in Corydolphin Flask-Cors 4.0.1 A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default, without any configuration option. | 7.5 |
2024-08-16 | CVE-2024-7845 | Tamparongj 03 | SQL Injection vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0 A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. | 7.5 |
2024-08-15 | CVE-2024-7843 | Tamparongj 03 | Unspecified vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0 A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. | 7.5 |
2024-08-15 | CVE-2024-34727 | Classic Buffer Overflow vulnerability in Google Android In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. | 7.5 | |
2024-08-15 | CVE-2024-7841 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Clinics Patient Management System 1.0 A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System 1.0. | 7.5 |
2024-08-15 | CVE-2024-7842 | Tamparongj 03 | Unspecified vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0 A vulnerability, which was classified as problematic, has been found in SourceCodester Online Graduate Tracer System 1.0. | 7.5 |
2024-08-15 | CVE-2024-42940 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. | 7.5 |
2024-08-15 | CVE-2024-42941 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the wanmode parameter in the fromAdvSetWan function. | 7.5 |
2024-08-15 | CVE-2024-42942 | Tendacn | Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. | 7.5 |
2024-08-15 | CVE-2024-42943 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. | 7.5 |
2024-08-15 | CVE-2024-42944 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. | 7.5 |
2024-08-15 | CVE-2024-42945 | Tendacn | Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromAddressNat function. | 7.5 |
2024-08-15 | CVE-2024-42946 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. | 7.5 |
2024-08-15 | CVE-2024-42948 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. | 7.5 |
2024-08-15 | CVE-2024-42949 | Tendacn | Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the qos parameter in the fromqossetting function. | 7.5 |
2024-08-15 | CVE-2024-42950 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in the fromSafeClientFilter function. | 7.5 |
2024-08-15 | CVE-2024-42951 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the mit_pptpusrpw parameter in the fromWizardHandle function. | 7.5 |
2024-08-15 | CVE-2024-42952 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromqossetting function. | 7.5 |
2024-08-15 | CVE-2024-42953 | Tendacn | Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPW parameter in the fromWizardHandle function. | 7.5 |
2024-08-15 | CVE-2024-42954 | Tendacn | Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. | 7.5 |
2024-08-15 | CVE-2024-42955 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. | 7.5 |
2024-08-15 | CVE-2024-42968 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the Go parameter in the fromSafeUrlFilter function. | 7.5 |
2024-08-15 | CVE-2024-42969 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function. | 7.5 |
2024-08-15 | CVE-2024-42973 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSetlpBind function. | 7.5 |
2024-08-15 | CVE-2024-42974 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. | 7.5 |
2024-08-15 | CVE-2024-42976 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. | 7.5 |
2024-08-15 | CVE-2024-42977 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the qos parameter in the fromqossetting function. | 7.5 |
2024-08-15 | CVE-2024-42979 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ProtForm function. | 7.5 |
2024-08-15 | CVE-2024-42980 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. | 7.5 |
2024-08-15 | CVE-2024-42981 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. | 7.5 |
2024-08-15 | CVE-2024-42982 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. | 7.5 |
2024-08-15 | CVE-2024-42983 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the pptpPPW parameter in the fromAdvSetWan function. | 7.5 |
2024-08-15 | CVE-2024-42984 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. | 7.5 |
2024-08-15 | CVE-2024-42985 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. | 7.5 |
2024-08-15 | CVE-2024-42986 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.1.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. | 7.5 |
2024-08-15 | CVE-2024-42987 | Tenda | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.1.35 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the modino parameter in the fromPptpUserAdd function. | 7.5 |
2024-08-15 | CVE-2024-7813 | Prison Management System Project | Insufficiently Protected Credentials vulnerability in Prison Management System Project Prison Management System 1.0 A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0. | 7.5 |
2024-08-15 | CVE-2024-7800 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Simple Online Bidding System 1.0 A vulnerability classified as critical has been found in SourceCodester Simple Online Bidding System 1.0. | 7.5 |
2024-08-14 | CVE-2024-27120 | Celsiusbenelux | Path Traversal vulnerability in Celsiusbenelux Comfortkey A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux. | 7.5 |
2024-08-14 | CVE-2023-50314 | IBM | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. | 7.5 |
2024-08-14 | CVE-2024-28799 | IBM | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configurations, during back-end commands which may result in the unexpected disclosure of this information. | 7.5 |
2024-08-14 | CVE-2024-39778 | F5 | Unspecified vulnerability in F5 products When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 7.5 |
2024-08-14 | CVE-2024-39792 | F5 | Operation on a Resource after Expiration or Release vulnerability in F5 Nginx Plus R30/R31/R32 When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 7.5 |
2024-08-14 | CVE-2024-41164 | F5 | NULL Pointer Dereference vulnerability in F5 products When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 7.5 |
2024-08-14 | CVE-2024-41727 | F5 | Allocation of Resources Without Limits or Throttling vulnerability in F5 products In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 7.5 |
2024-08-14 | CVE-2024-23499 | Intel | Unspecified vulnerability in Intel Ethernet 800 Series Controllers Driver Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an unauthenticated user to potentially enable denial of service via network access. | 7.5 |
2024-08-14 | CVE-2024-7729 | The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files. | 7.5 | |
2024-08-14 | CVE-2024-36136 | Ivanti | Off-by-one Error vulnerability in Ivanti Avalanche An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS. | 7.5 |
2024-08-14 | CVE-2024-37399 | Ivanti | NULL Pointer Dereference vulnerability in Ivanti Avalanche A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS. | 7.5 |
2024-08-14 | CVE-2024-38653 | Ivanti | XXE vulnerability in Ivanti Avalanche XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server. | 7.5 |
2024-08-14 | CVE-2024-7753 | Oretnom23 | Forced Browsing vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. | 7.5 |
2024-08-14 | CVE-2024-7754 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. | 7.5 |
2024-08-13 | CVE-2024-7750 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 A vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. | 7.5 |
2024-08-13 | CVE-2024-7751 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 A vulnerability was found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. | 7.5 |
2024-08-13 | CVE-2024-37968 | Microsoft | Unspecified vulnerability in Microsoft products Windows DNS Spoofing Vulnerability | 7.5 |
2024-08-13 | CVE-2024-38126 | Microsoft | Unspecified vulnerability in Microsoft products Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
2024-08-13 | CVE-2024-38132 | Microsoft | Unspecified vulnerability in Microsoft products Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
2024-08-13 | CVE-2024-38138 | Microsoft | Unspecified vulnerability in Microsoft products Windows Deployment Services Remote Code Execution Vulnerability | 7.5 |
2024-08-13 | CVE-2024-38145 | Microsoft | Unspecified vulnerability in Microsoft products Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | 7.5 |
2024-08-13 | CVE-2024-38146 | Microsoft | Unspecified vulnerability in Microsoft products Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | 7.5 |
2024-08-13 | CVE-2024-38148 | Microsoft | Unspecified vulnerability in Microsoft products Windows Secure Channel Denial of Service Vulnerability | 7.5 |
2024-08-13 | CVE-2024-38168 | Microsoft | Unspecified vulnerability in Microsoft .Net and Visual Studio 2022 .NET and Visual Studio Denial of Service Vulnerability | 7.5 |
2024-08-13 | CVE-2024-38178 | Microsoft | Unspecified vulnerability in Microsoft products Scripting Engine Memory Corruption Vulnerability | 7.5 |
2024-08-13 | CVE-2024-38198 | Microsoft | Unspecified vulnerability in Microsoft products Windows Print Spooler Elevation of Privilege Vulnerability | 7.5 |
2024-08-13 | CVE-2024-35124 | IBM | Missing Authentication for Critical Function vulnerability in IBM Openbmc A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. | 7.5 |
2024-08-13 | CVE-2024-40697 | IBM | Weak Password Requirements vulnerability in IBM Common Licensing 9.0 IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |
2024-08-13 | CVE-2024-41681 | Siemens | Inadequate Encryption Strength vulnerability in Siemens Location Intelligence A vulnerability has been identified in Location Intelligence family (All versions < V4.4). | 7.5 |
2024-08-13 | CVE-2024-41904 | Siemens | Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Sinec Traffic Analyzer A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). | 7.5 |
2024-08-12 | CVE-2024-37930 | Theme Sphere | Missing Authorization vulnerability in Theme-Sphere Smartmag Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in ThemeSphere SmartMag allows Excavation, Accessing Functionality Not Properly Constrained by ACLs.This issue affects SmartMag: from n/a through 9.3.0. | 7.5 |
2024-08-12 | CVE-2024-42481 | Skyport | Resource Exhaustion vulnerability in Skyport Skyportd Skyport Daemon (skyportd) is the daemon for the Skyport Panel. | 7.5 |
2024-08-12 | CVE-2024-42485 | Pxlrbt | Path Traversal vulnerability in Pxlrbt Filament Excel Filament Excel enables excel export for Filament admin resources. | 7.5 |
2024-08-12 | CVE-2024-33535 | Zimbra | Path Traversal vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 7.5 |
2024-08-12 | CVE-2024-42477 | Ggerganov | Memory Leak vulnerability in Ggerganov Llama.Cpp llama.cpp provides LLM inference in C/C++. | 7.5 |
2024-08-12 | CVE-2024-39338 | Axios | Server-Side Request Forgery (SSRF) vulnerability in Axios 1.5.1 axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs. | 7.5 |
2024-08-12 | CVE-2024-39815 | Vonets | Unspecified vulnerability in Vonets products Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. | 7.5 |
2024-08-12 | CVE-2024-41936 | Vonets | Path Traversal vulnerability in Vonets products A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication. | 7.5 |
2024-08-12 | CVE-2024-42468 | Openhab | Path Traversal vulnerability in Openhab openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 7.5 |
2024-08-12 | CVE-2024-6760 | Freebsd | Unspecified vulnerability in Freebsd A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which they would not otherwise have access, such as the local password database. | 7.5 |
2024-08-12 | CVE-2024-7006 | Libtiff Redhat | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. | 7.5 |
2024-08-12 | CVE-2024-7399 | Samsung | Path Traversal vulnerability in Samsung Magicinfo 9 Server Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority. | 7.5 |
2024-08-12 | CVE-2024-7659 | Projectsend | Use of Insufficiently Random Values vulnerability in Projectsend A vulnerability, which was classified as problematic, was found in projectsend up to r1605. | 7.5 |
2024-08-12 | CVE-2024-7693 | Raidenmaild | Path Traversal vulnerability in Raidenmaild Raiden MAILD Remote Management System from Team Johnlong Software has a Relative Path Traversal vulnerability, allowing unauthenticated remote attackers to read arbitrary file on the remote server. | 7.5 |
2024-08-12 | CVE-2024-7697 | Transsion | Unspecified vulnerability in Transsion Carlcare 5.9.5 Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks. | 7.5 |
2024-08-14 | CVE-2024-39398 | Adobe | Improper Restriction of Excessive Authentication Attempts vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass. | 7.4 |
2024-08-15 | CVE-2024-7799 | Oretnom23 | Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0 A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. | 7.3 |
2024-08-14 | CVE-2024-23489 | Intel | Uncontrolled Search Path Element vulnerability in Intel Virtual Raid on CPU 8.0.0.4035 Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.3 |
2024-08-14 | CVE-2024-23491 | Intel | Uncontrolled Search Path Element vulnerability in Intel Distribution for GDB and Oneapi Base Toolkit Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.3 |
2024-08-14 | CVE-2024-28172 | Intel | Uncontrolled Search Path Element vulnerability in Intel Oneapi HPC Toolkit and Trace Analyzer and Collector Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.3 |
2024-08-14 | CVE-2024-28876 | Intel | Uncontrolled Search Path Element vulnerability in Intel MPI Library and Oneapi HPC Toolkit Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.3 |
2024-08-18 | CVE-2024-7917 | Douco | Unrestricted Upload of File with Dangerous Type vulnerability in Douco Douphp 1.7 A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. | 7.2 |
2024-08-18 | CVE-2024-7910 | Online Railway Reservation System Project | Unrestricted Upload of File with Dangerous Type vulnerability in Online Railway Reservation System Project Online Railway Reservation System 1.0 A vulnerability was found in CodeAstro Online Railway Reservation System 1.0 and classified as critical. | 7.2 |
2024-08-18 | CVE-2024-7905 | Dedebiz | Unrestricted Upload of File with Dangerous Type vulnerability in Dedebiz 6.3.0 A vulnerability classified as critical has been found in DedeBIZ 6.3.0. | 7.2 |
2024-08-17 | CVE-2024-7899 | Innocms | Code Injection vulnerability in Innocms 0.3.1 A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. | 7.2 |
2024-08-17 | CVE-2023-3416 | The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'subscriptionCouponId' parameter via the 'create_stripe_subscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.2 | |
2024-08-17 | CVE-2022-1751 | The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via the /image.php file. | 7.2 | |
2024-08-16 | CVE-2024-7301 | The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.24.8 due to insufficient input sanitization and output escaping. | 7.2 | |
2024-08-14 | CVE-2024-37373 | Ivanti | Unspecified vulnerability in Ivanti Avalanche Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE. | 7.2 |
2024-08-13 | CVE-2024-37287 | Elastic | Unspecified vulnerability in Elastic Kibana A flaw allowing arbitrary code execution was discovered in Kibana. | 7.2 |
2024-08-13 | CVE-2024-41903 | Siemens | Unspecified vulnerability in Siemens Sinec Traffic Analyzer A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). | 7.2 |
2024-08-12 | CVE-2024-21880 | Enphase | OS Command Injection vulnerability in Enphase IQ Gateway Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Enphase) allows OS Command Injection.This issue affects Envoy: 4.x <= 7.x | 7.2 |
2024-08-12 | CVE-2024-42166 | Fiware | OS Command Injection vulnerability in Fiware Keyrock The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. | 7.2 |
2024-08-12 | CVE-2024-42167 | Fiware | OS Command Injection vulnerability in Fiware Keyrock The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. | 7.2 |
2024-08-12 | CVE-2024-7694 | Teamt5 | Unrestricted Upload of File with Dangerous Type vulnerability in Teamt5 Threatsonar Anti-Ransomware ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. | 7.2 |
2024-08-13 | CVE-2024-38170 | Microsoft | Unspecified vulnerability in Microsoft 365 Apps and Office Long Term Servicing Channel Microsoft Excel Remote Code Execution Vulnerability | 7.1 |
2024-08-13 | CVE-2024-38502 | Pepperl Fuchs | Cross-site Scripting vulnerability in Pepperl-Fuchs products An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once. | 7.1 |
2024-08-13 | CVE-2024-5849 | Pepperl Fuchs | Cross-site Scripting vulnerability in Pepperl-Fuchs products An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information from a user or reboot the affected device once. | 7.1 |
2024-08-14 | CVE-2024-39420 | Adobe | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.21005, 24.001.30159, 20.005.30655, 24.002.20965, 24.002.20964, 24.001.30123, 24.003.20054 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to arbitrary code execution. | 7.0 |
2024-08-14 | CVE-2024-39425 | Adobe | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. | 7.0 |
2024-08-13 | CVE-2024-38106 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kernel Elevation of Privilege Vulnerability | 7.0 |
2024-08-13 | CVE-2024-38136 | Microsoft | Race Condition vulnerability in Microsoft products Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | 7.0 |
2024-08-13 | CVE-2024-38137 | Microsoft | Race Condition vulnerability in Microsoft products Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | 7.0 |
2024-08-13 | CVE-2024-38157 | Microsoft | Unspecified vulnerability in Microsoft Azure IOT HUB Device Client SDK Azure IoT SDK Remote Code Execution Vulnerability | 7.0 |
2024-08-13 | CVE-2024-38158 | Microsoft | Unspecified vulnerability in Microsoft Azure IOT HUB Device Client SDK Azure IoT SDK Remote Code Execution Vulnerability | 7.0 |
2024-08-13 | CVE-2024-38201 | Microsoft | Unspecified vulnerability in Microsoft Azure Stack HUB Azure Stack Hub Elevation of Privilege Vulnerability | 7.0 |
326 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-08-17 | CVE-2023-5505 | The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. | 6.8 | |
2024-08-15 | CVE-2024-42488 | Cilium | Race Condition vulnerability in Cilium Cilium is a networking, observability, and security solution with an eBPF-based dataplane. | 6.8 |
2024-08-15 | CVE-2024-31798 | Gncchome | Use of Hard-coded Credentials vulnerability in Gncchome Gncc C2 Firmware Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices | 6.8 |
2024-08-15 | CVE-2024-31800 | Gncchome | Improper Authentication vulnerability in Gncchome Gncc C2 Firmware Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port. | 6.8 |
2024-08-14 | CVE-2024-39406 | Adobe | Path Traversal vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. | 6.8 |
2024-08-13 | CVE-2024-38161 | Microsoft | Unspecified vulnerability in Microsoft products Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
2024-08-13 | CVE-2024-38223 | Microsoft | Unspecified vulnerability in Microsoft products Windows Initial Machine Configuration Elevation of Privilege Vulnerability | 6.8 |
2024-08-14 | CVE-2024-42440 | Zoom | Unspecified vulnerability in Zoom products Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access. | 6.7 |
2024-08-14 | CVE-2024-42441 | Zoom | Unspecified vulnerability in Zoom products Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access. | 6.7 |
2024-08-14 | CVE-2024-38483 | Dell | Unspecified vulnerability in Dell products Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. | 6.7 |
2024-08-13 | CVE-2024-38173 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft Outlook Remote Code Execution Vulnerability | 6.7 |
2024-08-14 | CVE-2024-25562 | Intel | Unspecified vulnerability in Intel Distribution for GDB and Oneapi Base Toolkit Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access. | 6.6 |
2024-08-17 | CVE-2022-4532 | The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1. | 6.5 | |
2024-08-16 | CVE-2023-47728 | IBM | Information Exposure Through an Error Message vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the request. | 6.5 |
2024-08-16 | CVE-2024-4781 | A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted. | 6.5 | |
2024-08-16 | CVE-2024-4782 | A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer's functionality until a manual system reboot occurs. | 6.5 | |
2024-08-16 | CVE-2024-5209 | A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted. | 6.5 | |
2024-08-16 | CVE-2024-5210 | A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted. | 6.5 | |
2024-08-16 | CVE-2024-6004 | A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted. | 6.5 | |
2024-08-16 | CVE-2024-42463 | Upkeeper | Authorization Bypass Through User-Controlled Key vulnerability in Upkeeper Manager Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9. | 6.5 |
2024-08-16 | CVE-2024-42464 | Upkeeper | Authorization Bypass Through User-Controlled Key vulnerability in Upkeeper Manager Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9. | 6.5 |
2024-08-15 | CVE-2024-22217 | Terminalfour | Server-Side Request Forgery (SSRF) vulnerability in Terminalfour A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on. | 6.5 |
2024-08-15 | CVE-2024-40705 | IBM | Unspecified vulnerability in IBM Infosphere Information Server 11.7/11.7.0.1/11.7.0.2 IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. | 6.5 |
2024-08-15 | CVE-2024-6347 | Nissan Global | Unspecified vulnerability in Nissan-Global Blind Spot Detection Sensor ECU Firmware * Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima (2022) allows attackers to trigger denial-of-service (DoS) by unauthorized access to the ECU's programming session. * No preconditions implemented for ECU management functionality through UDS session in the Blind Spot Detection Sensor ECU in Nissan Altima (2022) allows attackers to disrupt normal ECU operations by triggering a control command without authentication. | 6.5 |
2024-08-15 | CVE-2024-7420 | Xyzscripts | Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert PHP Code Snippet The Insert PHP Code Snippet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6. | 6.5 |
2024-08-14 | CVE-2024-31882 | IBM | Injection vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. | 6.5 |
2024-08-14 | CVE-2024-35136 | IBM | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default conditions. | 6.5 |
2024-08-14 | CVE-2024-35152 | IBM | Unspecified vulnerability in IBM DB2 11.5.8/11.5.9 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. | 6.5 |
2024-08-14 | CVE-2024-37529 | IBM | Unspecified vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. | 6.5 |
2024-08-14 | CVE-2024-39818 | Zoom | Insufficiently Protected Credentials vulnerability in Zoom products Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access. | 6.5 |
2024-08-14 | CVE-2024-39822 | Zoom | Unspecified vulnerability in Zoom products Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. | 6.5 |
2024-08-14 | CVE-2024-42436 | Zoom | Out-of-bounds Write vulnerability in Zoom products Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
2024-08-14 | CVE-2024-42437 | Zoom | Out-of-bounds Write vulnerability in Zoom products Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
2024-08-14 | CVE-2024-42438 | Zoom | Out-of-bounds Write vulnerability in Zoom products Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
2024-08-14 | CVE-2024-42439 | Zoom | Untrusted Search Path vulnerability in Zoom products Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access. | 6.5 |
2024-08-14 | CVE-2024-25157 | Fortra | Improper Authentication vulnerability in Fortra Goanywhere Managed File Transfer An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. | 6.5 |
2024-08-13 | CVE-2024-38165 | Microsoft | Unspecified vulnerability in Microsoft Windows 11 22H2 and Windows 11 23H2 Windows Compressed Folder Tampering Vulnerability | 6.5 |
2024-08-13 | CVE-2024-38167 | Microsoft | Unspecified vulnerability in Microsoft .Net and Visual Studio 2022 .NET and Visual Studio Information Disclosure Vulnerability | 6.5 |
2024-08-13 | CVE-2024-38197 | Microsoft | Unspecified vulnerability in Microsoft Teams 5.12.1 Microsoft Teams for iOS Spoofing Vulnerability | 6.5 |
2024-08-13 | CVE-2024-38213 | Microsoft | Unspecified vulnerability in Microsoft products Windows Mark of the Web Security Feature Bypass Vulnerability | 6.5 |
2024-08-13 | CVE-2024-38214 | Microsoft | Unspecified vulnerability in Microsoft products Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | 6.5 |
2024-08-13 | CVE-2024-41905 | Siemens | Unspecified vulnerability in Siemens Sinec Traffic Analyzer A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). | 6.5 |
2024-08-13 | CVE-2024-41906 | Siemens | Unspecified vulnerability in Siemens Sinec Traffic Analyzer A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). | 6.5 |
2024-08-13 | CVE-2024-41978 | Siemens | Information Exposure Through Log Files vulnerability in Siemens products A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). | 6.5 |
2024-08-13 | CVE-2024-42376 | SAP | Missing Authorization vulnerability in SAP Shared Service Framework SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. | 6.5 |
2024-08-12 | CVE-2023-41884 | Zoneminder | SQL Injection vulnerability in Zoneminder ZoneMinder is a free, open source Closed-circuit television software application. | 6.5 |
2024-08-12 | CVE-2024-42474 | Snowflake | Path Traversal vulnerability in Snowflake Streamlit Streamlit is a data oriented application development framework for python. | 6.5 |
2024-08-12 | CVE-2024-7700 | Theforeman | Command Injection vulnerability in Theforeman Foreman A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. | 6.5 |
2024-08-12 | CVE-2024-42482 | Fish Shop | Unspecified vulnerability in Fish-Shop Syntax-Check fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. | 6.5 |
2024-08-12 | CVE-2024-21877 | Enphase | Path Traversal vulnerability in Enphase IQ Gateway Firmware Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability through a url parameter in Enphase IQ Gateway (formerly known as Envoy) allows File Manipulation. | 6.5 |
2024-08-12 | CVE-2024-38200 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft Office Spoofing Vulnerability | 6.5 |
2024-08-12 | CVE-2024-41332 | Oretnom23 | Unspecified vulnerability in Oretnom23 Computer Laboratory Management System 1.0 Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories. | 6.5 |
2024-08-12 | CVE-2024-4359 | The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 5.7.2 via the SVG widget and a lack of sufficient file validation in the render_svg function. | 6.5 | |
2024-08-12 | CVE-2024-6758 | Sprecher Automation | Unspecified vulnerability in Sprecher-Automation products Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments. | 6.5 |
2024-08-12 | CVE-2024-7408 | Airveda | Cleartext Transmission of Sensitive Information vulnerability in Airveda Pm2.5 Pm10 Monitor Firmware This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of sensitive information in plain text during AP pairing mode. | 6.5 |
2024-08-12 | CVE-2024-7662 | Oretnom23 | Cross-Site Request Forgery (CSRF) vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability was found in SourceCodester Car Driving School Management System 1.0. | 6.5 |
2024-08-17 | CVE-2024-7703 | The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.37 due to insufficient input sanitization and output escaping. | 6.4 | |
2024-08-16 | CVE-2024-7147 | The JetBlocks for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple placeholder parameters in all versions up to, and including, 1.3.12 due to insufficient input sanitization and output escaping. | 6.4 | |
2024-08-15 | CVE-2024-7064 | The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping. | 6.4 | |
2024-08-14 | CVE-2024-6532 | The Sheet to Table Live Sync for Google Sheet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STWT_Sheet_Table shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 | |
2024-08-13 | CVE-2023-20578 | AMD | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution. | 6.4 |
2024-08-13 | CVE-2024-7247 | The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Custom Gallery and Countdown widgets in all versions up to, and including, 5.7.2 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 | |
2024-08-13 | CVE-2024-7092 | The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘no_more_items_text’ parameter in all versions up to, and including, 5.9.27 due to insufficient input sanitization and output escaping. | 6.4 | |
2024-08-12 | CVE-2024-6639 | The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdx_list_item' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 | |
2024-08-12 | CVE-2024-4360 | The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 5.7.2 due to insufficient input sanitization and output escaping on user supplied attributes like 'title_tag'. | 6.4 | |
2024-08-13 | CVE-2024-33005 | SAP | Missing Authorization vulnerability in SAP products Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server can impersonate other users and may perform some unintended actions. | 6.3 |
2024-08-15 | CVE-2024-7867 | Xpdfreader | Integer Overflow or Wraparound vulnerability in Xpdfreader Xpdf In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero. | 6.2 |
2024-08-18 | CVE-2024-43313 | Formfacade | Cross-site Scripting vulnerability in Formfacade Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FormFacade allows Reflected XSS.This issue affects FormFacade: from n/a through 1.3.2. | 6.1 |
2024-08-18 | CVE-2024-43238 | Getwemail | Cross-site Scripting vulnerability in Getwemail Wemail Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs weMail allows Reflected XSS.This issue affects weMail: from n/a through 1.14.5. | 6.1 |
2024-08-18 | CVE-2024-43276 | Orbisius | Cross-site Scripting vulnerability in Orbisius Child Theme Creator Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Svetoslav Marinov (Slavi) Child Theme Creator allows Reflected XSS.This issue affects Child Theme Creator: from n/a through 1.5.4. | 6.1 |
2024-08-18 | CVE-2024-43327 | Teleogistic | Cross-site Scripting vulnerability in Teleogistic Invite Anyone Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7. | 6.1 |
2024-08-18 | CVE-2024-43330 | Wpbeaveraddons | Cross-site Scripting vulnerability in Wpbeaveraddons Powerpack Lite for Beaver Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in IdeaBox Creations PowerPack for Beaver Builder allows Reflected XSS.This issue affects PowerPack for Beaver Builder: from n/a before 2.37.4. | 6.1 |
2024-08-17 | CVE-2024-7902 | Public Knowledge Project | Open Redirect vulnerability in Public Knowledge Project Open Journal Systems A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. | 6.1 |
2024-08-17 | CVE-2023-4507 | The Admission AppManager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'q' parameter in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. | 6.1 | |
2024-08-17 | CVE-2023-4604 | The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘post’ parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping. | 6.1 | |
2024-08-16 | CVE-2024-43809 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page | 6.1 |
2024-08-15 | CVE-2024-27729 | Friendica | Cross-site Scripting vulnerability in Friendica 2023.12 Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature. | 6.1 |
2024-08-15 | CVE-2024-42678 | Cysoft168 | Cross-site Scripting vulnerability in Cysoft168 Super Easy Enterprise Management System Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component. | 6.1 |
2024-08-14 | CVE-2024-42353 | Pylonsproject | Open Redirect vulnerability in Pylonsproject Webob WebOb provides objects for HTTP requests and responses. | 6.1 |
2024-08-14 | CVE-2024-7752 | Oretnom23 | Cross-site Scripting vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. | 6.1 |
2024-08-13 | CVE-2024-7739 | Yzane | Cross-site Scripting vulnerability in Yzane Markdown PDF 1.5.0 A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. | 6.1 |
2024-08-13 | CVE-2024-38501 | Pepperl Fuchs | Cross-site Scripting vulnerability in Pepperl-Fuchs products An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device. | 6.1 |
2024-08-12 | CVE-2024-43358 | Zoneminder | Cross-site Scripting vulnerability in Zoneminder ZoneMinder is a free, open source closed-circuit television software application. | 6.1 |
2024-08-12 | CVE-2024-43359 | Zoneminder | Cross-site Scripting vulnerability in Zoneminder ZoneMinder is a free, open source closed-circuit television software application. | 6.1 |
2024-08-12 | CVE-2024-21550 | Steve Community | Cross-site Scripting vulnerability in Steve-Community Steve SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central server for management of registered charge points. | 6.1 |
2024-08-12 | CVE-2024-27443 | Zimbra | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 6.1 |
2024-08-12 | CVE-2024-0115 | Nvidia | Unspecified vulnerability in Nvidia Cv-Cuda NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. | 6.1 |
2024-08-12 | CVE-2024-40484 | Phpgurukul | Cross-site Scripting vulnerability in PHPgurukul OLD AGE Home Management System 1.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in "/oahms/search.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter. | 6.1 |
2024-08-12 | CVE-2024-41481 | Typora | Cross-site Scripting vulnerability in Typora Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the Mermaid component. | 6.1 |
2024-08-12 | CVE-2024-41482 | Typora | Cross-site Scripting vulnerability in Typora Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the MathJax component. | 6.1 |
2024-08-12 | CVE-2024-7574 | The Christmasify! plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.5. | 6.1 | |
2024-08-12 | CVE-2024-7649 | The Opal Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via checkout form fields in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. | 6.1 | |
2024-08-12 | CVE-2024-7660 | Rems | Cross-site Scripting vulnerability in Rems File Manager APP 1.0 A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. | 6.1 |
2024-08-12 | CVE-2024-7677 | Oretnom23 | Cross-site Scripting vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability was found in SourceCodester Car Driving School Management System 1.0. | 6.1 |
2024-08-12 | CVE-2024-7678 | Oretnom23 | Cross-site Scripting vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability was found in SourceCodester Car Driving School Management System 1.0. | 6.1 |
2024-08-15 | CVE-2024-31905 | IBM | Missing Encryption of Sensitive Data vulnerability in IBM Qradar Network Packet Capture 7.5.0 IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
2024-08-14 | CVE-2023-50315 | IBM | Unspecified vulnerability in IBM Websphere Application Server 8.5.0.0/9.0.0.0 IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. | 5.9 |
2024-08-14 | CVE-2024-27267 | IBM | Unspecified vulnerability in IBM Java SDK The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads. | 5.9 |
2024-08-12 | CVE-2024-41909 | Apache | Improper Validation of Integrity Check Value vulnerability in Apache Mina Sshd Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. | 5.9 |
2024-08-17 | CVE-2024-43817 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again 1. | 5.5 |
2024-08-17 | CVE-2024-43818 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: Adjust error handling in case of absent codec device acpi_get_first_physical_node() can return NULL in several cases (no such device, ACPI table error, reference count drop to 0, etc). Existing check just emit error message, but doesn't perform return. Then this NULL pointer is passed to devm_acpi_dev_add_driver_gpios() where it is dereferenced. Adjust this error handling by adding error code return. Found by Linux Verification Center (linuxtesting.org) with SVACE. | 5.5 |
2024-08-17 | CVE-2024-43819 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm->arch.gmap set to 0 and would thus result in a null pointer dereference further in. Memory management needs to be performed in userspace and using the ioctls KVM_S390_UCAS_MAP and KVM_S390_UCAS_UNMAP. Also improve s390 specific documentation for KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2. [[email protected]: commit message spelling fix, subject prefix fix] | 5.5 |
2024-08-17 | CVE-2024-43821 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference In function lpfc_xcvr_data_show, the memory allocation with kmalloc might fail, thereby making rdp_context a null pointer. | 5.5 |
2024-08-17 | CVE-2024-43822 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ASoc: PCM6240: Return directly after a failed devm_kzalloc() in pcmdevice_i2c_probe() The value “-ENOMEM” was assigned to the local variable “ret” in one if branch after a devm_kzalloc() call failed at the beginning. This error code will trigger then a pcmdevice_remove() call with a passed null pointer so that an undesirable dereference will be performed. Thus return the appropriate error code directly. | 5.5 |
2024-08-17 | CVE-2024-43823 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() If IORESOURCE_MEM is not provided in Device Tree due to any error, resource_list_first_type() will return NULL and pci_parse_request_of_pci_ranges() will just emit a warning. This will cause a NULL pointer dereference. | 5.5 |
2024-08-17 | CVE-2024-43824 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() Instead of getting the epc_features from pci_epc_get_features() API, use the cached pci_epf_test::epc_features value to avoid the NULL check. | 5.5 |
2024-08-17 | CVE-2024-43827 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check before access structs In enable_phantom_plane, we should better check null pointer before accessing various structs. | 5.5 |
2024-08-17 | CVE-2024-43828 | Linux | Infinite Loop vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct. | 5.5 |
2024-08-17 | CVE-2024-43829 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Add check for drm_cvt_mode Add check for the return value of drm_cvt_mode() and return the error if it fails in order to avoid NULL pointer dereference. | 5.5 |
2024-08-17 | CVE-2024-43833 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2_async_create_ancillary_links(), ancillary links are created for lens and flash sub-devices. | 5.5 |
2024-08-17 | CVE-2024-43834 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of page_pool_destroy() If the driver uses a page pool, it creates a page pool with page_pool_create(). The reference count of page pool is 1 as default. A page pool will be destroyed only when a reference count reaches 0. page_pool_destroy() is used to destroy page pool, it decreases a reference count. When a page pool is destroyed, ->disconnect() is called, which is mem_allocator_disconnect(). This function internally acquires mutex_lock(). If the driver uses XDP, it registers a memory model with xdp_rxq_info_reg_mem_model(). The xdp_rxq_info_reg_mem_model() internally increases a page pool reference count if a memory model is a page pool. Now the reference count is 2. To destroy a page pool, the driver should call both page_pool_destroy() and xdp_unreg_mem_model(). The xdp_unreg_mem_model() internally calls page_pool_destroy(). Only page_pool_destroy() decreases a reference count. If a driver calls page_pool_destroy() then xdp_unreg_mem_model(), we will face an invalid wait context warning. Because xdp_unreg_mem_model() calls page_pool_destroy() with rcu_read_lock(). The page_pool_destroy() internally acquires mutex_lock(). Splat looks like: ============================= [ BUG: Invalid wait context ] 6.10.0-rc6+ #4 Tainted: G W ----------------------------- ethtool/1806 is trying to lock: ffffffff90387b90 (mem_id_lock){+.+.}-{4:4}, at: mem_allocator_disconnect+0x73/0x150 other info that might help us debug this: context-{5:5} 3 locks held by ethtool/1806: stack backtrace: CPU: 0 PID: 1806 Comm: ethtool Tainted: G W 6.10.0-rc6+ #4 f916f41f172891c800f2fed Hardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021 Call Trace: <TASK> dump_stack_lvl+0x7e/0xc0 __lock_acquire+0x1681/0x4de0 ? _printk+0x64/0xe0 ? __pfx_mark_lock.part.0+0x10/0x10 ? __pfx___lock_acquire+0x10/0x10 lock_acquire+0x1b3/0x580 ? mem_allocator_disconnect+0x73/0x150 ? __wake_up_klogd.part.0+0x16/0xc0 ? __pfx_lock_acquire+0x10/0x10 ? dump_stack_lvl+0x91/0xc0 __mutex_lock+0x15c/0x1690 ? mem_allocator_disconnect+0x73/0x150 ? __pfx_prb_read_valid+0x10/0x10 ? mem_allocator_disconnect+0x73/0x150 ? __pfx_llist_add_batch+0x10/0x10 ? console_unlock+0x193/0x1b0 ? lockdep_hardirqs_on+0xbe/0x140 ? __pfx___mutex_lock+0x10/0x10 ? tick_nohz_tick_stopped+0x16/0x90 ? __irq_work_queue_local+0x1e5/0x330 ? irq_work_queue+0x39/0x50 ? __wake_up_klogd.part.0+0x79/0xc0 ? mem_allocator_disconnect+0x73/0x150 mem_allocator_disconnect+0x73/0x150 ? __pfx_mem_allocator_disconnect+0x10/0x10 ? mark_held_locks+0xa5/0xf0 ? rcu_is_watching+0x11/0xb0 page_pool_release+0x36e/0x6d0 page_pool_destroy+0xd7/0x440 xdp_unreg_mem_model+0x1a7/0x2a0 ? __pfx_xdp_unreg_mem_model+0x10/0x10 ? kfree+0x125/0x370 ? bnxt_free_ring.isra.0+0x2eb/0x500 ? bnxt_free_mem+0x5ac/0x2500 xdp_rxq_info_unreg+0x4a/0xd0 bnxt_free_mem+0x1356/0x2500 bnxt_close_nic+0xf0/0x3b0 ? __pfx_bnxt_close_nic+0x10/0x10 ? ethnl_parse_bit+0x2c6/0x6d0 ? __pfx___nla_validate_parse+0x10/0x10 ? __pfx_ethnl_parse_bit+0x10/0x10 bnxt_set_features+0x2a8/0x3e0 __netdev_update_features+0x4dc/0x1370 ? ethnl_parse_bitset+0x4ff/0x750 ? __pfx_ethnl_parse_bitset+0x10/0x10 ? __pfx___netdev_update_features+0x10/0x10 ? mark_held_locks+0xa5/0xf0 ? _raw_spin_unlock_irqrestore+0x42/0x70 ? __pm_runtime_resume+0x7d/0x110 ethnl_set_features+0x32d/0xa20 To fix this problem, it uses rhashtable_lookup_fast() instead of rhashtable_lookup() with rcu_read_lock(). Using xa without rcu_read_lock() here is safe. xa is freed by __xdp_mem_allocator_rcu_free() and this is called by call_rcu() of mem_xa_remove(). The mem_xa_remove() is called by page_pool_destroy() if a reference count reaches 0. The xa is already protected by the reference count mechanism well in the control plane. So removing rcu_read_lock() for page_pool_destroy() is safe. | 5.5 |
2024-08-17 | CVE-2024-43835 | In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix napi_skb_cache_put warning After the commit bdacf3e34945 ("net: Use nested-BH locking for napi_alloc_cache.") was merged, the following warning began to appear: WARNING: CPU: 5 PID: 1 at net/core/skbuff.c:1451 napi_skb_cache_put+0x82/0x4b0 __warn+0x12f/0x340 napi_skb_cache_put+0x82/0x4b0 napi_skb_cache_put+0x82/0x4b0 report_bug+0x165/0x370 handle_bug+0x3d/0x80 exc_invalid_op+0x1a/0x50 asm_exc_invalid_op+0x1a/0x20 __free_old_xmit+0x1c8/0x510 napi_skb_cache_put+0x82/0x4b0 __free_old_xmit+0x1c8/0x510 __free_old_xmit+0x1c8/0x510 __pfx___free_old_xmit+0x10/0x10 The issue arises because virtio is assuming it's running in NAPI context even when it's not, such as in the netpoll case. To resolve this, modify virtnet_poll_tx() to only set NAPI when budget is available. | 5.5 | |
2024-08-17 | CVE-2024-43836 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: ethtool: pse-pd: Fix possible null-deref Fix a possible null dereference when a PSE supports both c33 and PoDL, but only one of the netlink attributes is specified. | 5.5 |
2024-08-17 | CVE-2024-43837 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT When loading a EXT program without specifying `attr->attach_prog_fd`, the `prog->aux->dst_prog` will be null. | 5.5 |
2024-08-17 | CVE-2024-43838 | Linux | Integer Overflow or Wraparound vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: fix overflow check in adjust_jmp_off() adjust_jmp_off() incorrectly used the insn->imm field for all overflow check, which is incorrect as that should only be done or the BPF_JMP32 | BPF_JA case, not the general jump instruction case. | 5.5 |
2024-08-17 | CVE-2024-43840 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG When BPF_TRAMP_F_CALL_ORIG is set, the trampoline calls __bpf_tramp_enter() and __bpf_tramp_exit() functions, passing them the struct bpf_tramp_image *im pointer as an argument in R0. The trampoline generation code uses emit_addr_mov_i64() to emit instructions for moving the bpf_tramp_image address into R0, but emit_addr_mov_i64() assumes the address to be in the vmalloc() space and uses only 48 bits. | 5.5 |
2024-08-17 | CVE-2024-43844 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: wow: fix GTK offload H2C skbuff issue We mistakenly put skb too large and that may exceed skb->end. Therefore, we fix it. skbuff: skb_over_panic: text:ffffffffc09e9a9d len:416 put:204 head:ffff8fba04eca780 data:ffff8fba04eca7e0 tail:0x200 end:0x140 dev:<NULL> ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:192! invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 1 PID: 4747 Comm: kworker/u4:44 Tainted: G O 6.6.30-02659-gc18865c4dfbd #1 86547039b47e46935493f615ee31d0b2d711d35e Hardware name: HP Meep/Meep, BIOS Google_Meep.11297.262.0 03/18/2021 Workqueue: events_unbound async_run_entry_fn RIP: 0010:skb_panic+0x5d/0x60 Code: c6 63 8b 8f bb 4c 0f 45 f6 48 c7 c7 4d 89 8b bb 48 89 ce 44 89 d1 41 56 53 41 53 ff b0 c8 00 00 00 e8 27 5f 23 00 48 83 c4 20 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 RSP: 0018:ffffaa700144bad0 EFLAGS: 00010282 RAX: 0000000000000089 RBX: 0000000000000140 RCX: 14432c5aad26c900 RDX: 0000000000000000 RSI: 00000000ffffdfff RDI: 0000000000000001 RBP: ffffaa700144bae0 R08: 0000000000000000 R09: ffffaa700144b920 R10: 00000000ffffdfff R11: ffffffffbc28fbc0 R12: ffff8fba4e57a010 R13: 0000000000000000 R14: ffffffffbb8f8b63 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8fba7bd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007999c4ad1000 CR3: 000000015503a000 CR4: 0000000000350ee0 Call Trace: <TASK> ? __die_body+0x1f/0x70 ? die+0x3d/0x60 ? do_trap+0xa4/0x110 ? skb_panic+0x5d/0x60 ? do_error_trap+0x6d/0x90 ? skb_panic+0x5d/0x60 ? handle_invalid_op+0x30/0x40 ? skb_panic+0x5d/0x60 ? exc_invalid_op+0x3c/0x50 ? asm_exc_invalid_op+0x16/0x20 ? skb_panic+0x5d/0x60 skb_put+0x49/0x50 rtw89_fw_h2c_wow_gtk_ofld+0xbd/0x220 [rtw89_core 778b32de31cd1f14df2d6721ae99ba8a83636fa5] rtw89_wow_resume+0x31f/0x540 [rtw89_core 778b32de31cd1f14df2d6721ae99ba8a83636fa5] rtw89_ops_resume+0x2b/0xa0 [rtw89_core 778b32de31cd1f14df2d6721ae99ba8a83636fa5] ieee80211_reconfig+0x84/0x13e0 [mac80211 818a894e3b77da6298269c59ed7cdff065a4ed52] ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d] ? dev_printk_emit+0x51/0x70 ? _dev_info+0x6e/0x90 ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d] wiphy_resume+0x89/0x180 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d] ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d] dpm_run_callback+0x3c/0x140 device_resume+0x1f9/0x3c0 ? __pfx_dpm_watchdog_handler+0x10/0x10 async_resume+0x1d/0x30 async_run_entry_fn+0x29/0xd0 process_scheduled_works+0x1d8/0x3d0 worker_thread+0x1fc/0x2f0 kthread+0xed/0x110 ? __pfx_worker_thread+0x10/0x10 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x38/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 </TASK> Modules linked in: ccm 8021q r8153_ecm cdc_ether usbnet r8152 mii dm_integrity async_xor xor async_tx lz4 lz4_compress zstd zstd_compress zram zsmalloc uinput rfcomm cmac algif_hash rtw89_8922ae(O) algif_skcipher rtw89_8922a(O) af_alg rtw89_pci(O) rtw89_core(O) btusb(O) snd_soc_sst_bxt_da7219_max98357a btbcm(O) snd_soc_hdac_hdmi btintel(O) snd_soc_intel_hda_dsp_common snd_sof_probes btrtl(O) btmtk(O) snd_hda_codec_hdmi snd_soc_dmic uvcvideo videobuf2_vmalloc uvc videobuf2_memops videobuf2_v4l2 videobuf2_common snd_sof_pci_intel_apl snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_intel_hda soundwire_intel soundwire_generic_allocation snd_sof_intel_hda_mlink soundwire_cadence snd_sof_pci snd_sof_xtensa_dsp mac80211 snd_soc_acpi_intel_match snd_soc_acpi snd_sof snd_sof_utils soundwire_bus snd_soc_max98357a snd_soc_avs snd_soc_hda_codec snd_hda_ext_core snd_intel_dspcfg snd_intel_sdw_acpi snd_soc_da7219 snd_hda_codec snd_hwdep snd_hda_core veth ip6table_nat xt_MASQUERADE xt_cgroup fuse bluetooth ecdh_generic cfg80211 ecc gsmi: Log Shutdown ---truncated--- | 5.5 |
2024-08-17 | CVE-2024-43846 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent object does not have a parent itself. | 5.5 |
2024-08-17 | CVE-2024-43848 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix TTLM teardown work The worker calculates the wrong sdata pointer, so if it ever runs, it'll crash. | 5.5 |
2024-08-17 | CVE-2024-43849 | Linux | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locator_addr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locator_addr fields concurrently. | 5.5 |
2024-08-17 | CVE-2024-43850 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove The following warning is seen during bwmon_remove due to refcount imbalance, fix this by releasing the OPPs after use. Logs: WARNING: at drivers/opp/core.c:1640 _opp_table_kref_release+0x150/0x158 Hardware name: Qualcomm Technologies, Inc. | 5.5 |
2024-08-17 | CVE-2024-43851 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: soc: xilinx: rename cpu_number1 to dummy_cpu_number The per cpu variable cpu_number1 is passed to xlnx_event_handler as argument "dev_id", but it is not used in this function. | 5.5 |
2024-08-17 | CVE-2024-43853 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgroup_lock In the cgroup_path_ns function. 2.$cat /proc/<pid>/cpuset repeatly. 3.$mount -t cgroup -o cpuset cpuset /sys/fs/cgroup/cpuset/ $umount /sys/fs/cgroup/cpuset/ repeatly. The race that cause this bug can be shown as below: (umount) | (cat /proc/<pid>/cpuset) css_release | proc_cpuset_show css_release_work_fn | css = task_get_css(tsk, cpuset_cgrp_id); css_free_rwork_fn | cgroup_path_ns(css->cgroup, ...); cgroup_destroy_root | mutex_lock(&cgroup_mutex); rebind_subsystems | cgroup_free_root | | // cgrp was freed, UAF | cgroup_path_ns_locked(cgrp,..); When the cpuset is initialized, the root node top_cpuset.css.cgrp will point to &cgrp_dfl_root.cgrp. | 5.5 |
2024-08-17 | CVE-2024-43854 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being written media. | 5.5 |
2024-08-17 | CVE-2024-43855 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in progress. | 5.5 |
2024-08-17 | CVE-2024-43856 | Linux | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devres_destroy() to remove and free the data structure used to track the DMA allocation. | 5.5 |
2024-08-17 | CVE-2024-43857 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null reference error when checking end of zone This patch fixes a potentially null pointer being accessed by is_end_zone_blkaddr() that checks the last block of a zone when f2fs is mounted as a single device. | 5.5 |
2024-08-17 | CVE-2024-43859 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate preallocated blocks in f2fs_file_open() chenyuwen reports a f2fs bug as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000011 fscrypt_set_bio_crypt_ctx+0x78/0x1e8 f2fs_grab_read_bio+0x78/0x208 f2fs_submit_page_read+0x44/0x154 f2fs_get_read_data_page+0x288/0x5f4 f2fs_get_lock_data_page+0x60/0x190 truncate_partial_data_page+0x108/0x4fc f2fs_do_truncate_blocks+0x344/0x5f0 f2fs_truncate_blocks+0x6c/0x134 f2fs_truncate+0xd8/0x200 f2fs_iget+0x20c/0x5ac do_garbage_collect+0x5d0/0xf6c f2fs_gc+0x22c/0x6a4 f2fs_disable_checkpoint+0xc8/0x310 f2fs_fill_super+0x14bc/0x1764 mount_bdev+0x1b4/0x21c f2fs_mount+0x20/0x30 legacy_get_tree+0x50/0xbc vfs_get_tree+0x5c/0x1b0 do_new_mount+0x298/0x4cc path_mount+0x33c/0x5fc __arm64_sys_mount+0xcc/0x15c invoke_syscall+0x60/0x150 el0_svc_common+0xb8/0xf8 do_el0_svc+0x28/0xa0 el0_svc+0x24/0x84 el0t_64_sync_handler+0x88/0xec It is because inode.i_crypt_info is not initialized during below path: - mount - f2fs_fill_super - f2fs_disable_checkpoint - f2fs_gc - f2fs_iget - f2fs_truncate So, let's relocate truncation of preallocated blocks to f2fs_file_open(), after fscrypt_file_open(). | 5.5 |
2024-08-17 | CVE-2024-43860 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Skip over memory region when node value is NULL In imx_rproc_addr_init() "nph = of_count_phandle_with_args()" just counts number of phandles. | 5.5 |
2024-08-17 | CVE-2023-52889 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. | 5.5 |
2024-08-17 | CVE-2024-42262 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 484de39fa5f5b7bd0c5f2e2c5265167250ef7501) | 5.5 |
2024-08-17 | CVE-2024-42263 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 753ce4fea62182c77e1691ab4f9022008f25b62e) | 5.5 |
2024-08-17 | CVE-2024-42268 | Linux | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlink_remote_reload_actions_performed() which results in triggering lock assert like the following: WARNING: CPU: 4 PID: 1164 at net/devlink/core.c:261 devl_assert_locked+0x3e/0x50 … CPU: 4 PID: 1164 Comm: kworker/u96:6 Tainted: G S W 6.10.0-rc2+ #116 Hardware name: Supermicro SYS-2028TP-DECTR/X10DRT-PT, BIOS 2.0 12/18/2015 Workqueue: mlx5_fw_reset_events mlx5_sync_reset_reload_work [mlx5_core] RIP: 0010:devl_assert_locked+0x3e/0x50 … Call Trace: <TASK> ? __warn+0xa4/0x210 ? devl_assert_locked+0x3e/0x50 ? report_bug+0x160/0x280 ? handle_bug+0x3f/0x80 ? exc_invalid_op+0x17/0x40 ? asm_exc_invalid_op+0x1a/0x20 ? devl_assert_locked+0x3e/0x50 devlink_notify+0x88/0x2b0 ? mlx5_attach_device+0x20c/0x230 [mlx5_core] ? __pfx_devlink_notify+0x10/0x10 ? process_one_work+0x4b6/0xbb0 process_one_work+0x4b6/0xbb0 […] | 5.5 |
2024-08-17 | CVE-2024-42269 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). ip6table_nat_table_init() accesses net->gen->ptr[ip6table_nat_net_ops.id], but the function is exposed to user space before the entry is allocated via register_pernet_subsys(). Let's call register_pernet_subsys() before xt_register_template(). | 5.5 |
2024-08-17 | CVE-2024-42270 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). We had a report that iptables-restore sometimes triggered null-ptr-deref at boot time. | 5.5 |
2024-08-17 | CVE-2024-42272 | Linux | Use of Uninitialized Resource vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: sched: act_ct: take care of padding in struct zones_ht_key Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zones_ht_key got a struct net pointer. Make sure rhashtable_lookup() is not using the padding bytes which are not initialized. BUG: KMSAN: uninit-value in rht_ptr_rcu include/linux/rhashtable.h:376 [inline] BUG: KMSAN: uninit-value in __rhashtable_lookup include/linux/rhashtable.h:607 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup include/linux/rhashtable.h:646 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline] BUG: KMSAN: uninit-value in tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329 rht_ptr_rcu include/linux/rhashtable.h:376 [inline] __rhashtable_lookup include/linux/rhashtable.h:607 [inline] rhashtable_lookup include/linux/rhashtable.h:646 [inline] rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline] tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329 tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408 tcf_action_init_1+0x6cc/0xb30 net/sched/act_api.c:1425 tcf_action_init+0x458/0xf00 net/sched/act_api.c:1488 tcf_action_add net/sched/act_api.c:2061 [inline] tc_ctl_action+0x4be/0x19d0 net/sched/act_api.c:2118 rtnetlink_rcv_msg+0x12fc/0x1410 net/core/rtnetlink.c:6647 netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2550 rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6665 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:745 ____sys_sendmsg+0x877/0xb60 net/socket.c:2597 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2651 __sys_sendmsg net/socket.c:2680 [inline] __do_sys_sendmsg net/socket.c:2689 [inline] __se_sys_sendmsg net/socket.c:2687 [inline] __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2687 x64_sys_call+0x2dd6/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Local variable key created at: tcf_ct_flow_table_get+0x4a/0x2260 net/sched/act_ct.c:324 tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408 | 5.5 |
2024-08-17 | CVE-2024-42277 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en In sprd_iommu_cleanup() before calling function sprd_iommu_hw_en() dom->sdev is equal to NULL, which leads to null dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE. | 5.5 |
2024-08-17 | CVE-2024-42278 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data() This function has a reversed if statement so it's either a no-op or it leads to a NULL dereference. | 5.5 |
2024-08-17 | CVE-2024-42282 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: mediatek: Fix potential NULL pointer dereference in dummy net_device handling Move the freeing of the dummy net_device from mtk_free_dev() to mtk_remove(). Previously, if alloc_netdev_dummy() failed in mtk_probe(), eth->dummy_dev would be NULL. | 5.5 |
2024-08-17 | CVE-2024-42283 | Linux | Use of Uninitialized Resource vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. | 5.5 |
2024-08-17 | CVE-2024-42286 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvme_local_port correctly The driver load failed with error message, qla2xxx [0000:04:00.0]-ffff:0: register_localport failed: ret=ffffffef and with a kernel crash, BUG: unable to handle kernel NULL pointer dereference at 0000000000000070 Workqueue: events_unbound qla_register_fcport_fn [qla2xxx] RIP: 0010:nvme_fc_register_remoteport+0x16/0x430 [nvme_fc] RSP: 0018:ffffaaa040eb3d98 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff9dfb46b78c00 RCX: 0000000000000000 RDX: ffff9dfb46b78da8 RSI: ffffaaa040eb3e08 RDI: 0000000000000000 RBP: ffff9dfb612a0a58 R08: ffffffffaf1d6270 R09: 3a34303a30303030 R10: 34303a303030305b R11: 2078787832616c71 R12: ffff9dfb46b78dd4 R13: ffff9dfb46b78c24 R14: ffff9dfb41525300 R15: ffff9dfb46b78da8 FS: 0000000000000000(0000) GS:ffff9dfc67c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000070 CR3: 000000018da10004 CR4: 00000000000206f0 Call Trace: qla_nvme_register_remote+0xeb/0x1f0 [qla2xxx] ? qla2x00_dfs_create_rport+0x231/0x270 [qla2xxx] qla2x00_update_fcport+0x2a1/0x3c0 [qla2xxx] qla_register_fcport_fn+0x54/0xc0 [qla2xxx] Exit the qla_nvme_register_remote() function when qla_nvme_register_hba() fails and correctly validate nvme_local_port. | 5.5 |
2024-08-17 | CVE-2024-42288 | Linux | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly. | 5.5 |
2024-08-17 | CVE-2024-42289 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: During vport delete send async logout explicitly During vport delete, it is observed that during unload we hit a crash because of stale entries in outstanding command array. | 5.5 |
2024-08-17 | CVE-2024-42294 | Linux | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0:0":7 blocked for more than 188 seconds. [ 2538.459427] Call trace: [ 2538.459430] __switch_to+0x174/0x338 [ 2538.459436] __schedule+0x628/0x9c4 [ 2538.459442] schedule+0x7c/0xe8 [ 2538.459447] schedule_preempt_disabled+0x24/0x40 [ 2538.459453] __mutex_lock+0x3ec/0xf04 [ 2538.459456] __mutex_lock_slowpath+0x14/0x24 [ 2538.459459] mutex_lock+0x30/0xd8 [ 2538.459462] del_gendisk+0xdc/0x350 [ 2538.459466] sd_remove+0x30/0x60 [ 2538.459470] device_release_driver_internal+0x1c4/0x2c4 [ 2538.459474] device_release_driver+0x18/0x28 [ 2538.459478] bus_remove_device+0x15c/0x174 [ 2538.459483] device_del+0x1d0/0x358 [ 2538.459488] __scsi_remove_device+0xa8/0x198 [ 2538.459493] scsi_forget_host+0x50/0x70 [ 2538.459497] scsi_remove_host+0x80/0x180 [ 2538.459502] usb_stor_disconnect+0x68/0xf4 [ 2538.459506] usb_unbind_interface+0xd4/0x280 [ 2538.459510] device_release_driver_internal+0x1c4/0x2c4 [ 2538.459514] device_release_driver+0x18/0x28 [ 2538.459518] bus_remove_device+0x15c/0x174 [ 2538.459523] device_del+0x1d0/0x358 [ 2538.459528] usb_disable_device+0x84/0x194 [ 2538.459532] usb_disconnect+0xec/0x300 [ 2538.459537] hub_event+0xb80/0x1870 [ 2538.459541] process_scheduled_works+0x248/0x4dc [ 2538.459545] worker_thread+0x244/0x334 [ 2538.459549] kthread+0x114/0x1bc [ 2538.461001] INFO: task "fsck.":15415 blocked for more than 188 seconds. [ 2538.461014] Call trace: [ 2538.461016] __switch_to+0x174/0x338 [ 2538.461021] __schedule+0x628/0x9c4 [ 2538.461025] schedule+0x7c/0xe8 [ 2538.461030] blk_queue_enter+0xc4/0x160 [ 2538.461034] blk_mq_alloc_request+0x120/0x1d4 [ 2538.461037] scsi_execute_cmd+0x7c/0x23c [ 2538.461040] ioctl_internal_command+0x5c/0x164 [ 2538.461046] scsi_set_medium_removal+0x5c/0xb0 [ 2538.461051] sd_release+0x50/0x94 [ 2538.461054] blkdev_put+0x190/0x28c [ 2538.461058] blkdev_release+0x28/0x40 [ 2538.461063] __fput+0xf8/0x2a8 [ 2538.461066] __fput_sync+0x28/0x5c [ 2538.461070] __arm64_sys_close+0x84/0xe8 [ 2538.461073] invoke_syscall+0x58/0x114 [ 2538.461078] el0_svc_common+0xac/0xe0 [ 2538.461082] do_el0_svc+0x1c/0x28 [ 2538.461087] el0_svc+0x38/0x68 [ 2538.461090] el0t_64_sync_handler+0x68/0xbc [ 2538.461093] el0t_64_sync+0x1a8/0x1ac T1: T2: sd_remove del_gendisk __blk_mark_disk_dead blk_freeze_queue_start ++q->mq_freeze_depth bdev_release mutex_lock(&disk->open_mutex) sd_release scsi_execute_cmd blk_queue_enter wait_event(!q->mq_freeze_depth) mutex_lock(&disk->open_mutex) SCSI does not set GD_OWNS_QUEUE, so QUEUE_FLAG_DYING is not set in this scenario. | 5.5 |
2024-08-17 | CVE-2024-42297 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fs_evict_inode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664 dispose_list fs/inode.c:697 [inline] evict_inodes+0x5f8/0x690 fs/inode.c:747 generic_shutdown_super+0x9d/0x2c0 fs/super.c:675 kill_block_super+0x44/0x90 fs/super.c:1667 kill_f2fs_super+0x303/0x3b0 fs/f2fs/super.c:4894 deactivate_locked_super+0xc1/0x130 fs/super.c:484 cleanup_mnt+0x426/0x4c0 fs/namespace.c:1256 task_work_run+0x24a/0x300 kernel/task_work.c:180 ptrace_notify+0x2cd/0x380 kernel/signal.c:2399 ptrace_report_syscall include/linux/ptrace.h:411 [inline] ptrace_report_syscall_exit include/linux/ptrace.h:473 [inline] syscall_exit_work kernel/entry/common.c:251 [inline] syscall_exit_to_user_mode_prepare kernel/entry/common.c:278 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline] syscall_exit_to_user_mode+0x15c/0x280 kernel/entry/common.c:296 do_syscall_64+0x50/0x110 arch/x86/entry/common.c:88 entry_SYSCALL_64_after_hwframe+0x63/0x6b The root cause is: - do_sys_open - f2fs_lookup - __f2fs_find_entry - f2fs_i_depth_write - f2fs_mark_inode_dirty_sync - f2fs_dirty_inode - set_inode_flag(inode, FI_DIRTY_INODE) - umount - kill_f2fs_super - kill_block_super - generic_shutdown_super - sync_filesystem : sb is readonly, skip sync_filesystem() - evict_inodes - iput - f2fs_evict_inode - f2fs_bug_on(sbi, is_inode_flag_set(inode, FI_DIRTY_INODE)) : trigger kernel panic When we try to repair i_current_depth in readonly filesystem, let's skip dirty inode to avoid panic in later f2fs_evict_inode(). | 5.5 |
2024-08-17 | CVE-2024-42298 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. | 5.5 |
2024-08-17 | CVE-2024-42307 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assumed 'serverclose_wq' could be null (see line 1895) The patch which introduced the serverclose workqueue used the wrong oredering in error paths in init_cifs() for freeing it on errors. | 5.5 |
2024-08-17 | CVE-2024-42309 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer dereference on failure of drm_mode_duplicate(). | 5.5 |
2024-08-17 | CVE-2024-42310 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). | 5.5 |
2024-08-17 | CVE-2024-42311 | Linux | Use of Uninitialized Resource vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ===================================================== BUG: KMSAN: uninit-value in hfs_revalidate_dentry+0x307/0x3f0 fs/hfs/sysdep.c:30 hfs_revalidate_dentry+0x307/0x3f0 fs/hfs/sysdep.c:30 d_revalidate fs/namei.c:862 [inline] lookup_fast+0x89e/0x8e0 fs/namei.c:1649 walk_component fs/namei.c:2001 [inline] link_path_walk+0x817/0x1480 fs/namei.c:2332 path_lookupat+0xd9/0x6f0 fs/namei.c:2485 filename_lookup+0x22e/0x740 fs/namei.c:2515 user_path_at_empty+0x8b/0x390 fs/namei.c:2924 user_path_at include/linux/namei.h:57 [inline] do_mount fs/namespace.c:3689 [inline] __do_sys_mount fs/namespace.c:3898 [inline] __se_sys_mount+0x66b/0x810 fs/namespace.c:3875 __x64_sys_mount+0xe4/0x140 fs/namespace.c:3875 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b BUG: KMSAN: uninit-value in hfs_ext_read_extent fs/hfs/extent.c:196 [inline] BUG: KMSAN: uninit-value in hfs_get_block+0x92d/0x1620 fs/hfs/extent.c:366 hfs_ext_read_extent fs/hfs/extent.c:196 [inline] hfs_get_block+0x92d/0x1620 fs/hfs/extent.c:366 block_read_full_folio+0x4ff/0x11b0 fs/buffer.c:2271 hfs_read_folio+0x55/0x60 fs/hfs/inode.c:39 filemap_read_folio+0x148/0x4f0 mm/filemap.c:2426 do_read_cache_folio+0x7c8/0xd90 mm/filemap.c:3553 do_read_cache_page mm/filemap.c:3595 [inline] read_cache_page+0xfb/0x2f0 mm/filemap.c:3604 read_mapping_page include/linux/pagemap.h:755 [inline] hfs_btree_open+0x928/0x1ae0 fs/hfs/btree.c:78 hfs_mdb_get+0x260c/0x3000 fs/hfs/mdb.c:204 hfs_fill_super+0x1fb1/0x2790 fs/hfs/super.c:406 mount_bdev+0x628/0x920 fs/super.c:1359 hfs_mount+0xcd/0xe0 fs/hfs/super.c:456 legacy_get_tree+0x167/0x2e0 fs/fs_context.c:610 vfs_get_tree+0xdc/0x5d0 fs/super.c:1489 do_new_mount+0x7a9/0x16f0 fs/namespace.c:3145 path_mount+0xf98/0x26a0 fs/namespace.c:3475 do_mount fs/namespace.c:3488 [inline] __do_sys_mount fs/namespace.c:3697 [inline] __se_sys_mount+0x919/0x9e0 fs/namespace.c:3674 __ia32_sys_mount+0x15b/0x1b0 fs/namespace.c:3674 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline] __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178 do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246 entry_SYSENTER_compat_after_hwframe+0x70/0x82 Uninit was created at: __alloc_pages+0x9a6/0xe00 mm/page_alloc.c:4590 __alloc_pages_node include/linux/gfp.h:238 [inline] alloc_pages_node include/linux/gfp.h:261 [inline] alloc_slab_page mm/slub.c:2190 [inline] allocate_slab mm/slub.c:2354 [inline] new_slab+0x2d7/0x1400 mm/slub.c:2407 ___slab_alloc+0x16b5/0x3970 mm/slub.c:3540 __slab_alloc mm/slub.c:3625 [inline] __slab_alloc_node mm/slub.c:3678 [inline] slab_alloc_node mm/slub.c:3850 [inline] kmem_cache_alloc_lru+0x64d/0xb30 mm/slub.c:3879 alloc_inode_sb include/linux/fs.h:3018 [inline] hfs_alloc_inode+0x5a/0xc0 fs/hfs/super.c:165 alloc_inode+0x83/0x440 fs/inode.c:260 new_inode_pseudo fs/inode.c:1005 [inline] new_inode+0x38/0x4f0 fs/inode.c:1031 hfs_new_inode+0x61/0x1010 fs/hfs/inode.c:186 hfs_mkdir+0x54/0x250 fs/hfs/dir.c:228 vfs_mkdir+0x49a/0x700 fs/namei.c:4126 do_mkdirat+0x529/0x810 fs/namei.c:4149 __do_sys_mkdirat fs/namei.c:4164 [inline] __se_sys_mkdirat fs/namei.c:4162 [inline] __x64_sys_mkdirat+0xc8/0x120 fs/namei.c:4162 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b It missed to initialize .tz_secondswest, .cached_start and .cached_blocks fields in struct hfs_inode_info after hfs_alloc_inode(), fix it. | 5.5 |
2024-08-17 | CVE-2024-42315 | Linux | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set. | 5.5 |
2024-08-17 | CVE-2024-42316 | Linux | Divide By Zero vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressure_calc_level() evict_folios() uses a second pass to reclaim folios that have gone through page writeback and become clean before it finishes the first pass, since folio_rotate_reclaimable() cannot handle those folios due to the isolation. The second pass tries to avoid potential double counting by deducting scan_control->nr_scanned. | 5.5 |
2024-08-17 | CVE-2024-42320 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails. | 5.5 |
2024-08-15 | CVE-2024-7866 | Xpdfreader | Uncontrolled Recursion vulnerability in Xpdfreader Xpdf In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow. | 5.5 |
2024-08-15 | CVE-2024-42677 | Isellerpal | Unspecified vulnerability in Isellerpal Enterprise Resource Management System An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker to obtain sensitive information via the /nssys/common/filehandle. | 5.5 |
2024-08-15 | CVE-2024-42680 | Cysoft168 | Path Traversal vulnerability in Cysoft168 Super Easy Enterprise Management System An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark. | 5.5 |
2024-08-15 | CVE-2024-25024 | IBM | Cleartext Storage of Sensitive Information vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
2024-08-14 | CVE-2024-20790 | Adobe | Out-of-bounds Read vulnerability in Adobe Dimension Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-34118 | Adobe | Unspecified vulnerability in Adobe Illustrator Illustrator versions 28.5, 27.9.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to an application denial-of-service condition. | 5.5 |
2024-08-14 | CVE-2024-34125 | Adobe | Out-of-bounds Read vulnerability in Adobe Dimension Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-34126 | Adobe | Out-of-bounds Read vulnerability in Adobe Dimension Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-34127 | Adobe | Out-of-bounds Read vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-34134 | Adobe | Out-of-bounds Read vulnerability in Adobe Illustrator Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-34135 | Adobe | Out-of-bounds Read vulnerability in Adobe Illustrator Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-34136 | Adobe | NULL Pointer Dereference vulnerability in Adobe Illustrator Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). | 5.5 |
2024-08-14 | CVE-2024-34137 | Adobe | NULL Pointer Dereference vulnerability in Adobe Illustrator Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. | 5.5 |
2024-08-14 | CVE-2024-34138 | Adobe | NULL Pointer Dereference vulnerability in Adobe Illustrator Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). | 5.5 |
2024-08-14 | CVE-2024-39387 | Adobe | Out-of-bounds Read vulnerability in Adobe Bridge Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-39395 | Adobe | NULL Pointer Dereference vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). | 5.5 |
2024-08-14 | CVE-2024-41719 | F5 | Information Exposure Through Log Files vulnerability in F5 Big-Ip Next Central Manager When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5 iHealth credentials will be logged in the BIG-IP Central Manager logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.5 |
2024-08-14 | CVE-2024-41832 | Adobe | Out-of-bounds Read vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-41833 | Adobe | Out-of-bounds Read vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-41834 | Adobe | Out-of-bounds Read vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-41835 | Adobe | Out-of-bounds Read vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-41854 | Adobe | Out-of-bounds Read vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-41866 | Adobe | NULL Pointer Dereference vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). | 5.5 |
2024-08-14 | CVE-2024-42259 | Linux | Incorrect Calculation of Buffer Size vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. | 5.5 |
2024-08-14 | CVE-2024-24580 | Intel | Unspecified vulnerability in Intel products Improper conditions check in some Intel(R) Data Center GPU Max Series 1100 and 1550 products may allow a privileged user to potentially enable denial of service via local access. | 5.5 |
2024-08-14 | CVE-2024-27461 | Intel | Incorrect Default Permissions vulnerability in Intel Memory and Storage Tool GUI Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
2024-08-14 | CVE-2024-28050 | Intel | Unspecified vulnerability in Intel ARC a Graphics and Iris XE Graphics Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
2024-08-14 | CVE-2024-41860 | Adobe | Out-of-bounds Read vulnerability in Adobe Substance 3D Sampler 4.2.1 Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-41861 | Adobe | Out-of-bounds Read vulnerability in Adobe Substance 3D Sampler 4.2.1 Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-41862 | Adobe | Out-of-bounds Read vulnerability in Adobe Substance 3D Sampler 4.2.1 Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-14 | CVE-2024-41863 | Adobe | Out-of-bounds Read vulnerability in Adobe Substance 3D Sampler 4.2.1 Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-08-13 | CVE-2024-38118 | Microsoft | Use of Uninitialized Resource vulnerability in Microsoft products Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | 5.5 |
2024-08-13 | CVE-2024-38122 | Microsoft | Use of Uninitialized Resource vulnerability in Microsoft products Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | 5.5 |
2024-08-13 | CVE-2024-38151 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kernel Information Disclosure Vulnerability | 5.5 |
2024-08-13 | CVE-2024-38155 | Microsoft | Unspecified vulnerability in Microsoft products Security Center Broker Information Disclosure Vulnerability | 5.5 |
2024-08-13 | CVE-2024-36505 | Fortinet | Unspecified vulnerability in Fortinet Fortios An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system. | 5.5 |
2024-08-12 | CVE-2024-42258 | Linux | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1]. | 5.5 |
2024-08-18 | CVE-2024-7916 | Insurance Management System Project | Cross-site Scripting vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability classified as problematic was found in nafisulbari/itsourcecode Insurance Management System 1.0. | 5.4 |
2024-08-18 | CVE-2024-7914 | Oretnom23 | Cross-site Scripting vulnerability in Oretnom23 Yoga Class Registration System 1.0 A vulnerability classified as problematic has been found in SourceCodester Yoga Class Registration System 1.0. | 5.4 |
2024-08-18 | CVE-2024-43308 | Gutentor | Cross-site Scripting vulnerability in Gutentor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gutentor Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor allows Stored XSS.This issue affects Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor: from n/a through 3.3.5. | 5.4 |
2024-08-18 | CVE-2024-43309 | Wpsocio | Cross-site Scripting vulnerability in Wpsocio WP Telegram Widget and Join Link Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Socio WP Telegram Widget and Join Link allows Stored XSS.This issue affects WP Telegram Widget and Join Link: from n/a through 2.1.27. | 5.4 |
2024-08-18 | CVE-2024-43318 | E2Pdf | Cross-site Scripting vulnerability in E2Pdf Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in E2Pdf.Com allows Stored XSS.This issue affects e2pdf: from n/a through 1.25.05. | 5.4 |
2024-08-18 | CVE-2024-43329 | Cpothemes | Cross-site Scripting vulnerability in Cpothemes Allegiant Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Chill Allegiant allegiant allows Stored XSS.This issue affects Allegiant: from n/a through 1.2.7. | 5.4 |
2024-08-18 | CVE-2024-43335 | Cyberchimps | Cross-site Scripting vulnerability in Cyberchimps Responsive Blocks Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8. | 5.4 |
2024-08-18 | CVE-2024-43342 | Bdthemes | Cross-site Scripting vulnerability in Bdthemes Ultimate Store KIT Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.6.4. | 5.4 |
2024-08-17 | CVE-2024-7901 | Scada LTS | Cross-site Scripting vulnerability in Scada-Lts 2.7.8 A vulnerability has been found in Scada-LTS 2.7.8 and classified as problematic. | 5.4 |
2024-08-16 | CVE-2024-43381 | Yogeshojha | Cross-site Scripting vulnerability in Yogeshojha Rengine reNgine is an automated reconnaissance framework for web applications. | 5.4 |
2024-08-16 | CVE-2024-43807 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page | 5.4 |
2024-08-16 | CVE-2024-43808 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin | 5.4 |
2024-08-16 | CVE-2024-43810 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin | 5.4 |
2024-08-16 | CVE-2024-7144 | Crocoblock | Cross-site Scripting vulnerability in Crocoblock Jetelements The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'slide_id' parameters in all versions up to, and including, 2.6.20 due to insufficient input sanitization and output escaping. | 5.4 |
2024-08-16 | CVE-2024-7852 | Oretnom23 | Cross-site Scripting vulnerability in Oretnom23 Yoga Class Registration System 1.0 A vulnerability was found in SourceCodester Yoga Class Registration System 1.0 and classified as problematic. | 5.4 |
2024-08-15 | CVE-2024-7844 | Tamparongj 03 | Cross-site Scripting vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0 A vulnerability has been found in SourceCodester Online Graduate Tracer System 1.0 and classified as problematic. | 5.4 |
2024-08-15 | CVE-2024-6533 | Monospace | Cross-site Scripting vulnerability in Monospace Directus 10.13.0 Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. | 5.4 |
2024-08-15 | CVE-2024-7812 | Mayurik | Cross-site Scripting vulnerability in Mayurik Best House Rental Management System 1.0 A vulnerability classified as problematic was found in SourceCodester Best House Rental Management System 1.0. | 5.4 |
2024-08-14 | CVE-2024-7793 | Rems | Cross-site Scripting vulnerability in Rems Task Progress Tracker 1.0 A vulnerability was found in SourceCodester Task Progress Tracker 1.0. | 5.4 |
2024-08-14 | CVE-2024-7790 | Stitionai | Cross-site Scripting vulnerability in Stitionai Devika A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input. | 5.4 |
2024-08-14 | CVE-2024-39418 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 5.4 |
2024-08-13 | CVE-2024-7749 | Rems | Cross-site Scripting vulnerability in Rems Accounts Manager APP 1.0 A vulnerability, which was classified as problematic, was found in SourceCodester Accounts Manager App 1.0. | 5.4 |
2024-08-13 | CVE-2024-7733 | Xjd2020 | Cross-site Scripting vulnerability in Xjd2020 Fastcms A vulnerability, which was classified as problematic, was found in FastCMS up to 0.1.5. | 5.4 |
2024-08-13 | CVE-2024-41613 | Symphony CMS | Cross-site Scripting vulnerability in Symphony-Cms Symphony CMS 2.7.10 A Cross Site Scripting (XSS) vulnerability in Symphony CMS 2.7.10 allows remote attackers to inject arbitrary web script or HTML by editing note. | 5.4 |
2024-08-13 | CVE-2024-41907 | Siemens | Unspecified vulnerability in Siemens Sinec Traffic Analyzer A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). | 5.4 |
2024-08-13 | CVE-2024-42373 | SAP | Missing Authorization vulnerability in SAP Student Life Cycle Management SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. | 5.4 |
2024-08-13 | CVE-2024-41732 | SAP | Unspecified vulnerability in SAP Netweaver Application Server Abap SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls. | 5.4 |
2024-08-13 | CVE-2024-41735 | SAP | Cross-site Scripting vulnerability in SAP Commerce Backoffice Hycom2205 SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability causing low impact on confidentiality and integrity of the application. | 5.4 |
2024-08-12 | CVE-2024-33533 | Zimbra | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, issue 1 of 2. | 5.4 |
2024-08-12 | CVE-2024-33536 | Zimbra | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 5.4 |
2024-08-12 | CVE-2023-38018 | IBM | Session Fixation vulnerability in IBM Aspera Shares 1.10.0 IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. | 5.4 |
2024-08-12 | CVE-2024-40473 | Mayurik | Cross-site Scripting vulnerability in Mayurik Best House Rental Management System 1.0 A Stored Cross Site Scripting (XSS) vulnerability was found in "manage_houses.php" in SourceCodester Best House Rental Management System v1.0. | 5.4 |
2024-08-12 | CVE-2024-40474 | Mayurik | Cross-site Scripting vulnerability in Mayurik Best House Rental Management System 1.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in "edit-cate.php" in SourceCodester House Rental Management System v1.0. | 5.4 |
2024-08-12 | CVE-2024-40478 | Jayesh | Cross-site Scripting vulnerability in Jayesh Online Exam System 1.0 A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields | 5.4 |
2024-08-12 | CVE-2024-40481 | Phpgurukul | Cross-site Scripting vulnerability in PHPgurukul OLD AGE Home Management System 1.0 A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/view-enquiry.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page "message" parameter. | 5.4 |
2024-08-12 | CVE-2024-42165 | Fiware | Use of Insufficiently Random Values vulnerability in Fiware Keyrock Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link. | 5.4 |
2024-08-12 | CVE-2024-7621 | The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the process_wpfeedback_misc_options() function in all versions up to, and including, 4.0.2. | 5.4 | |
2024-08-12 | CVE-2024-7644 | Rems | Cross-site Scripting vulnerability in Rems Leads Manager Tool 1.0 A vulnerability was found in SourceCodester Leads Manager Tool 1.0. | 5.4 |
2024-08-12 | CVE-2024-7645 | Oretnom23 | Cross-Site Request Forgery (CSRF) vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. | 5.4 |
2024-08-12 | CVE-2024-7657 | Gilacms | Cross-site Scripting vulnerability in Gilacms Gila CMS 1.10.9 A vulnerability classified as problematic was found in Gila CMS 1.10.9. | 5.4 |
2024-08-12 | CVE-2024-7683 | Mayurik | Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability classified as problematic has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. | 5.4 |
2024-08-12 | CVE-2024-7684 | Mayurik | Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability classified as problematic was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. | 5.4 |
2024-08-12 | CVE-2024-7685 | Mayurik | Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability, which was classified as problematic, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. | 5.4 |
2024-08-12 | CVE-2024-7686 | Mayurik | Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability, which was classified as problematic, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. | 5.4 |
2024-08-18 | CVE-2024-7912 | Online Railway Reservation System Project | Unspecified vulnerability in Online Railway Reservation System Project Online Railway Reservation System 1.0 A vulnerability was found in CodeAstro Online Railway Reservation System 1.0. | 5.3 |
2024-08-17 | CVE-2023-4024 | Softlabbd | Missing Authorization vulnerability in Softlabbd Radio Player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. | 5.3 |
2024-08-17 | CVE-2023-4025 | Softlabbd | Missing Authorization vulnerability in Softlabbd Radio Player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. | 5.3 |
2024-08-17 | CVE-2023-4027 | Softlabbd | Missing Authorization vulnerability in Softlabbd Radio Player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73. | 5.3 |
2024-08-17 | CVE-2023-4730 | The LadiApp plugn for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init_endpoint() function hooked via 'init' in versions up to, and including, 4.3. | 5.3 | |
2024-08-16 | CVE-2024-7630 | The Relevanssi – A Better Search plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.22.2 via the relevanssi_do_query() due to insufficient limitations on the posts that are returned when searching. | 5.3 | |
2024-08-15 | CVE-2024-7411 | The Newsletters plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 4.9.9. | 5.3 | |
2024-08-15 | CVE-2024-7809 | Tamparongj 03 | Unspecified vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0 A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. | 5.3 |
2024-08-14 | CVE-2024-37028 | F5 | Improper Authentication vulnerability in F5 Big-Ip Next Central Manager BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.3 |
2024-08-13 | CVE-2024-7741 | Ltcms | Path Traversal vulnerability in Ltcms 1.0.20 A vulnerability was found in wanglongcn ltcms 1.0.20 and classified as critical. | 5.3 |
2024-08-13 | CVE-2024-6384 | Mongodb | Unspecified vulnerability in Mongodb "Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. | 5.3 |
2024-08-13 | CVE-2024-3913 | Phoenixcontact | Files or Directories Accessible to External Parties vulnerability in Phoenixcontact products An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup. | 5.3 |
2024-08-13 | CVE-2024-41682 | Siemens | Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Location Intelligence A vulnerability has been identified in Location Intelligence family (All versions < V4.4). | 5.3 |
2024-08-13 | CVE-2024-41683 | Siemens | Weak Password Requirements vulnerability in Siemens Location Intelligence A vulnerability has been identified in Location Intelligence family (All versions < V4.4). | 5.3 |
2024-08-13 | CVE-2024-39591 | SAP | Missing Authorization vulnerability in SAP Document Builder SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application. | 5.3 |
2024-08-13 | CVE-2024-41733 | SAP | Unspecified vulnerability in SAP Commerce Comcloud2211/Hycom2205 In SAP Commerce, valid user accounts can be identified during the customer registration and login processes. | 5.3 |
2024-08-12 | CVE-2024-7705 | Mainwww | Unrestricted Upload of File with Dangerous Type vulnerability in Mainwww Mwcms 1.0.0 A vulnerability was found in Fujian mwcms 1.0.0. | 5.3 |
2024-08-12 | CVE-2024-41888 | Apache | Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. | 5.3 |
2024-08-12 | CVE-2024-41890 | Apache | Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. | 5.3 |
2024-08-12 | CVE-2024-6562 | The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.5. | 5.3 | |
2024-08-12 | CVE-2024-6759 | Freebsd | Path Traversal vulnerability in Freebsd When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". | 5.3 |
2024-08-12 | CVE-2024-7410 | The My Custom CSS PHP & ADS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.3. | 5.3 | |
2024-08-12 | CVE-2024-7412 | The No Update Nag plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.12. | 5.3 | |
2024-08-12 | CVE-2024-7413 | The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.8.1. | 5.3 | |
2024-08-12 | CVE-2024-7414 | The PDF Builder for WPForms plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.116. | 5.3 | |
2024-08-12 | CVE-2024-7416 | The Reveal Template plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.7. | 5.3 | |
2024-08-12 | CVE-2024-7658 | Projectsend | Authorization Bypass Through User-Controlled Key vulnerability in Projectsend A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. | 5.3 |
2024-08-12 | CVE-2024-7663 | Oretnom23 | SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability was found in SourceCodester Car Driving School Management System 1.0. | 5.3 |
2024-08-12 | CVE-2024-7666 | Oretnom23 | SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Car Driving School Management System 1.0. | 5.3 |
2024-08-12 | CVE-2024-7667 | Oretnom23 | SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Car Driving School Management System 1.0. | 5.3 |
2024-08-12 | CVE-2024-7668 | Oretnom23 | SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability has been found in SourceCodester Car Driving School Management System 1.0 and classified as critical. | 5.3 |
2024-08-12 | CVE-2024-7669 | Oretnom23 | SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability was found in SourceCodester Car Driving School Management System 1.0 and classified as critical. | 5.3 |
2024-08-12 | CVE-2024-7676 | Oretnom23 | SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability was found in Sourcecodester Car Driving School Management System 1.0. | 5.3 |
2024-08-13 | CVE-2024-41737 | SAP | Server-Side Request Forgery (SSRF) vulnerability in SAP CRM Abap Insights Management SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. | 5.0 |
2024-08-15 | CVE-2024-40704 | IBM | Insufficiently Protected Credentials vulnerability in IBM Infosphere Information Server 11.7/11.7.0.1/11.7.0.2 IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. | 4.9 |
2024-08-14 | CVE-2024-39823 | Zoom | Unspecified vulnerability in Zoom products Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | 4.9 |
2024-08-14 | CVE-2024-39824 | Zoom | Unspecified vulnerability in Zoom products Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | 4.9 |
2024-08-14 | CVE-2024-42434 | Zoom | Unspecified vulnerability in Zoom products Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | 4.9 |
2024-08-14 | CVE-2024-42435 | Zoom | Unspecified vulnerability in Zoom products Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | 4.9 |
2024-08-18 | CVE-2024-43324 | Cleversoft | Cross-site Scripting vulnerability in Cleversoft Clever Addons for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CleverSoft Clever Addons for Elementor allows Stored XSS.This issue affects Clever Addons for Elementor: from n/a through 2.2.0. | 4.8 |
2024-08-17 | CVE-2024-7900 | Tpmecms | Cross-site Scripting vulnerability in Tpmecms 1.3.3.2 A vulnerability, which was classified as problematic, was found in xiaohe4966 TpMeCMS 1.3.3.2. | 4.8 |
2024-08-15 | CVE-2024-7814 | Online Railway Reservation System Project | Cross-site Scripting vulnerability in Online Railway Reservation System Project Online Railway Reservation System 1.0 A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservation System 1.0. | 4.8 |
2024-08-15 | CVE-2024-7815 | Online Railway Reservation System Project | Cross-site Scripting vulnerability in Online Railway Reservation System Project Online Railway Reservation System 1.0 A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. | 4.8 |
2024-08-13 | CVE-2024-41614 | Symphony CMS | Cross-site Scripting vulnerability in Symphony-Cms Symphony CMS symphonycms <=2.7.10 is vulnerable to Cross Site Scripting (XSS) in the Comment component for articles. | 4.8 |
2024-08-13 | CVE-2024-41774 | IBM | Cross-site Scripting vulnerability in IBM Common Licensing 9.0 IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. | 4.8 |
2024-08-12 | CVE-2024-4350 | Concretecms | Cross-site Scripting vulnerability in Concretecms Concrete CMS Concrete CMS versions 9.0.0 to 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in RSS Displayer when user input is stored and later embedded into responses. | 4.8 |
2024-08-12 | CVE-2024-7512 | Concretecms | Cross-site Scripting vulnerability in Concretecms Concrete CMS Concrete CMS versions 9.0.0 through 9.3.2 are affected by a stored XSS vulnerability in Board instances. | 4.8 |
2024-08-17 | CVE-2024-42287 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Complete command early within lock A crash was observed while performing NPIV and FW reset, BUG: kernel NULL pointer dereference, address: 000000000000001c #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 1 PREEMPT_RT SMP NOPTI RIP: 0010:dma_direct_unmap_sg+0x51/0x1e0 RSP: 0018:ffffc90026f47b88 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000021 RCX: 0000000000000002 RDX: 0000000000000021 RSI: 0000000000000000 RDI: ffff8881041130d0 RBP: ffff8881041130d0 R08: 0000000000000000 R09: 0000000000000034 R10: ffffc90026f47c48 R11: 0000000000000031 R12: 0000000000000000 R13: 0000000000000000 R14: ffff8881565e4a20 R15: 0000000000000000 FS: 00007f4c69ed3d00(0000) GS:ffff889faac80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000000001c CR3: 0000000288a50002 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <TASK> ? __die_body+0x1a/0x60 ? page_fault_oops+0x16f/0x4a0 ? do_user_addr_fault+0x174/0x7f0 ? exc_page_fault+0x69/0x1a0 ? asm_exc_page_fault+0x22/0x30 ? dma_direct_unmap_sg+0x51/0x1e0 ? preempt_count_sub+0x96/0xe0 qla2xxx_qpair_sp_free_dma+0x29f/0x3b0 [qla2xxx] qla2xxx_qpair_sp_compl+0x60/0x80 [qla2xxx] __qla2x00_abort_all_cmds+0xa2/0x450 [qla2xxx] The command completion was done early while aborting the commands in driver unload path but outside lock to avoid the WARN_ON condition of performing dma_free_attr within the lock. | 4.7 |
2024-08-17 | CVE-2023-1604 | The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8. | 4.7 | |
2024-08-14 | CVE-2024-7347 | F5 | Out-of-bounds Read vulnerability in F5 Nginx Open Source and Nginx Plus NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. | 4.7 |
2024-08-15 | CVE-2024-31799 | Gncchome | Cleartext Transmission of Sensitive Information vulnerability in Gncchome Gncc C2 Firmware Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port. | 4.6 |
2024-08-16 | CVE-2022-3399 | The Cookie Notice & Compliance for GDPR / CCPA plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cookie_notice_options[refuse_code_head]' parameter in versions up to, and including, 2.4.17.1 due to insufficient input sanitization and output escaping. | 4.4 | |
2024-08-14 | CVE-2024-5916 | Paloaltonetworks | Cleartext Storage of Sensitive Information vulnerability in Paloaltonetworks Pan-Os An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. | 4.4 |
2024-08-13 | CVE-2024-38123 | Microsoft | Unspecified vulnerability in Microsoft Windows 11 24H2 Windows Bluetooth Driver Information Disclosure Vulnerability | 4.4 |
2024-08-12 | CVE-2024-6691 | The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the currency value in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping. | 4.4 | |
2024-08-17 | CVE-2023-3408 | Bricksbuilder | Cross-Site Request Forgery (CSRF) vulnerability in Bricksbuilder Bricks The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. | 4.3 |
2024-08-17 | CVE-2023-3409 | Bricksbuilder | Cross-Site Request Forgery (CSRF) vulnerability in Bricksbuilder Bricks The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. | 4.3 |
2024-08-16 | CVE-2024-7422 | The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7. | 4.3 | |
2024-08-16 | CVE-2023-7049 | The Custom Field For WP Job Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2 via the the 'cm_fieldshow' shortcode due to missing validation on the 'job_id' user controlled key. | 4.3 | |
2024-08-15 | CVE-2024-42487 | Cilium | Interpretation Conflict vulnerability in Cilium 1.16.0 Cilium is a networking, observability, and security solution with an eBPF-based dataplane. | 4.3 |
2024-08-15 | CVE-2024-7063 | The ElementsKit Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.6 via the 'render_raw' function. | 4.3 | |
2024-08-15 | CVE-2024-6534 | Monospace | Authorization Bypass Through User-Controlled Key vulnerability in Monospace Directus 10.13.0 Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. | 4.3 |
2024-08-14 | CVE-2024-41723 | F5 | Unspecified vulnerability in F5 products Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 4.3 |
2024-08-14 | CVE-2024-39404 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39405 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39407 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39408 | Adobe | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changeson behalf of a user. | 4.3 |
2024-08-14 | CVE-2024-39409 | Adobe | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user. | 4.3 |
2024-08-14 | CVE-2024-39410 | Adobe | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user. | 4.3 |
2024-08-14 | CVE-2024-39411 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39412 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39413 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39414 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39415 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39416 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39417 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-14 | CVE-2024-39419 | Adobe | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 4.3 |
2024-08-13 | CVE-2024-41941 | Siemens | Incorrect Authorization vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0 A vulnerability has been identified in SINEC NMS (All versions < V3.0). | 4.3 |
2024-08-13 | CVE-2024-41734 | SAP | Missing Authorization vulnerability in SAP Netweaver Application Server Abap Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. | 4.3 |
2024-08-13 | CVE-2024-28166 | SAP | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business Objects Business Intelligence Platform 430/440/Enterprise420 SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. | 4.3 |
2024-08-13 | CVE-2024-41731 | SAP | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business Objects Business Intelligence Platform 430/440/Enterprise420 SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. | 4.3 |
2024-08-13 | CVE-2024-41736 | SAP | Unspecified vulnerability in SAP Permit to Work Uis4Hop1800/Uis4Hop1900 Under certain conditions SAP Permit to Work allows an authenticated attacker to access information which would otherwise be restricted causing low impact on the confidentiality of the application. | 4.3 |
2024-08-13 | CVE-2024-42375 | SAP | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business Objects Business Intelligence Platform 420/430/440 SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. | 4.3 |
2024-08-13 | CVE-2024-42377 | SAP | Missing Authorization vulnerability in SAP Shared Service Framework SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the application | 4.3 |
2024-08-12 | CVE-2024-42164 | Fiware | Use of Insufficiently Random Values vulnerability in Fiware Keyrock Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link. | 4.3 |
2024-08-12 | CVE-2024-7648 | The Opal Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the private notes functionality on payments which utilizes WordPress comments. | 4.3 | |
2024-08-12 | CVE-2024-7664 | Oretnom23 | SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Car Driving School Management System 1.0. | 4.3 |
2024-08-12 | CVE-2024-7665 | Oretnom23 | SQL Injection vulnerability in Oretnom23 CAR Driving School Management System 1.0 A vulnerability classified as critical was found in SourceCodester Car Driving School Management System 1.0. | 4.3 |
2024-08-16 | CVE-2024-7501 | The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.7. | 4.2 | |
2024-08-13 | CVE-2024-38143 | Microsoft | Unspecified vulnerability in Microsoft products Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability | 4.2 |
2024-08-13 | CVE-2022-38382 | IBM | Insufficient Session Expiration vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated user to obtain sensitive information. | 4.1 |
2024-08-13 | CVE-2024-7388 | The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. | 4.0 |
6 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-08-13 | CVE-2024-41938 | Siemens | Path Traversal vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0 A vulnerability has been identified in SINEC NMS (All versions < V3.0). | 3.8 |
2024-08-17 | CVE-2024-43841 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: avoid reporting connection success with wrong SSID When user issues a connection with a different SSID than the one virt_wifi has advertised, the __cfg80211_connect_result() will trigger the warning: WARN_ON(bss_not_found). The issue is because the connection code in virt_wifi does not check the SSID from user space (it only checks the BSSID), and virt_wifi will call cfg80211_connect_result() with WLAN_STATUS_SUCCESS even if the SSID is different from the one virt_wifi has advertised. Eventually cfg80211 won't be able to find the cfg80211_bss and generate the warning. Fixed it by checking the SSID (from user space) in the connection code. | 3.3 |
2024-08-17 | CVE-2024-43845 | Linux | Use of Uninitialized Resource vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: udf: Fix bogus checksum computation in udf_rename() Syzbot reports uninitialized memory access in udf_rename() when updating checksum of '..' directory entry of a moved directory. | 3.3 |
2024-08-14 | CVE-2024-24973 | Intel | Unspecified vulnerability in Intel Distribution for GDB and Oneapi Base Toolkit Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access. | 3.3 |
2024-08-12 | CVE-2024-6692 | The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Agreement Text value in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping. | 3.3 | |
2024-08-12 | CVE-2024-7706 | Mainwww | Unrestricted Upload of File with Dangerous Type vulnerability in Mainwww Mwcms 1.0.0 A vulnerability was found in Fujian mwcms 1.0.0. | 2.7 |