Weekly Vulnerabilities Reports > August 26 to September 1, 2024
Overview
436 new vulnerabilities reported during this period, including 122 critical vulnerabilities and 103 high severity vulnerabilities. This weekly summary report vulnerabilities in 303 products from 219 vendors including Linux, Tenda, Oretnom23, Dlink, and Microfocus. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Out-of-bounds Write", "Cross-Site Request Forgery (CSRF)", and "NULL Pointer Dereference".
- 353 reported vulnerabilities are remotely exploitables.
- 210 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 253 reported vulnerabilities are exploitable by an anonymous user.
- Linux has the most reported vulnerabilities, with 48 reported vulnerabilities.
- Tenda has the most reported critical vulnerabilities, with 18 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
122 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-08-28 | CVE-2021-22530 | Microfocus | Improper Restriction of Excessive Authentication Attempts vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. | 9.9 |
2024-09-01 | CVE-2024-45508 | Htmldoc Project | Out-of-bounds Write vulnerability in Htmldoc Project Htmldoc HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. | 9.8 |
2024-09-01 | CVE-2024-8368 | Fabianros | SQL Injection vulnerability in Fabianros Hospital Management System 1.0 A vulnerability was found in code-projects Hospital Management System 1.0. | 9.8 |
2024-08-31 | CVE-2024-39747 | IBM | Unspecified vulnerability in IBM Sterling Connect Direct web Services IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality. | 9.8 |
2024-08-30 | CVE-2024-8347 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. | 9.8 |
2024-08-30 | CVE-2024-8348 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. | 9.8 |
2024-08-30 | CVE-2024-8346 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. | 9.8 |
2024-08-30 | CVE-2024-8345 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Music Gallery Site 1.0 A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical. | 9.8 |
2024-08-30 | CVE-2024-8343 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Sentiment Based Movie Rating System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Sentiment Based Movie Rating System 1.0. | 9.8 |
2024-08-30 | CVE-2024-8339 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Electric Billing Management System 1.0 A vulnerability was found in SourceCodester Electric Billing Management System 1.0. | 9.8 |
2024-08-30 | CVE-2024-8340 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Electric Billing Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Electric Billing Management System 1.0. | 9.8 |
2024-08-30 | CVE-2024-8341 | Nelzkie15 | Unrestricted Upload of File with Dangerous Type vulnerability in Nelzkie15 PET Shop Management System 1.0 A vulnerability classified as critical was found in SourceCodester Petshop Management System 1.0. | 9.8 |
2024-08-30 | CVE-2024-8336 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Music Gallery Site 1.0 A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. | 9.8 |
2024-08-30 | CVE-2024-8335 | Openrapid | SQL Injection vulnerability in Openrapid Rapidcms 1.3.1 A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. | 9.8 |
2024-08-30 | CVE-2024-8332 | Master NAN | SQL Injection vulnerability in Master-Nan Sweet-Cms A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. | 9.8 |
2024-08-30 | CVE-2024-8331 | Openrapid | SQL Injection vulnerability in Openrapid Rapidcms 1.3.1 A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. | 9.8 |
2024-08-30 | CVE-2024-45490 | Libexpat Project | XXE vulnerability in Libexpat Project Libexpat An issue was discovered in libexpat before 2.6.3. | 9.8 |
2024-08-30 | CVE-2024-45491 | Libexpat Project | Integer Overflow or Wraparound vulnerability in Libexpat Project Libexpat An issue was discovered in libexpat before 2.6.3. | 9.8 |
2024-08-30 | CVE-2024-45492 | Libexpat Project | Integer Overflow or Wraparound vulnerability in Libexpat Project Libexpat An issue was discovered in libexpat before 2.6.3. | 9.8 |
2024-08-29 | CVE-2024-6670 | Progress | SQL Injection vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. | 9.8 |
2024-08-29 | CVE-2024-6671 | Progress | SQL Injection vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. | 9.8 |
2024-08-29 | CVE-2024-41361 | Sourcefabric | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\manageFilesFolders.php | 9.8 |
2024-08-29 | CVE-2024-41364 | Sourcefabric | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\trackEdit.php | 9.8 |
2024-08-29 | CVE-2024-41366 | Sourcefabric | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\userScripts.php | 9.8 |
2024-08-29 | CVE-2024-41367 | Sourcefabric | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\api\playlist\appendFileToPlaylist.php | 9.8 |
2024-08-29 | CVE-2024-41368 | Sourcefabric | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWlanIpMail.php | 9.8 |
2024-08-29 | CVE-2024-41369 | Sourcefabric | Unspecified vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWifi.php | 9.8 |
2024-08-29 | CVE-2024-41370 | Organizr | SQL Injection vulnerability in Organizr 1.90 Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/setlike.php. | 9.8 |
2024-08-29 | CVE-2024-41372 | Organizr | SQL Injection vulnerability in Organizr 1.90 Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/settyping.php. | 9.8 |
2024-08-29 | CVE-2024-43965 | Smackcoders | SQL Injection vulnerability in Smackcoders Sendgrid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4. | 9.8 |
2024-08-29 | CVE-2024-8255 | Deltaww | Deserialization of Untrusted Data vulnerability in Deltaww DTN Soft Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability. | 9.8 |
2024-08-29 | CVE-2024-38795 | Cridio | SQL Injection vulnerability in Cridio Listingpro Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro allows SQL Injection.This issue affects ListingPro: from n/a through 2.9.4. | 9.8 |
2024-08-29 | CVE-2024-39622 | Cridio | SQL Injection vulnerability in Cridio Listingpro Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro.This issue affects ListingPro: from n/a through 2.9.4. | 9.8 |
2024-08-29 | CVE-2024-39653 | E4Jconnect | SQL Injection vulnerability in E4Jconnect Vikrentcar Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E4J s.R.L. | 9.8 |
2024-08-29 | CVE-2024-43132 | Wpwebelite | SQL Injection vulnerability in Wpwebelite Docket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPWeb Elite Docket (WooCommerce Collections / Wishlist / Watchlist) allows SQL Injection.This issue affects Docket (WooCommerce Collections / Wishlist / Watchlist): from n/a before 1.7.0. | 9.8 |
2024-08-29 | CVE-2024-43144 | Stylemixthemes | SQL Injection vulnerability in Stylemixthemes Cost Calculator Builder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Cost Calculator Builder allows SQL Injection.This issue affects Cost Calculator Builder: from n/a through 3.2.15. | 9.8 |
2024-08-29 | CVE-2024-43917 | Templateinvaders | SQL Injection vulnerability in Templateinvaders TI Woocommerce Wishlist Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows SQL Injection.This issue affects TI WooCommerce Wishlist: from n/a through 2.8.2. | 9.8 |
2024-08-29 | CVE-2024-43918 | Woobewoo | SQL Injection vulnerability in Woobewoo Product Table Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WBW Product Table PRO allows SQL Injection.This issue affects WBW Product Table PRO: from n/a through 1.9.4. | 9.8 |
2024-08-29 | CVE-2024-43922 | Nitropack | Code Injection vulnerability in Nitropack Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc. | 9.8 |
2024-08-29 | CVE-2024-43931 | Eyecix | Deserialization of Untrusted Data vulnerability in Eyecix Jobsearch WP JOB Board 1.5.1/1.7.4 Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3. | 9.8 |
2024-08-29 | CVE-2024-43941 | Propovoice | SQL Injection vulnerability in Propovoice Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Propovoice Propovoice Pro allows SQL Injection.This issue affects Propovoice Pro: from n/a through 1.7.0.3. | 9.8 |
2024-08-29 | CVE-2024-5057 | Sandhillsdev | SQL Injection vulnerability in Sandhillsdev Easy Digital Downloads Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a through 3.2.12. | 9.8 |
2024-08-29 | CVE-2024-8302 | Geeeeeeeek | SQL Injection vulnerability in Geeeeeeeek Dingfanzu A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. | 9.8 |
2024-08-29 | CVE-2024-8296 | Feehi | Unrestricted Upload of File with Dangerous Type vulnerability in Feehi Feehicms A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. | 9.8 |
2024-08-29 | CVE-2024-8301 | Gitapp | SQL Injection vulnerability in Gitapp Dingfanzu A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. | 9.8 |
2024-08-29 | CVE-2024-8295 | Feehi | Unrestricted Upload of File with Dangerous Type vulnerability in Feehi Feehicms A vulnerability has been found in FeehiCMS up to 2.1.1 and classified as critical. | 9.8 |
2024-08-29 | CVE-2024-29723 | Sportsnet | SQL Injection vulnerability in Sportsnet 4.0.1 SQL injection vulnerabilities in SportsNET affecting version 4.0.1. | 9.8 |
2024-08-29 | CVE-2024-29724 | Sportsnet | SQL Injection vulnerability in Sportsnet 4.0.1 SQL injection vulnerabilities in SportsNET affecting version 4.0.1. | 9.8 |
2024-08-29 | CVE-2024-29725 | Sportsnet | SQL Injection vulnerability in Sportsnet 4.0.1 SQL injection vulnerabilities in SportsNET affecting version 4.0.1. | 9.8 |
2024-08-29 | CVE-2024-29726 | Sportsnet | SQL Injection vulnerability in Sportsnet 4.0.1 SQL injection vulnerabilities in SportsNET affecting version 4.0.1. | 9.8 |
2024-08-29 | CVE-2024-29727 | Sportsnet | SQL Injection vulnerability in Sportsnet 4.0.1 SQL injection vulnerabilities in SportsNET affecting version 4.0.1. | 9.8 |
2024-08-29 | CVE-2024-29728 | Sportsnet | SQL Injection vulnerability in Sportsnet 4.0.1 SQL injection vulnerabilities in SportsNET affecting version 4.0.1. | 9.8 |
2024-08-29 | CVE-2024-29729 | Sportsnet | SQL Injection vulnerability in Sportsnet 4.0.1 SQL injection vulnerabilities in SportsNET affecting version 4.0.1. | 9.8 |
2024-08-29 | CVE-2024-29730 | Sportsnet | SQL Injection vulnerability in Sportsnet 4.0.1 SQL injection vulnerabilities in SportsNET affecting version 4.0.1. | 9.8 |
2024-08-29 | CVE-2024-29731 | Sportsnet | SQL Injection vulnerability in Sportsnet 4.0.1 SQL injection vulnerabilities in SportsNET affecting version 4.0.1. | 9.8 |
2024-08-29 | CVE-2024-4428 | Menulux | Unspecified vulnerability in Menulux Managment Portal Improper Privilege Management vulnerability in Menulux Information Technologies Managment Portal allows Collect Data as Provided by Users.This issue affects Managment Portal: through 21.05.2024. | 9.8 |
2024-08-29 | CVE-2024-8294 | Feehi | Unrestricted Upload of File with Dangerous Type vulnerability in Feehi Feehicms A vulnerability, which was classified as critical, was found in FeehiCMS up to 2.1.1. | 9.8 |
2024-08-29 | CVE-2024-45435 | Chartist | Unspecified vulnerability in Chartist Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. | 9.8 |
2024-08-29 | CVE-2024-7857 | The Media Library Folders plugin for WordPress is vulnerable to second order SQL Injection via the 'sort_type' parameter of the 'mlf_change_sort_type' AJAX action in all versions up to, and including, 8.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 | |
2024-08-29 | CVE-2024-45233 | In2Code | Unspecified vulnerability in In2Code Powermail An issue was discovered in powermail extension through 12.3.5 for TYPO3. | 9.8 |
2024-08-28 | CVE-2024-34195 | Totolink | Out-of-bounds Write vulnerability in Totolink A3002R Firmware 1.1.1B20200824 TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. | 9.8 |
2024-08-28 | CVE-2024-44761 | Gzequan | Path Traversal vulnerability in Gzequan EQ Enterprise Management System An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests. | 9.8 |
2024-08-28 | CVE-2023-26321 | MI | Path Traversal vulnerability in MI File Manager 1210567 A path traversal vulnerability exists in the Xiaomi File Manager application product(international version). | 9.8 |
2024-08-28 | CVE-2023-26322 | MI | Unspecified vulnerability in MI Getapps A code execution vulnerability exists in the XiaomiGetApps application product. | 9.8 |
2024-08-28 | CVE-2023-26323 | MI | Unspecified vulnerability in MI APP Market A code execution vulnerability exists in the Xiaomi App market product. | 9.8 |
2024-08-28 | CVE-2023-26324 | MI | Unspecified vulnerability in MI Getapps A code execution vulnerability exists in the XiaomiGetApps application product. | 9.8 |
2024-08-28 | CVE-2024-8030 | The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the _ultimate_store_kit_wishlist cookie in versions up to , and including, 2.0.3. | 9.8 | |
2024-08-28 | CVE-2024-8230 | Tenda | Out-of-bounds Write vulnerability in Tenda O6 Firmware 1.0.0.7(2054) A vulnerability was found in Tenda O6 1.0.0.7(2054). | 9.8 |
2024-08-28 | CVE-2024-8229 | Tenda | Out-of-bounds Write vulnerability in Tenda O6 Firmware 1.0.0.7(2054) A vulnerability was found in Tenda O6 1.0.0.7(2054). | 9.8 |
2024-08-28 | CVE-2024-8226 | Tenda | Out-of-bounds Write vulnerability in Tenda O1 Firmware 1.0.0.7(10648) A vulnerability has been found in Tenda O1 1.0.0.7(10648) and classified as critical. | 9.8 |
2024-08-28 | CVE-2024-8227 | Tenda | Out-of-bounds Write vulnerability in Tenda O1 Firmware 1.0.0.7(10648) A vulnerability was found in Tenda O1 1.0.0.7(10648) and classified as critical. | 9.8 |
2024-08-28 | CVE-2024-8228 | Tenda | Out-of-bounds Write vulnerability in Tenda O5 Firmware 1.0.0.8(5017) A vulnerability was found in Tenda O5 1.0.0.8(5017). | 9.8 |
2024-08-27 | CVE-2024-8222 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Music Gallery Site 1.0 A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. | 9.8 |
2024-08-27 | CVE-2024-8223 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Music Gallery Site 1.0 A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. | 9.8 |
2024-08-27 | CVE-2024-8224 | Tenda | Out-of-bounds Write vulnerability in Tenda G3 Firmware V15.11.0.20 A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.20. | 9.8 |
2024-08-27 | CVE-2024-8225 | Tenda | Out-of-bounds Write vulnerability in Tenda G3 Firmware 15.11.0.20 A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. | 9.8 |
2024-08-27 | CVE-2024-8219 | Fabianros | SQL Injection vulnerability in Fabianros Responsive Hotel Site 1.0 A vulnerability was found in code-projects Responsive Hotel Site 1.0. | 9.8 |
2024-08-27 | CVE-2024-8220 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0. | 9.8 |
2024-08-27 | CVE-2024-8221 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Music Gallery Site 1.0 A vulnerability was found in SourceCodester Music Gallery Site 1.0. | 9.8 |
2024-08-27 | CVE-2024-8217 | Donbermoy | SQL Injection vulnerability in Donbermoy E-Commerce Website 1.0 A vulnerability has been found in SourceCodester E-Commerce Website 1.0 and classified as critical. | 9.8 |
2024-08-27 | CVE-2024-8218 | Fabianros | SQL Injection vulnerability in Fabianros Online Quiz Site 1.0 A vulnerability was found in code-projects Online Quiz Site 1.0 and classified as critical. | 9.8 |
2024-08-27 | CVE-2024-8212 | Dlink | Command Injection vulnerability in Dlink products A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |
2024-08-27 | CVE-2024-8213 | Dlink | OS Command Injection vulnerability in Dlink products A vulnerability classified as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |
2024-08-27 | CVE-2024-8214 | Dlink | OS Command Injection vulnerability in Dlink products A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |
2024-08-27 | CVE-2024-8210 | Dlink | OS Command Injection vulnerability in Dlink products A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |
2024-08-27 | CVE-2024-8211 | Dlink | OS Command Injection vulnerability in Dlink products A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |
2024-08-27 | CVE-2024-36068 | Rubrik | Unspecified vulnerability in Rubrik Cloud Data Management An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code. | 9.8 |
2024-08-27 | CVE-2024-7720 | HP | Unspecified vulnerability in HP Security Manager 3.11 HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries. | 9.8 |
2024-08-27 | CVE-2024-41622 | Dlink | OS Command Injection vulnerability in Dlink Dir-846W Firmware Fw100A43 D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in /HNAP1/ interface. | 9.8 |
2024-08-27 | CVE-2024-44341 | Dlink | OS Command Injection vulnerability in Dlink Dir-846W Firmware Fw100A43 D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. | 9.8 |
2024-08-27 | CVE-2024-44342 | Dlink | OS Command Injection vulnerability in Dlink Dir-846W Firmware Fw100A43 D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the wl(0).(0)_ssid parameter. | 9.8 |
2024-08-27 | CVE-2024-6633 | Fortra | Use of Hard-coded Credentials vulnerability in Fortra Filecatalyst Workflow The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. | 9.8 |
2024-08-27 | CVE-2024-7071 | Brainlowcode | SQL Injection vulnerability in Brainlowcode Brain Low-Code Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. | 9.8 |
2024-08-27 | CVE-2024-4872 | Hitachienergy | SQL Injection vulnerability in Hitachienergy Microscada X Sys600 The product does not validate any query towards persistent data, resulting in a risk of injection attacks. | 9.8 |
2024-08-27 | CVE-2024-7940 | Hitachienergy | Missing Authentication for Critical Function vulnerability in Hitachienergy Microscada X Sys600 The product exposes a service that is intended for local only to all network interfaces without any authentication. | 9.8 |
2024-08-27 | CVE-2024-45321 | APP | Download of Code Without Integrity Check vulnerability in App::Cpanminus Project App::Cpanminus The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers. | 9.8 |
2024-08-26 | CVE-2024-42913 | Ruoyi | SQL Injection vulnerability in Ruoyi 4.7.9 RuoYi CMS v4.7.9 was discovered to contain a SQL injection vulnerability via the job_id parameter at /sasfs1. | 9.8 |
2024-08-26 | CVE-2024-45265 | Skyss | SQL Injection vulnerability in Skyss Arfa-Cms A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter. | 9.8 |
2024-08-26 | CVE-2024-41444 | Seacms | SQL Injection vulnerability in Seacms 12.9 SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so. | 9.8 |
2024-08-26 | CVE-2024-41285 | Fastcom | Out-of-bounds Write vulnerability in Fastcom Fw300R Firmware 1.3.13Build141023Rel.61347N A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path. | 9.8 |
2024-08-26 | CVE-2024-44549 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv. | 9.8 |
2024-08-26 | CVE-2024-44550 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv. | 9.8 |
2024-08-26 | CVE-2024-44551 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv. | 9.8 |
2024-08-26 | CVE-2024-44552 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv. | 9.8 |
2024-08-26 | CVE-2024-44553 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv. | 9.8 |
2024-08-26 | CVE-2024-44555 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo. | 9.8 |
2024-08-26 | CVE-2024-44557 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo. | 9.8 |
2024-08-26 | CVE-2024-8170 | Rems | Unrestricted Upload of File with Dangerous Type vulnerability in Rems Zipped Folder Manager APP 1.0 A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager App 1.0. | 9.8 |
2024-08-26 | CVE-2024-8171 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. | 9.8 |
2024-08-26 | CVE-2024-8167 | Fabianros | SQL Injection vulnerability in Fabianros JOB Portal 1.0 A vulnerability was found in code-projects Job Portal 1.0. | 9.8 |
2024-08-26 | CVE-2024-8168 | Fabianros | SQL Injection vulnerability in Fabianros Online BUS Reservation Site 1.0 A vulnerability was found in code-projects Online Bus Reservation Site 1.0. | 9.8 |
2024-08-26 | CVE-2024-8169 | Fabianros | SQL Injection vulnerability in Fabianros Online Quiz Site 1.0 A vulnerability was found in code-projects Online Quiz Site 1.0. | 9.8 |
2024-08-26 | CVE-2024-44556 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo. | 9.8 |
2024-08-26 | CVE-2024-44558 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo. | 9.8 |
2024-08-26 | CVE-2024-8162 | Totolink | Use of Hard-coded Credentials vulnerability in Totolink T10 Firmware 4.1.8Cu.5207 A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. | 9.8 |
2024-08-26 | CVE-2024-44563 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo. | 9.8 |
2024-08-26 | CVE-2024-44565 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set. | 9.8 |
2024-08-26 | CVE-2024-8073 | Hillstonenet | Command Injection vulnerability in Hillstonenet web Application Firewall 5.5R62.6.7/5.5R62.8.13 Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from 5.5R6-2.6.7 through 5.5R6-2.8.13. | 9.8 |
2024-08-29 | CVE-2024-44777 | Vtiger | Cross-site Scripting vulnerability in Vtiger CRM 7.4.0 A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. | 9.6 |
2024-08-29 | CVE-2024-44778 | Vtiger | Cross-site Scripting vulnerability in Vtiger CRM 7.4.0 A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. | 9.6 |
2024-08-29 | CVE-2024-44779 | Vtiger | Cross-site Scripting vulnerability in Vtiger CRM 7.4.0 A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. | 9.6 |
2024-08-27 | CVE-2024-41174 | Beckhoff | Cross-site Scripting vulnerability in Beckhoff IPC Diagnostics Package and Twincat/Bsd The IPC-Diagnostics package in TwinCAT/BSD is susceptible to improper input neutralization by a low-privileged local attacker. | 9.0 |
103 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-08-31 | CVE-2024-7717 | Thimpress | SQL Injection vulnerability in Thimpress WP Events Manager The WP Events Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 2.1.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.8 |
2024-08-31 | CVE-2024-7435 | The Attire theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.6 via deserialization of untrusted input. | 8.8 | |
2024-08-30 | CVE-2024-8344 | Campcodes | SQL Injection vulnerability in Campcodes Supplier Management System 1.0 A vulnerability has been found in Campcodes Supplier Management System 1.0 and classified as critical. | 8.8 |
2024-08-30 | CVE-2024-8342 | Nelzkie15 | Unrestricted Upload of File with Dangerous Type vulnerability in Nelzkie15 Petshop Management System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Petshop Management System 1.0. | 8.8 |
2024-08-30 | CVE-2024-8338 | Hfo4 | Unrestricted Upload of File with Dangerous Type vulnerability in Hfo4 Shudong-Share 2.4.7 A vulnerability was found in HFO4 shudong-share 2.4.7. | 8.8 |
2024-08-30 | CVE-2024-8252 | Codection | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Codection Clean Login The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. | 8.8 |
2024-08-30 | CVE-2024-2694 | Muffingroup | Deserialization of Untrusted Data vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 27.5.6 via deserialization of untrusted input of the 'mfn-page-items' post meta value. | 8.8 |
2024-08-30 | CVE-2024-8327 | Easy Test Online Learning AND Testing Platform Project | SQL Injection vulnerability in Easy Test Online Learning and Testing Platform Project Easy Test Online Learning and Testing Platform Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary SQL commands to read, modify, and delete database contents. | 8.8 |
2024-08-30 | CVE-2024-8329 | 6Shr System Project | SQL Injection vulnerability in 6Shr System Project 6Shr System 6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database contents. | 8.8 |
2024-08-30 | CVE-2024-8330 | 6Shr System Project | Unrestricted Upload of File with Dangerous Type vulnerability in 6Shr System Project 6Shr System 6SHR system from Gether Technology does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload web shell scripts and use them to execute arbitrary system commands on the server. | 8.8 |
2024-08-30 | CVE-2024-2881 | Wolfssl | Injection vulnerability in Wolfssl 5.6.6 Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure. | 8.8 |
2024-08-29 | CVE-2024-1545 | Wolfssl | Injection vulnerability in Wolfssl 5.6.6 Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure. | 8.8 |
2024-08-29 | CVE-2024-6672 | Progress | SQL Injection vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an authenticated low-privileged attacker to achieve privilege escalation by modifying a privileged user's password. | 8.8 |
2024-08-29 | CVE-2024-43804 | Roxy WI | OS Command Injection vulnerability in Roxy-Wi 8.0 Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. | 8.8 |
2024-08-29 | CVE-2024-43943 | Wpsoul | SQL Injection vulnerability in Wpsoul Greenshift Woocommerce Addon Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wpsoul Greenshift Woocommerce Addon allows SQL Injection.This issue affects Greenshift Woocommerce Addon: from n/a before 1.9.8. | 8.8 |
2024-08-29 | CVE-2024-43957 | Wpmart | Path Traversal vulnerability in Wpmart Animated Number Counters 1.6 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sk. | 8.8 |
2024-08-29 | CVE-2024-38793 | Pricelisto | SQL Injection vulnerability in Pricelisto Great Restaurant Menu WP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.4.1. | 8.8 |
2024-08-29 | CVE-2024-39620 | Cridio | SQL Injection vulnerability in Cridio Listingpro Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro allows SQL Injection.This issue affects ListingPro: from n/a through 2.9.4. | 8.8 |
2024-08-29 | CVE-2024-39638 | Roundupwp | SQL Injection vulnerability in Roundupwp Registrations for the Events Calendar 2.7.6 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roundup WP Registrations for the Events Calendar allows SQL Injection.This issue affects Registrations for the Events Calendar: from n/a through 2.12.2. | 8.8 |
2024-08-29 | CVE-2024-43942 | Wpsoul | SQL Injection vulnerability in Wpsoul Greenshift Query Addon Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wpsoul Greenshift Query and Meta Addon allows SQL Injection.This issue affects Greenshift Query and Meta Addon: from n/a before 3.9.2. | 8.8 |
2024-08-29 | CVE-2024-7607 | Etoilewebdesign | SQL Injection vulnerability in Etoilewebdesign Front END Users The Front End Users plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 3.2.28 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.8 |
2024-08-28 | CVE-2024-8193 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2024-08-28 | CVE-2024-8194 | Type Confusion vulnerability in Google Chrome Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2024-08-28 | CVE-2024-8198 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2024-08-28 | CVE-2024-45059 | Portabilis | SQL Injection vulnerability in Portabilis I-Educar i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. | 8.8 |
2024-08-28 | CVE-2024-5546 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Pam360 Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option. | 8.8 |
2024-08-28 | CVE-2021-38121 | Microfocus | Inadequate Encryption Strength vulnerability in Microfocus Netiq Advanced Authentication Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1 | 8.8 |
2024-08-27 | CVE-2024-44340 | Dlink | OS Command Injection vulnerability in Dlink Dir-846W Firmware Fw100A43 D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via keys smartqos_express_devices and smartqos_normal_devices in SetSmartQoSSettings. | 8.8 |
2024-08-27 | CVE-2024-45264 | Skyss | Cross-Site Request Forgery (CSRF) vulnerability in Skyss Arfa-Cms A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges. | 8.8 |
2024-08-27 | CVE-2024-3980 | Hitachienergy | Argument Injection or Modification vulnerability in Hitachienergy Microscada X Sys600 The product allows user input to control or influence paths or file names that are used in filesystem operations, allowing the attacker to access or modify system files or other files that are critical to the application. | 8.8 |
2024-08-26 | CVE-2024-39628 | Ninjaforms | Cross-Site Request Forgery (CSRF) vulnerability in Ninjaforms Ninja Forms Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.8.6. | 8.8 |
2024-08-26 | CVE-2024-39641 | Thimpress | Cross-Site Request Forgery (CSRF) vulnerability in Thimpress Learnpress Cross-Site Request Forgery (CSRF) vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.6.8.2. | 8.8 |
2024-08-26 | CVE-2024-39645 | Themeum | Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2. | 8.8 |
2024-08-26 | CVE-2024-39657 | Sender | Cross-Site Request Forgery (CSRF) vulnerability in Sender Cross-Site Request Forgery (CSRF) vulnerability in Sender Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce.This issue affects Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce: from n/a through 2.6.18. | 8.8 |
2024-08-26 | CVE-2024-43116 | 10Up | Cross-Site Request Forgery (CSRF) vulnerability in 10Up Simple Local Avatars Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local Avatars.This issue affects Simple Local Avatars: from n/a through 2.7.10. | 8.8 |
2024-08-26 | CVE-2024-43117 | Wpmudev | Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Hummingbird Cross-Site Request Forgery (CSRF) vulnerability in WPMU DEV Hummingbird.This issue affects Hummingbird: from n/a through 3.9.1. | 8.8 |
2024-08-26 | CVE-2024-43287 | Sendinblue | Cross-Site Request Forgery (CSRF) vulnerability in Sendinblue Newsletter, Smtp, Email Marketing and Subscribe Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/a through 3.1.82. | 8.8 |
2024-08-26 | CVE-2024-43325 | Naiches | Cross-Site Request Forgery (CSRF) vulnerability in Naiches Dark Mode for WP Dashboard Cross-Site Request Forgery (CSRF) vulnerability in Naiche Dark Mode for WP Dashboard.This issue affects Dark Mode for WP Dashboard: from n/a through 1.2.3. | 8.8 |
2024-08-26 | CVE-2024-8164 | Beikeshop | Unrestricted Upload of File with Dangerous Type vulnerability in Beikeshop A vulnerability, which was classified as critical, has been found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. | 8.8 |
2024-08-26 | CVE-2023-26315 | MI | Command Injection vulnerability in MI Ax9000 Firmware The Xiaomi router AX9000 has a post-authentication command injection vulnerability. | 8.8 |
2024-08-30 | CVE-2024-38868 | Zohocorp | Incorrect Authorization vulnerability in Zohocorp Manageengine Endpoint Central Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15 | 8.3 |
2024-08-29 | CVE-2024-35133 | IBM | Open Redirect vulnerability in IBM products IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. | 8.2 |
2024-08-28 | CVE-2021-38122 | Microfocus | Cross-site Scripting vulnerability in Microfocus Netiq Advanced Authentication A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1 | 8.2 |
2024-08-27 | CVE-2024-3982 | Hitachienergy | Authentication Bypass by Capture-replay vulnerability in Hitachienergy Microscada X Sys600 An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. | 8.2 |
2024-08-30 | CVE-2024-6204 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. | 8.1 |
2024-08-30 | CVE-2024-8334 | Master NAN | Improper Output Neutralization for Logs vulnerability in Master-Nan Sweet-Cms A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. | 8.1 |
2024-08-29 | CVE-2024-41964 | Getkirby | Incorrect Authorization vulnerability in Getkirby Kirby Kirby is a CMS targeting designers and editors. | 8.1 |
2024-08-29 | CVE-2024-7856 | Sonaar | Missing Authorization vulnerability in Sonaar MP3 Audio Player for Music, Radio & Podcast The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles() function and insufficient path validation on the 'file' parameter in all versions up to, and including, 5.7.0.1. | 8.1 |
2024-08-28 | CVE-2024-45058 | Portabilis | Missing Authorization vulnerability in Portabilis I-Educar i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. | 8.1 |
2024-08-28 | CVE-2024-7745 | Progress | Improper Authentication vulnerability in Progress WS FTP Server In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only. | 8.1 |
2024-08-27 | CVE-2024-8181 | Flowiseai | Improper Authentication vulnerability in Flowiseai Flowise 1.8.2 An Authentication Bypass vulnerability exists in Flowise version 1.8.2. | 8.1 |
2024-08-26 | CVE-2024-8163 | Beikeshop | Path Traversal vulnerability in Beikeshop A vulnerability classified as critical was found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. | 8.1 |
2024-08-28 | CVE-2024-42793 | Lopalopa | Cross-Site Request Forgery (CSRF) vulnerability in Lopalopa Music Management System 1.0 A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via a crafted request to the /music/ajax.php?action=save_user page. | 8.0 |
2024-08-31 | CVE-2024-0110 | Nvidia | Out-of-bounds Write vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. | 7.8 |
2024-08-31 | CVE-2024-44945 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCH_BEGIN and BATCH_END. | 7.8 |
2024-08-29 | CVE-2024-45302 | Restsharp | Injection vulnerability in Restsharp RestSharp is a Simple REST and HTTP API Client for .NET. | 7.8 |
2024-08-29 | CVE-2024-43700 | Philiphazel | Out-of-bounds Write vulnerability in Philiphazel Xfpt xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. | 7.8 |
2024-08-29 | CVE-2024-5622 | BR Automation | Untrusted Search Path vulnerability in Br-Automation Industrial Automation Aprol An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated privileges. | 7.8 |
2024-08-29 | CVE-2024-5623 | BR Automation | Untrusted Search Path vulnerability in Br-Automation Industrial Automation Aprol An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges. | 7.8 |
2024-08-27 | CVE-2024-42851 | Aertherwide | Out-of-bounds Write vulnerability in Aertherwide Exiftags Buffer Overflow vulnerability in open source exiftags v.1.01 allows a local attacker to execute arbitrary code via the paresetag function. | 7.8 |
2024-08-27 | CVE-2024-41173 | Beckhoff | Unspecified vulnerability in Beckhoff IPC Diagnostics Package and Twincat/Bsd The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication bypass by a low privileged attacker. | 7.8 |
2024-08-26 | CVE-2024-41879 | Adobe Microsoft | Out-of-bounds Write vulnerability in multiple products Acrobat Reader versions 127.0.2651.105 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2024-08-26 | CVE-2024-44940 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ONCE inn gue_gro_receive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. | 7.8 |
2024-08-26 | CVE-2024-44941 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to cover read extent cache access with lock syzbot reports a f2fs bug as below: BUG: KASAN: slab-use-after-free in sanity_check_extent_cache+0x370/0x410 fs/f2fs/extent_cache.c:46 Read of size 4 at addr ffff8880739ab220 by task syz-executor200/5097 CPU: 0 PID: 5097 Comm: syz-executor200 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 sanity_check_extent_cache+0x370/0x410 fs/f2fs/extent_cache.c:46 do_read_inode fs/f2fs/inode.c:509 [inline] f2fs_iget+0x33e1/0x46e0 fs/f2fs/inode.c:560 f2fs_nfs_get_inode+0x74/0x100 fs/f2fs/super.c:3237 generic_fh_to_dentry+0x9f/0xf0 fs/libfs.c:1413 exportfs_decode_fh_raw+0x152/0x5f0 fs/exportfs/expfs.c:444 exportfs_decode_fh+0x3c/0x80 fs/exportfs/expfs.c:584 do_handle_to_path fs/fhandle.c:155 [inline] handle_to_path fs/fhandle.c:210 [inline] do_handle_open+0x495/0x650 fs/fhandle.c:226 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f We missed to cover sanity_check_extent_cache() w/ extent cache lock, so, below race case may happen, result in use after free issue. - f2fs_iget - do_read_inode - f2fs_init_read_extent_tree : add largest extent entry in to cache - shrink - f2fs_shrink_read_extent_tree - __shrink_extent_tree - __detach_extent_node : drop largest extent entry - sanity_check_extent_cache : access et->largest w/o lock let's refactor sanity_check_extent_cache() to avoid extent cache access and call it before f2fs_init_read_extent_tree() to fix this issue. | 7.8 |
2024-08-26 | CVE-2024-44942 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot reports a f2fs bug as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/inline.c:258! CPU: 1 PID: 34 Comm: kworker/u8:2 Not tainted 6.9.0-rc6-syzkaller-00012-g9e4bc4bcae01 #0 RIP: 0010:f2fs_write_inline_data+0x781/0x790 fs/f2fs/inline.c:258 Call Trace: f2fs_write_single_data_page+0xb65/0x1d60 fs/f2fs/data.c:2834 f2fs_write_cache_pages fs/f2fs/data.c:3133 [inline] __f2fs_write_data_pages fs/f2fs/data.c:3288 [inline] f2fs_write_data_pages+0x1efe/0x3a90 fs/f2fs/data.c:3315 do_writepages+0x35b/0x870 mm/page-writeback.c:2612 __writeback_single_inode+0x165/0x10b0 fs/fs-writeback.c:1650 writeback_sb_inodes+0x905/0x1260 fs/fs-writeback.c:1941 wb_writeback+0x457/0xce0 fs/fs-writeback.c:2117 wb_do_writeback fs/fs-writeback.c:2264 [inline] wb_workfn+0x410/0x1090 fs/fs-writeback.c:2304 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0xa12/0x17c0 kernel/workqueue.c:3335 worker_thread+0x86d/0xd70 kernel/workqueue.c:3416 kthread+0x2f2/0x390 kernel/kthread.c:388 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 The root cause is: inline_data inode can be fuzzed, so that there may be valid blkaddr in its direct node, once f2fs triggers background GC to migrate the block, it will hit f2fs_bug_on() during dirty page writeback. Let's add sanity check on F2FS_INLINE_DATA flag in inode during GC, so that, it can forbid migrating inline_data inode's data block for fixing. | 7.8 |
2024-08-26 | CVE-2024-43888 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm: list_lru: fix UAF for memory cgroup The mem_cgroup_from_slab_obj() is supposed to be called under rcu lock or cgroup_mutex or others which could prevent returned memcg from being freed. | 7.8 |
2024-08-26 | CVE-2024-43900 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller reported use-after-free in load_firmware_cb() [1]. The reason is because the module allocated a struct tuner in tuner_probe(), and then the module initialization failed, the struct tuner was released. A worker which created during module initialization accesses this struct tuner later, it caused use-after-free. The process is as follows: task-6504 worker_thread tuner_probe <= alloc dvb_frontend [2] ... request_firmware_nowait <= create a worker ... tuner_remove <= free dvb_frontend ... request_firmware_work_func <= the firmware is ready load_firmware_cb <= but now the dvb_frontend has been freed To fix the issue, check the dvd_frontend in load_firmware_cb(), if it is null, report a warning and just return. [1]: ================================================================== BUG: KASAN: use-after-free in load_firmware_cb+0x1310/0x17a0 Read of size 8 at addr ffff8000d7ca2308 by task kworker/2:3/6504 Call trace: load_firmware_cb+0x1310/0x17a0 request_firmware_work_func+0x128/0x220 process_one_work+0x770/0x1824 worker_thread+0x488/0xea0 kthread+0x300/0x430 ret_from_fork+0x10/0x20 Allocated by task 6504: kzalloc tuner_probe+0xb0/0x1430 i2c_device_probe+0x92c/0xaf0 really_probe+0x678/0xcd0 driver_probe_device+0x280/0x370 __device_attach_driver+0x220/0x330 bus_for_each_drv+0x134/0x1c0 __device_attach+0x1f4/0x410 device_initial_probe+0x20/0x30 bus_probe_device+0x184/0x200 device_add+0x924/0x12c0 device_register+0x24/0x30 i2c_new_device+0x4e0/0xc44 v4l2_i2c_new_subdev_board+0xbc/0x290 v4l2_i2c_new_subdev+0xc8/0x104 em28xx_v4l2_init+0x1dd0/0x3770 Freed by task 6504: kfree+0x238/0x4e4 tuner_remove+0x144/0x1c0 i2c_device_remove+0xc8/0x290 __device_release_driver+0x314/0x5fc device_release_driver+0x30/0x44 bus_remove_device+0x244/0x490 device_del+0x350/0x900 device_unregister+0x28/0xd0 i2c_unregister_device+0x174/0x1d0 v4l2_device_unregister+0x224/0x380 em28xx_v4l2_init+0x1d90/0x3770 The buggy address belongs to the object at ffff8000d7ca2000 which belongs to the cache kmalloc-2k of size 2048 The buggy address is located 776 bytes inside of 2048-byte region [ffff8000d7ca2000, ffff8000d7ca2800) The buggy address belongs to the page: page:ffff7fe00035f280 count:1 mapcount:0 mapping:ffff8000c001f000 index:0x0 flags: 0x7ff800000000100(slab) raw: 07ff800000000100 ffff7fe00049d880 0000000300000003 ffff8000c001f000 raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff8000d7ca2200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8000d7ca2280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff8000d7ca2300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff8000d7ca2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8000d7ca2400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== [2] Actually, it is allocated for struct tuner, and dvb_frontend is inside. | 7.8 |
2024-08-26 | CVE-2024-44932 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes (very rarely, but possible) throwing WARNs from net/core/page_pool.c:page_pool_disable_direct_recycling(). Turned out idpf frees interrupt vectors with embedded NAPIs *before* freeing the queues making page_pools' NAPI pointers lead to freed memory before these pools are destroyed by libeth. It's not clear whether there are other accesses to the freed vectors when destroying the queues, but anyway, we usually free queue/interrupt vectors only when the queues are destroyed and the NAPIs are guaranteed to not be referenced anywhere. Invert the allocation and freeing logic making queue/interrupt vectors be allocated first and freed last. | 7.8 |
2024-08-26 | CVE-2024-44934 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free[1] which is caused because the bridge doesn't make sure that all previous garbage has been collected when removing a port. | 7.8 |
2024-08-30 | CVE-2024-8234 | ** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the functions formSysCmd(), formUpgradeCert(), and formDelcert() in the Zyxel NWA1100-N firmware version 1.00(AACE.1)C0 could allow an unauthenticated attacker to execute some OS commands to access system files on an affected device. | 7.5 | |
2024-08-29 | CVE-2024-43955 | Themeum | Path Traversal vulnerability in Themeum Droip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Droip allows File Manipulation.This issue affects Droip: from n/a through 1.1.1. | 7.5 |
2024-08-29 | CVE-2024-2541 | Sygnoos | Unspecified vulnerability in Sygnoos Popup Builder The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the Subscribers Import feature. | 7.5 |
2024-08-29 | CVE-2024-3679 | Squirrly | Unspecified vulnerability in Squirrly WP SEO Plugin The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.001. | 7.5 |
2024-08-29 | CVE-2024-8297 | Kitsada8621 | Improper Encoding or Escaping of Output vulnerability in Kitsada8621 Digital Library Management System 1.0 A vulnerability was found in kitsada8621 Digital Library Management System 1.0. | 7.5 |
2024-08-29 | CVE-2024-45436 | Ollama | Path Traversal vulnerability in Ollama extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory. | 7.5 |
2024-08-28 | CVE-2024-44760 | Sunmochina | Unspecified vulnerability in Sunmochina Enterprise Management System Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server. | 7.5 |
2024-08-28 | CVE-2024-4555 | Microfocus | Improper Privilege Management vulnerability in Microfocus Netiq Access Manager 5.0.2 Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1 | 7.5 |
2024-08-28 | CVE-2024-4556 | Microfocus | Path Traversal vulnerability in Microfocus Netiq Access Manager 5.0.2 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1. | 7.5 |
2024-08-27 | CVE-2024-5991 | Wolfssl | Out-of-bounds Read vulnerability in Wolfssl In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. | 7.5 |
2024-08-27 | CVE-2024-43414 | Apollographql | Uncontrolled Recursion vulnerability in Apollographql products Apollo Federation is an architecture for declaratively composing APIs into a unified graph. | 7.5 |
2024-08-27 | CVE-2024-43783 | Apollographql | Allocation of Resources Without Limits or Throttling vulnerability in Apollographql products The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. | 7.5 |
2024-08-27 | CVE-2024-8182 | Flowiseai | Unspecified vulnerability in Flowiseai Flowise 1.8.2 An Unauthenticated Denial of Service (DoS) vulnerability exists in Flowise version 1.8.2 leading to a complete crash of the instance running a vulnerable version due to improper handling of user supplied input to the “/api/v1/get-upload-file” api endpoint. | 7.5 |
2024-08-26 | CVE-2024-43230 | Sharedfilespro | Unspecified vulnerability in Sharedfilespro Shared Files Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Shared Files – File Upload Form Shared Files.This issue affects Shared Files: from n/a through 1.7.28. | 7.5 |
2024-08-26 | CVE-2024-43258 | Storelocatorplus | Unspecified vulnerability in Storelocatorplus Store Locator Plus Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Store Locator Plus.This issue affects Store Locator Plus: from n/a through 2311.17.01. | 7.5 |
2024-08-26 | CVE-2024-43259 | JEM Products | Unspecified vulnerability in Jem-Products Order Export for Woocommerce Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order Export for WooCommerce.This issue affects Order Export for WooCommerce: from n/a through 3.23. | 7.5 |
2024-08-26 | CVE-2024-43264 | Mediavine | Unspecified vulnerability in Mediavine Create Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by Mediavine.This issue affects Create by Mediavine: from n/a through 1.9.8. | 7.5 |
2024-08-26 | CVE-2024-28077 | GL Inet | Unspecified vulnerability in Gl-Inet products A denial-of-service issue was discovered on certain GL-iNet devices. | 7.5 |
2024-08-26 | CVE-2024-7401 | Netskope | Improper Authentication vulnerability in Netskope Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token “Orgkey” as authentication parameter. | 7.5 |
2024-08-26 | CVE-2024-8173 | Blood Bank System Project | SQL Injection vulnerability in Blood Bank System Project Blood Bank System 1.0 A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. | 7.5 |
2024-08-30 | CVE-2024-8260 | Openpolicyagent | Authentication Bypass by Capture-replay vulnerability in Openpolicyagent Open Policy Agent A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. | 7.3 |
2024-08-29 | CVE-2024-34017 | Acronis | Uncontrolled Search Path Element vulnerability in Acronis Snap Deploy 6 Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |
2024-08-29 | CVE-2024-34019 | Acronis | Uncontrolled Search Path Element vulnerability in Acronis Snap Deploy 6 Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |
2024-08-27 | CVE-2024-41176 | Beckhoff | Unspecified vulnerability in Beckhoff MDP Package and Twincat/Bsd The MPD package included in TwinCAT/BSD allows an authenticated, low-privileged local attacker to induce a Denial-of-Service (DoS) condition on the daemon and execute code in the context of user “root” via a crafted HTTP request. | 7.3 |
2024-08-30 | CVE-2024-8016 | Theeventscalendar | Deserialization of Untrusted Data vulnerability in Theeventscalendar Events Calendar PRO The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.0.2 via deserialization of untrusted input from the 'filters' parameter in widgets. | 7.2 |
2024-08-29 | CVE-2024-39658 | Salonbookingsystem | SQL Injection vulnerability in Salonbookingsystem Salon Booking System Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7. | 7.2 |
2024-08-29 | CVE-2024-38693 | Wedevs | SQL Injection vulnerability in Wedevs WP User Frontend Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a through 4.0.7. | 7.2 |
2024-08-29 | CVE-2022-2440 | The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'images_array' parameter in versions up to, and including 2.8. | 7.2 | |
2024-08-28 | CVE-2024-41236 | Lopalopa | SQL Injection vulnerability in Lopalopa Responsive School Management System 3.2.0 A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the Admin Login Page | 7.2 |
2024-08-28 | CVE-2021-38120 | Microfocus | Command Injection vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. | 7.2 |
2024-08-28 | CVE-2024-6311 | Funnelforms | Unrestricted Upload of File with Dangerous Type vulnerability in Funnelforms Free The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'af2_add_font' function in all versions up to, and including, 3.7.3.2. | 7.2 |
2024-08-27 | CVE-2024-6632 | Fortra | SQL Injection vulnerability in Fortra Filecatalyst Workflow A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability. | 7.2 |
2024-08-26 | CVE-2024-43966 | Starkdigital | SQL Injection vulnerability in Starkdigital WP Testimonial Widget Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stark Digital WP Testimonial Widget.This issue affects WP Testimonial Widget: from n/a through 3.1. | 7.2 |
2024-08-26 | CVE-2024-43916 | Dylanjkotze | Authorization Bypass Through User-Controlled Key vulnerability in Dylanjkotze Zephyr Project Manager Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102. | 7.1 |
207 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-08-28 | CVE-2024-39771 | Safie | Improper Certificate Validation vulnerability in Safie Qbic Cloud Cc-2/2L Firmware and Safie ONE Firmware QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack. | 6.8 |
2024-08-31 | CVE-2024-39579 | Dell | Unspecified vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. | 6.7 |
2024-08-28 | CVE-2024-45054 | Hwameistor | Unspecified vulnerability in Hwameistor Hwameistor is an HA local storage system for cloud-native stateful workloads. | 6.7 |
2024-08-27 | CVE-2024-8207 | Mongodb | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mongodb In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a unintended actor with host-level access to cause the MongoDB Server binary to load unintended actor-controlled shared libraries when the server binary is started, potentially resulting in the unintended actor gaining full control over the MongoDB server process. | 6.7 |
2024-09-01 | CVE-2024-45509 | Misp | Incorrect Authorization vulnerability in Misp In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin. | 6.5 |
2024-08-31 | CVE-2024-45304 | Openzeppelin | Always-Incorrect Control Flow Implementation vulnerability in Openzeppelin Contracts Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. | 6.5 |
2024-08-29 | CVE-2024-44930 | Serilog Contrib | Unspecified vulnerability in Serilog-Contrib Serilog-Enrichers-Clientinfo Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. | 6.5 |
2024-08-29 | CVE-2024-43939 | Zynith | Missing Authorization vulnerability in Zynith Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9. | 6.5 |
2024-08-29 | CVE-2024-43940 | Zynith | Missing Authorization vulnerability in Zynith Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9. | 6.5 |
2024-08-28 | CVE-2024-45048 | Phpoffice | XXE vulnerability in PHPoffice PHPspreadsheet PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. | 6.5 |
2024-08-28 | CVE-2024-7744 | Progress | Path Traversal vulnerability in Progress WS FTP Server In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host's root folder is located (by default this is C:) | 6.5 |
2024-08-28 | CVE-2024-6449 | Hyperview | Unspecified vulnerability in Hyperview Geoportal Toolkit HyperView Geoportal Toolkit in versions lower than 8.5.0 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters. An unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by the attacker and execute them in the user space. By manipulating this parameter it is also possible to enumerate some of the devices in Local Area Network in which the server resides. | 6.5 |
2024-08-28 | CVE-2021-22509 | Microfocus | Cleartext Storage of Sensitive Information vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in storing and reusing information in Advance Authentication. | 6.5 |
2024-08-28 | CVE-2024-6312 | Funnelforms | Path Traversal vulnerability in Funnelforms Free The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 3.7.3.2 via the 'af2DeleteFontFile' function. | 6.5 |
2024-08-27 | CVE-2024-40395 | PTC | Authorization Bypass Through User-Controlled Key vulnerability in PTC Thingworx 9.5.0 An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level. | 6.5 |
2024-08-27 | CVE-2024-6789 | M Files | Path Traversal vulnerability in M-Files Server A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files | 6.5 |
2024-08-26 | CVE-2024-43251 | Bitapps | Unspecified vulnerability in Bitapps BIT Form Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro.This issue affects Bit Form Pro: from n/a through 2.6.4. | 6.5 |
2024-08-26 | CVE-2024-43257 | Nouthemes | Unspecified vulnerability in Nouthemes Leopard Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Nouthemes Leopard - WordPress offload media.This issue affects Leopard - WordPress offload media: from n/a through 2.0.36. | 6.5 |
2024-08-26 | CVE-2024-8165 | Beikeshop | Path Traversal vulnerability in Beikeshop A vulnerability, which was classified as problematic, was found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. | 6.5 |
2024-08-27 | CVE-2024-7791 | The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘arrow’ parameter within the Post Grid widget in all versions up to, and including, 1.4.4.3 due to insufficient input sanitization and output escaping. | 6.4 | |
2024-08-31 | CVE-2024-39578 | Dell | Link Following vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. | 6.3 |
2024-08-30 | CVE-2024-7858 | Maxfoundry | Missing Authorization vulnerability in Maxfoundry Media Library Folders The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-library-plus.php file in all versions up to, and including, 8.2.3. | 6.3 |
2024-08-30 | CVE-2024-5784 | Tutorlms | Missing Authorization vulnerability in Tutorlms Tutor LMS PRO The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions execution due to a missing capability checks on multiple functions like treport_quiz_atttempt_delete and tutor_gc_class_action in all versions up to, and including, 2.7.2. | 6.3 |
2024-08-29 | CVE-2024-43954 | Themeum | Incorrect Authorization vulnerability in Themeum Droip Incorrect Authorization vulnerability in Themeum Droip allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Droip: from n/a through 1.1.1. | 6.3 |
2024-08-30 | CVE-2024-8235 | Redhat | NULL Pointer Dereference vulnerability in Redhat Libvirt A flaw was found in libvirt. | 6.2 |
2024-08-31 | CVE-2024-3886 | Tagdiv | Cross-site Scripting vulnerability in Tagdiv Composer 4.2/4.4 The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘envato_code[]’ parameter in all versions up to, and including, 5.0 due to insufficient input sanitization and output escaping within the on_ajax_check_envato_code function. | 6.1 |
2024-08-31 | CVE-2024-5212 | Tagdiv | Cross-site Scripting vulnerability in Tagdiv Composer 4.2/4.4 The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘envato_code[]’ parameter in all versions up to, and including, 5.0 due to insufficient input sanitization and output escaping within the on_ajax_register_forum_user function. | 6.1 |
2024-08-30 | CVE-2024-44682 | Shopxo | Cross-site Scripting vulnerability in Shopxo 6.2.0 ShopXO 6.2 is vulnerable to Cross Site Scripting (XSS) in the backend that allows attackers to execute code by changing POST parameters. | 6.1 |
2024-08-30 | CVE-2024-44683 | Seacms | Cross-site Scripting vulnerability in Seacms 13.0 Seacms v13 is vulnerable to Cross Site Scripting (XSS) via admin-video.php. | 6.1 |
2024-08-30 | CVE-2024-44684 | Tpmecms | Cross-site Scripting vulnerability in Tpmecms 1.3.3.2 TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in /h.php/page?ref=addtabs via the "Title," "Images," and "Content" fields. | 6.1 |
2024-08-30 | CVE-2024-45047 | Svelte | Cross-site Scripting vulnerability in Svelte svelte performance oriented web framework. | 6.1 |
2024-08-30 | CVE-2024-8274 | Wpbookingcalendar | Cross-site Scripting vulnerability in Wpbookingcalendar WP Booking Calendar The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters from 'timeline_obj' in all versions up to, and including, 10.5 due to insufficient input sanitization and output escaping. | 6.1 |
2024-08-30 | CVE-2024-34577 | Elecom | Cross-site Scripting vulnerability in Elecom products Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, and WRC-X3000GS2A-B due to improper processing of input values in easysetup.cgi. | 6.1 |
2024-08-30 | CVE-2024-42412 | Elecom | Cross-site Scripting vulnerability in Elecom Wab-I1750-Ps Firmware and Wab-S1167-Ps Firmware Cross-site scripting vulnerability exists in WAB-I1750-PS and WAB-S1167-PS due to improper processing of input values in menu.cgi. | 6.1 |
2024-08-30 | CVE-2024-5024 | Memberpress | Cross-site Scripting vulnerability in Memberpress The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mepr_screenname' and 'mepr_key' parameter in all versions up to, and including, 1.11.29 due to insufficient input sanitization and output escaping. | 6.1 |
2024-08-29 | CVE-2024-41349 | Cdevroe | Cross-site Scripting vulnerability in Cdevroe Unmark 1.9.2 unmark 1.9.2 is vulnerable to Cross Site Scripting (XSS) via application/views/marks/add_by_url.php. | 6.1 |
2024-08-29 | CVE-2024-41347 | Jpatokal | Cross-site Scripting vulnerability in Jpatokal Openflights 20240820 openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/settings.php | 6.1 |
2024-08-29 | CVE-2024-41348 | Jpatokal | Cross-site Scripting vulnerability in Jpatokal Openflights 20240820 openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/alsearch.php | 6.1 |
2024-08-29 | CVE-2024-41350 | Baijunyao | Cross-site Scripting vulnerability in Baijunyao Bjyadmin 20170907 bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics/umeditor1_2_3/php/imageUp.php | 6.1 |
2024-08-29 | CVE-2024-41351 | Baijunyao | Cross-site Scripting vulnerability in Baijunyao Bjyadmin 20170907 bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics/umeditor1_2_3/php/getContent.php | 6.1 |
2024-08-29 | CVE-2024-41358 | Phpipam | Cross-site Scripting vulnerability in PHPipam 1.6 phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load-data.php. | 6.1 |
2024-08-29 | CVE-2024-41371 | Organizr | Cross-site Scripting vulnerability in Organizr 1.90 Organizr v1.90 is vulnerable to Cross Site Scripting (XSS) via api.php. | 6.1 |
2024-08-29 | CVE-2024-43921 | Magic Post Thumbnail | Cross-site Scripting vulnerability in Magic-Post-Thumbnail Magic Post Thumbnail Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Magic Post Thumbnail allows Reflected XSS.This issue affects Magic Post Thumbnail: from n/a through 5.2.9. | 6.1 |
2024-08-29 | CVE-2024-43926 | Wpbeaverbuilder | Cross-site Scripting vulnerability in Wpbeaverbuilder Beaver Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Reflected XSS.This issue affects Beaver Builder: from n/a through 2.8.3.2. | 6.1 |
2024-08-29 | CVE-2024-43948 | Dineshkarki | Cross-site Scripting vulnerability in Dineshkarki WP Armour Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dinesh Karki WP Armour Extended.This issue affects WP Armour Extended: from n/a through 1.26. | 6.1 |
2024-08-29 | CVE-2024-43950 | Nextbricks | Cross-site Scripting vulnerability in Nextbricks Bricksore Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nextbricks Brickscore allows Stored XSS.This issue affects Brickscore: from n/a through 1.4.2.5. | 6.1 |
2024-08-29 | CVE-2024-43958 | Gianniporto | Cross-site Scripting vulnerability in Gianniporto Intothedark Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gianni Porto IntoTheDark allows Reflected XSS.This issue affects IntoTheDark: from n/a through 1.0.5. | 6.1 |
2024-08-29 | CVE-2024-43963 | Waspthemes | Cross-site Scripting vulnerability in Waspthemes Yellowpencil Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WaspThemes YellowPencil Visual CSS Style Editor allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through 7.6.1. | 6.1 |
2024-08-29 | CVE-2024-44716 | Dedebiz | Cross-site Scripting vulnerability in Dedebiz 6.3.0 A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 |
2024-08-29 | CVE-2024-44717 | Dedebiz | Cross-site Scripting vulnerability in Dedebiz 6.3.0 A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 |
2024-08-29 | CVE-2024-44776 | Vtiger | Open Redirect vulnerability in Vtiger CRM 7.4.0 An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL. | 6.1 |
2024-08-29 | CVE-2024-45045 | Collabora | Cross-site Scripting vulnerability in Collabora Online Collabora Online is a collaborative online office suite based on LibreOffice technology. | 6.1 |
2024-08-29 | CVE-2024-5624 | BR Automation | Cross-site Scripting vulnerability in Br-Automation Industrial Automation Aprol Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session | 6.1 |
2024-08-29 | CVE-2024-41918 | Rakuten | Missing Authorization vulnerability in Rakuten Ichiba 'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and earlier are vulnerable to improper authorization in handler for custom URL scheme. | 6.1 |
2024-08-28 | CVE-2024-45057 | Portabilis | Cross-site Scripting vulnerability in Portabilis I-Educar i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. | 6.1 |
2024-08-28 | CVE-2024-43805 | Jupyter | Cross-site Scripting vulnerability in Jupyter Jupyterlab and Notebook jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. | 6.1 |
2024-08-28 | CVE-2024-6450 | Hyperview | Cross-site Scripting vulnerability in Hyperview Geoportal Toolkit HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting (XSS). | 6.1 |
2024-08-27 | CVE-2024-8208 | Insurance Management System Project | Cross-site Scripting vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. | 6.1 |
2024-08-27 | CVE-2024-8209 | Insurance Management System Project | Cross-site Scripting vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. | 6.1 |
2024-08-27 | CVE-2024-43788 | Webpack JS | Cross-site Scripting vulnerability in Webpack.Js Webpack Webpack is a module bundler. | 6.1 |
2024-08-27 | CVE-2024-7941 | Hitachienergy | Open Redirect vulnerability in Hitachienergy Microscada X Sys600 An HTTP parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. | 6.1 |
2024-08-26 | CVE-2024-43255 | Stormhillmedia | Cross-Site Request Forgery (CSRF) vulnerability in Stormhillmedia Mybook Table Bookstore Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows Cross-Site Scripting (XSS).This issue affects MyBookTable Bookstore: from n/a through 3.3.9. | 6.1 |
2024-08-26 | CVE-2024-43339 | Webinarpress | Cross-Site Request Forgery (CSRF) vulnerability in Webinarpress Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS).This issue affects WebinarPress: from n/a through 1.33.20. | 6.1 |
2024-08-26 | CVE-2024-42906 | Testlink | Cross-site Scripting vulnerability in Testlink TestLink before v.1.9.20 is vulnerable to Cross Site Scripting (XSS) via the pop-up on upload file. | 6.1 |
2024-08-26 | CVE-2024-44793 | Gazelle Project | Cross-site Scripting vulnerability in Gazelle Project Gazelle A cross-site scripting (XSS) vulnerability in the component /managers/multiple_freeleech.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the torrents parameter. | 6.1 |
2024-08-26 | CVE-2024-44794 | Xiebruce | Cross-site Scripting vulnerability in Xiebruce Picuploader A cross-site scripting (XSS) vulnerability in the component /master/auth/OnedriveRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter. | 6.1 |
2024-08-26 | CVE-2024-44795 | Gazelle Project | Cross-site Scripting vulnerability in Gazelle Project Gazelle A cross-site scripting (XSS) vulnerability in the component /login/disabled.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter. | 6.1 |
2024-08-26 | CVE-2024-44796 | Xiebruce | Cross-site Scripting vulnerability in Xiebruce Picuploader A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter. | 6.1 |
2024-08-26 | CVE-2024-44797 | Gazelle Project | Cross-site Scripting vulnerability in Gazelle Project Gazelle A cross-site scripting (XSS) vulnerability in the component /managers/enable_requests.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the view parameter. | 6.1 |
2024-08-26 | CVE-2024-8174 | Blood Bank System Project | Cross-site Scripting vulnerability in Blood Bank System Project Blood Bank System 1.0 A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. | 6.1 |
2024-08-26 | CVE-2024-8172 | Rems | Cross-site Scripting vulnerability in Rems QR Code Attendance System 1.0 A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Attendance System 1.0. | 6.1 |
2024-08-30 | CVE-2024-8285 | Redhat | Improper Certificate Validation vulnerability in Redhat Kroxylicious A flaw was found in Kroxylicious. | 5.9 |
2024-08-29 | CVE-2024-45056 | Matter Labs | Incorrect Calculation vulnerability in Matter-Labs Zksolc zksolc is a Solidity compiler for ZKsync. | 5.9 |
2024-08-31 | CVE-2024-44946 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcm_sendmsg() for the same socket. syzkaller reported UAF in kcm_release(). | 5.5 |
2024-08-30 | CVE-2022-48944 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: sched: Fix yet more sched_fork() races Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an invalid sched_task_group") fixed a fork race vs cgroup, it opened up a race vs syscalls by not placing the task on the runqueue before it gets exposed through the pidhash. Commit 13765de8148f ("sched/fair: Fix fault in reweight_entity") is trying to fix a single instance of this, instead fix the whole class of issues, effectively reverting this commit. | 5.5 |
2024-08-30 | CVE-2024-44944 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace. | 5.5 |
2024-08-29 | CVE-2024-1543 | Wolfssl | Information Exposure Through Discrepancy vulnerability in Wolfssl The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. | 5.5 |
2024-08-29 | CVE-2024-34018 | Acronis | Incorrect Default Permissions vulnerability in Acronis Snap Deploy 6 Sensitive information disclosure due to insecure folder permissions. | 5.5 |
2024-08-29 | CVE-2021-4442 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCP_QUEUE_SEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ _after_ restoring data in the receive queue. mprotect(0x4aa000, 12288, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_TCP, TCP_REPAIR, [1], 4) = 0 connect(3, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0 setsockopt(3, SOL_TCP, TCP_REPAIR_QUEUE, [1], 4) = 0 sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="0x0000000000000003\0\0", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 20 setsockopt(3, SOL_TCP, TCP_REPAIR, [0], 4) = 0 setsockopt(3, SOL_TCP, TCP_QUEUE_SEQ, [128], 4) = 0 recvfrom(3, NULL, 20, 0, NULL, NULL) = -1 ECONNRESET (Connection reset by peer) syslog shows: [ 111.205099] TCP recvmsg seq # bug 2: copied 80, seq 0, rcvnxt 80, fl 0 [ 111.207894] WARNING: CPU: 1 PID: 356 at net/ipv4/tcp.c:2343 tcp_recvmsg_locked+0x90e/0x29a0 This should not be allowed. | 5.5 |
2024-08-29 | CVE-2024-8250 | Wireshark | Out-of-bounds Write vulnerability in Wireshark NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file | 5.5 |
2024-08-28 | CVE-2024-44913 | Irfanview | Unspecified vulnerability in Irfanview 4.67.1.0 An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. | 5.5 |
2024-08-28 | CVE-2024-44914 | Irfanview | Unspecified vulnerability in Irfanview 4.67.1.0 An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. | 5.5 |
2024-08-28 | CVE-2024-44915 | Irfanview | Unspecified vulnerability in Irfanview 4.67.1.0 An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. | 5.5 |
2024-08-28 | CVE-2024-44943 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing try_grab_folio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. | 5.5 |
2024-08-28 | CVE-2021-22529 | Microfocus | Unspecified vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. | 5.5 |
2024-08-27 | CVE-2024-41175 | Beckhoff | Allocation of Resources Without Limits or Throttling vulnerability in Beckhoff IPC Diagnostics Package and Twincat/Bsd The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service attack by a low privileged attacker. | 5.5 |
2024-08-26 | CVE-2023-49582 | Apache | Incorrect Permission Assignment for Critical Resource vulnerability in Apache Portable Runtime Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. | 5.5 |
2024-08-26 | CVE-2024-44938 | Linux | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2() returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shift is found. | 5.5 |
2024-08-26 | CVE-2024-44939 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: jfs: fix null ptr deref in dtInsertEntry [syzbot reported] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 5061 Comm: syz-executor404 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 RIP: 0010:dtInsertEntry+0xd0c/0x1780 fs/jfs/jfs_dtree.c:3713 ... [Analyze] In dtInsertEntry(), when the pointer h has the same value as p, after writing name in UniStrncpy_to_le(), p->header.flag will be cleared. | 5.5 |
2024-08-26 | CVE-2024-43885 | Linux | Improper Locking vulnerability in Linux Kernel 6.11 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double inode unlock for direct IO sync writes If we do a direct IO sync write, at btrfs_sync_file(), and we need to skip inode logging or we get an error starting a transaction or an error when flushing delalloc, we end up unlocking the inode when we shouldn't under the 'out_release_extents' label, and then unlock it again at btrfs_direct_write(). Fix that by checking if we have to skip inode unlocking under that label. | 5.5 |
2024-08-26 | CVE-2024-43886 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check in resource_log_pipe_topology_update [WHY] When switching from "Extend" to "Second Display Only" we sometimes call resource_get_otg_master_for_stream on a stream for the eDP, which is disconnected. | 5.5 |
2024-08-26 | CVE-2024-43889 | Linux | Divide By Zero vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. [ 10.017908] Oops: divide error: 0000 1 PREEMPT SMP NOPTI [ 10.017908] CPU: 26 PID: 2627 Comm: kworker/u1666:1 Not tainted 6.10.0-15.el10.x86_64 #1 [ 10.017908] Hardware name: Lenovo ThinkSystem SR950 [7X12CTO1WW]/[7X12CTO1WW], BIOS [PSE140J-2.30] 07/20/2021 [ 10.017908] Workqueue: events_unbound padata_mt_helper [ 10.017908] RIP: 0010:padata_mt_helper+0x39/0xb0 : [ 10.017963] Call Trace: [ 10.017968] <TASK> [ 10.018004] ? padata_mt_helper+0x39/0xb0 [ 10.018084] process_one_work+0x174/0x330 [ 10.018093] worker_thread+0x266/0x3a0 [ 10.018111] kthread+0xcf/0x100 [ 10.018124] ret_from_fork+0x31/0x50 [ 10.018138] ret_from_fork_asm+0x1a/0x30 [ 10.018147] </TASK> Looking at the padata_mt_helper() function, the only way a divide-by-0 panic can happen is when ps->chunk_size is 0. | 5.5 |
2024-08-26 | CVE-2024-43890 | Linux | Integer Overflow or Wraparound vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in get_free_elt() is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracing_map even though the maximum number of elements (`max_elts`) has been reached. Continuing to insert elements after the overflow could result in the tracing_map containing "tracing_map->max_size" elements, leaving no empty entries. If any attempt is made to insert an element into a full tracing_map using `__tracing_map_insert()`, it will cause an infinite loop with preemption disabled, leading to a CPU hang problem. Fix this by preventing any further increments to "tracing_map->next_elt" once it reaches "tracing_map->max_elt". | 5.5 |
2024-08-26 | CVE-2024-43893 | Linux | Divide By Zero vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baud_base can result in uartclk being zero, which will result in a divide by zero error in uart_get_divisor(). | 5.5 |
2024-08-26 | CVE-2024-43894 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/client: fix null pointer dereference in drm_client_modeset_probe In drm_client_modeset_probe(), the return value of drm_mode_duplicate() is assigned to modeset->mode, which will lead to a possible NULL pointer dereference on failure of drm_mode_duplicate(). | 5.5 |
2024-08-26 | CVE-2024-43895 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link [why] Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2 Hardware name: LENOVO 20NKS01Y00/20NKS01Y00, BIOS R12ET61W(1.31 ) 07/28/2022 RIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper] Code: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 <48> 8> RSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293 RAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224 RDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280 RBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850 R10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000 R13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224 FS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 000000010ddc6000 CR4: 00000000003506e0 Call Trace: <TASK> ? __die+0x23/0x70 ? page_fault_oops+0x171/0x4e0 ? plist_add+0xbe/0x100 ? exc_page_fault+0x7c/0x180 ? asm_exc_page_fault+0x26/0x30 ? drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026] ? drm_dp_atomic_find_time_slots+0x28/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026] compute_mst_dsc_configs_for_link+0x2ff/0xa40 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054] ? fill_plane_buffer_attributes+0x419/0x510 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054] compute_mst_dsc_configs_for_state+0x1e1/0x250 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054] amdgpu_dm_atomic_check+0xecd/0x1190 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054] drm_atomic_check_only+0x5c5/0xa40 drm_mode_atomic_ioctl+0x76e/0xbc0 [how] dsc recompute should be skipped if no mode change detected on the new request. | 5.5 |
2024-08-26 | CVE-2024-43896 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: cs-amp-lib: Fix NULL pointer crash if efi.get_variable is NULL Call efi_rt_services_supported() to check that efi.get_variable exists before calling it. | 5.5 |
2024-08-26 | CVE-2024-43897 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csum_start and offset in virtio_net_hdr Tighten csum_start and csum_offset checks in virtio_net_hdr_to_skb for GSO packets. The function already checks that a checksum requested with VIRTIO_NET_HDR_F_NEEDS_CSUM is in skb linear. | 5.5 |
2024-08-26 | CVE-2024-43899 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer deref in dcn20_resource.c Fixes a hang thats triggered when MPV is run on a DCN401 dGPU: mpv --hwdec=vaapi --vo=gpu --hwdec-codecs=all and then enabling fullscreen playback (double click on the video) The following calltrace will be seen: [ 181.843989] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 181.843997] #PF: supervisor instruction fetch in kernel mode [ 181.844003] #PF: error_code(0x0010) - not-present page [ 181.844009] PGD 0 P4D 0 [ 181.844020] Oops: 0010 [#1] PREEMPT SMP NOPTI [ 181.844028] CPU: 6 PID: 1892 Comm: gnome-shell Tainted: G W OE 6.5.0-41-generic #41~22.04.2-Ubuntu [ 181.844038] Hardware name: System manufacturer System Product Name/CROSSHAIR VI HERO, BIOS 6302 10/23/2018 [ 181.844044] RIP: 0010:0x0 [ 181.844079] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 181.844084] RSP: 0018:ffffb593c2b8f7b0 EFLAGS: 00010246 [ 181.844093] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004 [ 181.844099] RDX: ffffb593c2b8f804 RSI: ffffb593c2b8f7e0 RDI: ffff9e3c8e758400 [ 181.844105] RBP: ffffb593c2b8f7b8 R08: ffffb593c2b8f9c8 R09: ffffb593c2b8f96c [ 181.844110] R10: 0000000000000000 R11: 0000000000000000 R12: ffffb593c2b8f9c8 [ 181.844115] R13: 0000000000000001 R14: ffff9e3c88000000 R15: 0000000000000005 [ 181.844121] FS: 00007c6e323bb5c0(0000) GS:ffff9e3f85f80000(0000) knlGS:0000000000000000 [ 181.844128] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.844134] CR2: ffffffffffffffd6 CR3: 0000000140fbe000 CR4: 00000000003506e0 [ 181.844141] Call Trace: [ 181.844146] <TASK> [ 181.844153] ? show_regs+0x6d/0x80 [ 181.844167] ? __die+0x24/0x80 [ 181.844179] ? page_fault_oops+0x99/0x1b0 [ 181.844192] ? do_user_addr_fault+0x31d/0x6b0 [ 181.844204] ? exc_page_fault+0x83/0x1b0 [ 181.844216] ? asm_exc_page_fault+0x27/0x30 [ 181.844237] dcn20_get_dcc_compression_cap+0x23/0x30 [amdgpu] [ 181.845115] amdgpu_dm_plane_validate_dcc.constprop.0+0xe5/0x180 [amdgpu] [ 181.845985] amdgpu_dm_plane_fill_plane_buffer_attributes+0x300/0x580 [amdgpu] [ 181.846848] fill_dc_plane_info_and_addr+0x258/0x350 [amdgpu] [ 181.847734] fill_dc_plane_attributes+0x162/0x350 [amdgpu] [ 181.848748] dm_update_plane_state.constprop.0+0x4e3/0x6b0 [amdgpu] [ 181.849791] ? dm_update_plane_state.constprop.0+0x4e3/0x6b0 [amdgpu] [ 181.850840] amdgpu_dm_atomic_check+0xdfe/0x1760 [amdgpu] | 5.5 |
2024-08-26 | CVE-2024-43901 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 When users run the command: cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log The following NULL pointer dereference happens: [ +0.000003] BUG: kernel NULL pointer dereference, address: NULL [ +0.000005] #PF: supervisor instruction fetch in kernel mode [ +0.000002] #PF: error_code(0x0010) - not-present page [ +0.000002] PGD 0 P4D 0 [ +0.000004] Oops: 0010 [#1] PREEMPT SMP NOPTI [ +0.000003] RIP: 0010:0x0 [ +0.000008] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [...] [ +0.000002] PKRU: 55555554 [ +0.000002] Call Trace: [ +0.000002] <TASK> [ +0.000003] ? show_regs+0x65/0x70 [ +0.000006] ? __die+0x24/0x70 [ +0.000004] ? page_fault_oops+0x160/0x470 [ +0.000006] ? do_user_addr_fault+0x2b5/0x690 [ +0.000003] ? prb_read_valid+0x1c/0x30 [ +0.000005] ? exc_page_fault+0x8c/0x1a0 [ +0.000005] ? asm_exc_page_fault+0x27/0x30 [ +0.000012] dcn10_log_color_state+0xf9/0x510 [amdgpu] [ +0.000306] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? vsnprintf+0x2fb/0x600 [ +0.000009] dcn10_log_hw_state+0xfd0/0xfe0 [amdgpu] [ +0.000218] ? __mod_memcg_lruvec_state+0xe8/0x170 [ +0.000008] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? debug_smp_processor_id+0x17/0x20 [ +0.000003] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? set_ptes.isra.0+0x2b/0x90 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? _raw_spin_unlock+0x19/0x40 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? do_anonymous_page+0x337/0x700 [ +0.000004] dtn_log_read+0x82/0x120 [amdgpu] [ +0.000207] full_proxy_read+0x66/0x90 [ +0.000007] vfs_read+0xb0/0x340 [ +0.000005] ? __count_memcg_events+0x79/0xe0 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? count_memcg_events.constprop.0+0x1e/0x40 [ +0.000003] ? handle_mm_fault+0xb2/0x370 [ +0.000003] ksys_read+0x6b/0xf0 [ +0.000004] __x64_sys_read+0x19/0x20 [ +0.000003] do_syscall_64+0x60/0x130 [ +0.000004] entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ +0.000003] RIP: 0033:0x7fdf32f147e2 [...] This error happens when the color log tries to read the gamut remap information from DCN401 which is not initialized in the dcn401_dpp_funcs which leads to a null pointer dereference. | 5.5 |
2024-08-26 | CVE-2024-43902 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity. | 5.5 |
2024-08-26 | CVE-2024-43903 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update This commit adds a null check for the 'afb' variable in the amdgpu_dm_plane_handle_cursor_update function. | 5.5 |
2024-08-26 | CVE-2024-43904 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. | 5.5 |
2024-08-26 | CVE-2024-43905 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr Check return value and conduct null pointer handling to avoid null pointer dereference. | 5.5 |
2024-08-26 | CVE-2024-43906 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/admgpu: fix dereferencing null pointer context When user space sets an invalid ta type, the pointer context will be empty. So it need to check the pointer context before using it | 5.5 |
2024-08-26 | CVE-2024-43907 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference | 5.5 |
2024-08-26 | CVE-2024-43908 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to ras_manager Check ras_manager before using it | 5.5 |
2024-08-26 | CVE-2024-43909 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table. | 5.5 |
2024-08-26 | CVE-2024-43910 | Linux | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to a global function as an argument. | 5.5 |
2024-08-26 | CVE-2024-43911 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamically allocated. | 5.5 |
2024-08-26 | CVE-2024-43912 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/... | 5.5 |
2024-08-26 | CVE-2024-43913 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: nvme: apple: fix device reference counting Drivers must call nvme_uninit_ctrl after a successful nvme_init_ctrl. Split the allocation side out to make the error handling boundary easier to navigate. | 5.5 |
2024-08-26 | CVE-2024-43914 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. | 5.5 |
2024-08-26 | CVE-2024-44931 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpio_ioctl() with an offset out of range. Offset is copied from user and then used as an array index to get the gpio descriptor without sanitization in gpio_device_get_desc(). This change ensures that the offset is sanitized by using array_index_nospec() to mitigate any possibility of speculative information leaks. This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc. | 5.5 |
2024-08-26 | CVE-2024-44933 | Linux | Out-of-bounds Write vulnerability in Linux Kernel 6.10.4/6.11 In the Linux kernel, the following vulnerability has been resolved: bnxt_en : Fix memory out-of-bounds in bnxt_fill_hw_rss_tbl() A recent commit has modified the code in __bnxt_reserve_rings() to set the default RSS indirection table to default only when the number of RX rings is changing. | 5.5 |
2024-08-26 | CVE-2024-44935 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseport_add_sock(). syzbot reported a null-ptr-deref while accessing sk2->sk_reuseport_cb in reuseport_add_sock(). | 5.5 |
2024-08-26 | CVE-2024-44936 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: power: supply: rt5033: Bring back i2c_set_clientdata Commit 3a93da231c12 ("power: supply: rt5033: Use devm_power_supply_register() helper") reworked the driver to use devm. | 5.5 |
2024-08-26 | CVE-2024-44937 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel-vbtn: Protect ACPI notify handler against recursion Since commit e2ffcda16290 ("ACPI: OSL: Allow Notify () handlers to run on all CPUs") ACPI notify handlers like the intel-vbtn notify_handler() may run on multiple CPU cores racing with themselves. This race gets hit on Dell Venue 7140 tablets when undocking from the keyboard, causing the handler to try and register priv->switches_dev twice, as can be seen from the dev_info() message getting logged twice: [ 83.861800] intel-vbtn INT33D6:00: Registering Intel Virtual Switches input-dev after receiving a switch event [ 83.861858] input: Intel Virtual Switches as /devices/pci0000:00/0000:00:1f.0/PNP0C09:00/INT33D6:00/input/input17 [ 83.861865] intel-vbtn INT33D6:00: Registering Intel Virtual Switches input-dev after receiving a switch event After which things go seriously wrong: [ 83.861872] sysfs: cannot create duplicate filename '/devices/pci0000:00/0000:00:1f.0/PNP0C09:00/INT33D6:00/input/input17' ... [ 83.861967] kobject: kobject_add_internal failed for input17 with -EEXIST, don't try to register things with the same name in the same directory. [ 83.877338] BUG: kernel NULL pointer dereference, address: 0000000000000018 ... Protect intel-vbtn notify_handler() from racing with itself with a mutex to fix this. | 5.5 |
2024-08-26 | CVE-2024-43884 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL pointer dereference causing a crash. Fixed by adding error handling in the function. | 5.5 |
2024-08-31 | CVE-2024-8108 | Share This Image Project | Cross-site Scripting vulnerability in Share This Image Project Share This Image The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alignment' parameter in all versions up to, and including, 2.01 due to insufficient input sanitization and output escaping. | 5.4 |
2024-08-31 | CVE-2024-8276 | Wpzoom | Cross-site Scripting vulnerability in Wpzoom Portfolio The WPZOOM Portfolio Lite – Filterable Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:wpzoom-blocks' Gutenberg block in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. | 5.4 |
2024-08-30 | CVE-2024-8337 | Rems | Cross-site Scripting vulnerability in Rems Contact Manager With Export to VCF 1.0 A vulnerability, which was classified as problematic, has been found in SourceCodester Contact Manager with Export to VCF 1.0. | 5.4 |
2024-08-30 | CVE-2024-7122 | Wpvibes | Cross-site Scripting vulnerability in Wpvibes Elementor Addon Elements The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-08-30 | CVE-2024-3998 | Muffingroup | Cross-site Scripting vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 27.5.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-08-30 | CVE-2024-5879 | Hubspot | Cross-site Scripting vulnerability in Hubspot The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute of the HubSpot Meeting Widget in all versions up to, and including, 11.1.22 due to insufficient input sanitization and output escaping. | 5.4 |
2024-08-30 | CVE-2024-4401 | Wpvibes | Cross-site Scripting vulnerability in Wpvibes Elementor Addon Elements The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ and 'eae_slider_animation' parameters in all versions up to, and including, 1.13.5 due to insufficient input sanitization and output escaping. | 5.4 |
2024-08-30 | CVE-2024-5061 | Kriesi | Cross-site Scripting vulnerability in Kriesi Enfold The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wrapper_class’ and 'class' parameters in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output escaping. | 5.4 |
2024-08-30 | CVE-2024-8328 | Easy Test Online Learning AND Testing Platform Project | Cross-site Scripting vulnerability in Easy Test Online Learning and Testing Platform Project Easy Test Online Learning and Testing Platform Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary JavaScript code and perform Reflected Cross-site scripting attacks. | 5.4 |
2024-08-29 | CVE-2024-41345 | Jpatokal | Cross-site Scripting vulnerability in Jpatokal Openflights 20240820 openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/trip.php | 5.4 |
2024-08-29 | CVE-2024-41346 | Jpatokal | Cross-site Scripting vulnerability in Jpatokal Openflights 20240820 openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/submit.php | 5.4 |
2024-08-29 | CVE-2024-43920 | Jegstudio | Cross-site Scripting vulnerability in Jegstudio Gutenverse Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jegstudio Gutenverse allows Stored XSS.This issue affects Gutenverse: from n/a through 1.9.4. | 5.4 |
2024-08-29 | CVE-2024-43934 | Robfelty | Cross-site Scripting vulnerability in Robfelty Collapsing Archives Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Robert Felty Collapsing Archives allows Stored XSS.This issue affects Collapsing Archives: from n/a through 3.0.5. | 5.4 |
2024-08-29 | CVE-2024-43935 | Wpdelicious | Cross-site Scripting vulnerability in Wpdelicious WP Delicious Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Delicious Delicious Recipes – WordPress Recipe Plugin allows Stored XSS.This issue affects Delicious Recipes – WordPress Recipe Plugin: from n/a through 1.6.7. | 5.4 |
2024-08-29 | CVE-2024-43936 | Wpdeveloper | Cross-site Scripting vulnerability in Wpdeveloper Embedpress Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4.0.8. | 5.4 |
2024-08-29 | CVE-2024-43946 | Sktthemes | Cross-site Scripting vulnerability in Sktthemes SKT Blocks Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Blocks – Gutenberg based Page Builder allows Stored XSS.This issue affects SKT Blocks – Gutenberg based Page Builder: from n/a through 1.5. | 5.4 |
2024-08-29 | CVE-2024-43949 | Automattic | Cross-site Scripting vulnerability in Automattic Ghacitivity and Ghactivity Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic GHActivity allows Stored XSS.This issue affects GHActivity: from n/a through 2.0.0-alpha. | 5.4 |
2024-08-29 | CVE-2024-43951 | Cryoutcreations | Cross-site Scripting vulnerability in Cryoutcreations Tempera Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Tempera allows Stored XSS.This issue affects Tempera: from n/a through 1.8.2. | 5.4 |
2024-08-29 | CVE-2024-43952 | Cryoutcreations | Cross-site Scripting vulnerability in Cryoutcreations Esotera Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Esotera allows Stored XSS.This issue affects Esotera: from n/a through 1.2.5.1. | 5.4 |
2024-08-29 | CVE-2024-43953 | Wpbakery | Cross-site Scripting vulnerability in Wpbakery Page Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Classic Addons Classic Addons – WPBakery Page Builder allows Stored XSS.This issue affects Classic Addons – WPBakery Page Builder: from n/a through 3.0. | 5.4 |
2024-08-29 | CVE-2024-43961 | Azurecurve | Cross-site Scripting vulnerability in Azurecurve Toggle Show/Hide Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azurecurve azurecurve Toggle Show/Hide allows Stored XSS.This issue affects azurecurve Toggle Show/Hide: from n/a through 2.1.3. | 5.4 |
2024-08-29 | CVE-2024-43964 | Dsgvo FOR WP | Cross-site Scripting vulnerability in Dsgvo-For-Wp Dsgvo ALL in ONE for WP Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Leithold DSGVO All in one for WP allows Stored XSS.This issue affects DSGVO All in one for WP: from n/a through 4.5. | 5.4 |
2024-08-29 | CVE-2024-44919 | Seacms | Cross-site Scripting vulnerability in Seacms 12.9 A cross-site scripting (XSS) vulnerability in the component admin_ads.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ad description parameter. | 5.4 |
2024-08-29 | CVE-2024-1056 | Funnelkit | Cross-site Scripting vulnerability in Funnelkit Funnel Builder The FunnelKit Funnel Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'allow_iframe_tag_in_post' function which uses the 'wp_kses_allowed_html' filter to globally allow script and iframe tags in posts in all versions up to, and including, 3.4.5. | 5.4 |
2024-08-29 | CVE-2024-1384 | Averta | Cross-site Scripting vulnerability in Averta Auxinportfolio The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_recent_portfolios_grid' shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-08-29 | CVE-2024-5417 | Gutentor | Cross-site Scripting vulnerability in Gutentor The Gutentor WordPress plugin before 3.3.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 5.4 |
2024-08-29 | CVE-2024-7606 | Etoilewebdesign | Cross-site Scripting vulnerability in Etoilewebdesign Front END Users The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'user-search' shortcode in all versions up to, and including, 3.2.28 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-08-29 | CVE-2024-7895 | Wpbeaveraddons | Cross-site Scripting vulnerability in Wpbeaveraddons Powerpack Lite for Beaver Builder The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type’ parameter in all versions up to, and including, 2.8.3.5 due to insufficient input sanitization and output escaping. | 5.4 |
2024-08-28 | CVE-2024-45046 | Phpoffice | Cross-site Scripting vulnerability in PHPoffice PHPspreadsheet PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. | 5.4 |
2024-08-28 | CVE-2024-7269 | Connx | Cross-site Scripting vulnerability in Connx ESP HR Management 4.4.0 Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script to be run in user's browser. After multiple attempts to contact the vendor we did not receive any answer. | 5.4 |
2024-08-28 | CVE-2024-4554 | Microfocus | Cross-site Scripting vulnerability in Microfocus Netiq Access Manager 5.0.2 Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1. | 5.4 |
2024-08-27 | CVE-2024-8216 | Insurance Management System Project | Unspecified vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. | 5.4 |
2024-08-27 | CVE-2024-6804 | Jegtheme | Cross-site Scripting vulnerability in Jegtheme JEG Elementor KIT The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. | 5.4 |
2024-08-27 | CVE-2024-7304 | Wpmanageninja | Cross-site Scripting vulnerability in Wpmanageninja Ninja Tables The Ninja Tables – Easiest Data Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.12 due to insufficient input sanitization and output escaping. | 5.4 |
2024-08-26 | CVE-2024-43299 | Softaculous | Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Speedycache Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Team SpeedyCache.This issue affects SpeedyCache: from n/a through 1.1.8. | 5.4 |
2024-08-26 | CVE-2024-43301 | Fontsplugin | Cross-Site Request Forgery (CSRF) vulnerability in Fontsplugin Fonts Plugin Cross-Site Request Forgery (CSRF) vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7. | 5.4 |
2024-08-26 | CVE-2024-43915 | Zephyr ONE | Cross-site Scripting vulnerability in Zephyr-One Zephyr Project Manager Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through .3.102. | 5.4 |
2024-08-26 | CVE-2024-42790 | Lopalopa | Cross-site Scripting vulnerability in Lopalopa Music Management System 1.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in "/music/index.php?page=test" in Kashipara Music Management System v1.0. | 5.4 |
2024-08-31 | CVE-2022-4539 | Miniorange | Insufficient Verification of Data Authenticity vulnerability in Miniorange web Application Firewall The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. | 5.3 |
2024-08-31 | CVE-2022-4100 | Wpcerber | Unspecified vulnerability in Wpcerber Cerber Security Antispam & Malware Scan The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. | 5.3 |
2024-08-31 | CVE-2022-4536 | Youtag | Unspecified vulnerability in Youtag Ip-Vault-Wp-Firewall The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. | 5.3 |
2024-08-29 | CVE-2024-45440 | Drupal | Information Exposure Through an Error Message vulnerability in Drupal 20230509 core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist. | 5.3 |
2024-08-29 | CVE-2024-5857 | Funnelforms | Missing Authorization vulnerability in Funnelforms Free The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the af2_handel_file_remove AJAX action in all versions up to, and including, 3.7.3.2. | 5.3 |
2024-08-29 | CVE-2024-6551 | Givewp | Information Exposure Through an Error Message vulnerability in Givewp The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.15.1. | 5.3 |
2024-08-29 | CVE-2024-45232 | In2Code | Authorization Bypass Through User-Controlled Key vulnerability in In2Code Powermail An issue was discovered in powermail extension through 12.3.5 for TYPO3. | 5.3 |
2024-08-28 | CVE-2024-41564 | Emilyploszaj | Improper Validation of Array Index vulnerability in Emilyploszaj EMI EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. | 5.3 |
2024-08-28 | CVE-2024-41565 | Mezz | Improper Validation of Array Index vulnerability in Mezz Justenoughitems JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. | 5.3 |
2024-08-28 | CVE-2024-42698 | Shedaniel | Improper Validation of Array Index vulnerability in Shedaniel Roughlyenoughitems Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. | 5.3 |
2024-08-28 | CVE-2024-8195 | Permalink Manager Lite Project | Missing Authorization vulnerability in Permalink Manager Lite Project Permalink Manager Lite The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'debug_data', 'debug_query', and 'debug_redirect' functions in all versions up to, and including, 2.4.4. | 5.3 |
2024-08-28 | CVE-2024-7447 | Funnelforms | Missing Authorization vulnerability in Funnelforms Free The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'fnsf_af2_handel_file_upload' function in all versions up to, and including, 3.7.3.2. | 5.3 |
2024-08-28 | CVE-2024-6448 | The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 7.7.0. | 5.3 | |
2024-08-28 | CVE-2024-7573 | The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to argument injection in all versions up to, and including, 2.4. | 5.3 | |
2024-08-26 | CVE-2024-43214 | Mycred | Missing Authorization vulnerability in Mycred Missing Authorization vulnerability in myCred.This issue affects myCred: from n/a through 2.7.2. | 5.3 |
2024-08-29 | CVE-2024-8304 | Jpress | Path Traversal vulnerability in Jpress A vulnerability has been found in jpress up to 5.1.1 and classified as critical. | 4.9 |
2024-08-26 | CVE-2024-8166 | Ruijie | Unrestricted Upload of File with Dangerous Type vulnerability in Ruijie Eg2000K Firmware 11.1(6)B2 A vulnerability has been found in Ruijie EG2000K 11.1(6)B2 and classified as critical. | 4.9 |
2024-08-29 | CVE-2024-43960 | Pagebuilderaddons | Cross-site Scripting vulnerability in Pagebuilderaddons web and Woocommerce Addons for Wpbakery Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6. | 4.8 |
2024-08-29 | CVE-2024-3944 | Delower | Cross-site Scripting vulnerability in Delower WP to DO The WP To Do plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Comment in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. | 4.8 |
2024-08-29 | CVE-2024-43986 | Mage People | Cross-site Scripting vulnerability in Mage-People Ecab Taxi Booking Manager Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagePeople Team Taxi Booking Manager for WooCommerce allows Stored XSS.This issue affects Taxi Booking Manager for WooCommerce: through 1.0.9. | 4.8 |
2024-08-29 | CVE-2024-6927 | WOW Company | Cross-site Scripting vulnerability in Wow-Company Viral Signup The Viral Signup WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 4.8 |
2024-08-29 | CVE-2024-7132 | Godaddy | Cross-site Scripting vulnerability in Godaddy Coblocks The Page Builder Gutenberg Blocks WordPress plugin before 3.1.13 does not escape the content of post embed via one of its block, which could allow users with the capability to publish posts (editor and admin by default) to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 4.8 |
2024-08-27 | CVE-2022-39996 | Teldat | Cross-site Scripting vulnerability in Teldat Rs123 Firmware and Rs123W Firmware Cross Site Scripting vulnerability in Teldats Router RS123, RS123w allows attacker to execute arbitrary code via the cmdcookie parameter to the upgrade/query.php page. | 4.8 |
2024-08-26 | CVE-2024-43967 | Starkdigital | Cross-site Scripting vulnerability in Starkdigital WP Testimonial Widget Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a through 3.1. | 4.8 |
2024-08-31 | CVE-2024-8366 | Code Projects | Cross-site Scripting vulnerability in Code-Projects Pharmacy Management System 1.0 A vulnerability was found in code-projects Pharmacy Management System 1.0. | 4.7 |
2024-08-26 | CVE-2024-43887 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net/tcp: Disable TCP-AO static key after RCU grace period The lifetime of TCP-AO static_key is the same as the last tcp_ao_info. | 4.7 |
2024-08-26 | CVE-2024-43891 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENT_FILE_FL_FREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. | 4.7 |
2024-08-26 | CVE-2024-43892 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: memcontrol: fix cgroup creation failure after many small jobs") decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. | 4.7 |
2024-08-29 | CVE-2024-35118 | IBM | Use of Hard-coded Credentials vulnerability in IBM Maas360 MDM IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device. | 4.6 |
2024-08-31 | CVE-2024-0111 | Nvidia | Improper Validation of Specified Quantity in Input vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. | 4.4 |
2024-08-31 | CVE-2023-7256 | Tcpdump | Double Free vulnerability in Tcpdump Libpcap In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. | 4.4 |
2024-08-31 | CVE-2024-8006 | Tcpdump | NULL Pointer Dereference vulnerability in Tcpdump Libpcap Remote packet capture support is disabled by default in libpcap. | 4.4 |
2024-09-01 | CVE-2024-5053 | Fluentforms | Missing Authorization vulnerability in Fluentforms Contact Form The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability check on the verifyRequest function in all versions up to, and including, 5.1.18. | 4.3 |
2024-08-30 | CVE-2024-21658 | Discourse | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Calendar 1.0.0/1.0.1 discourse-calendar is a discourse plugin which adds the ability to create a dynamic calendar in the first post of a topic. | 4.3 |
2024-08-30 | CVE-2024-8319 | Themeific | Cross-Site Request Forgery (CSRF) vulnerability in Themeific Tourfic The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.11.20. | 4.3 |
2024-08-29 | CVE-2024-43947 | Dineshkarki | Cross-Site Request Forgery (CSRF) vulnerability in Dineshkarki WP Armour Extended Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki WP Armour Extended.This issue affects WP Armour Extended: from n/a through 1.26. | 4.3 |
2024-08-29 | CVE-2024-5987 | Volkov | Missing Authorization vulnerability in Volkov WP Accessibility Helper The WP Accessibility Helper (WAH) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_contrast_variations' and 'save_empty_contrast_variations' functions in all versions up to, and including, 0.6.2.8. | 4.3 |
2024-08-29 | CVE-2024-7418 | Radiustheme | Unspecified vulnerability in Radiustheme the Post Grid The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.7.11 via the post_query_guten and post_query functions. | 4.3 |
2024-08-28 | CVE-2024-6053 | Teamviewer | Unspecified vulnerability in Teamviewer Meeting and Teamviewer Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting. | 4.3 |
2024-08-27 | CVE-2024-8199 | Smashballoon | Missing Authorization vulnerability in Smashballoon Reviews Feed The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_api_key' function in all versions up to, and including, 1.1.2. | 4.3 |
2024-08-27 | CVE-2024-8200 | Smashballoon | Cross-Site Request Forgery (CSRF) vulnerability in Smashballoon Reviews Feed The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. | 4.3 |
2024-08-27 | CVE-2024-8197 | The Visual Sound plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.03. | 4.3 | |
2024-08-27 | CVE-2024-6688 | The Oxygen Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the oxy_save_css_from_admin AJAX action in all versions up to, and including, 4.8.3. | 4.3 | |
2024-08-26 | CVE-2024-43269 | Wpbackitup | Cross-Site Request Forgery (CSRF) vulnerability in Wpbackitup Backup and Restore Wordpress Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp Backup and Restore WordPress.This issue affects Backup and Restore WordPress: from n/a through 1.50. | 4.3 |
2024-08-26 | CVE-2024-43295 | Wpdataaccess | Cross-Site Request Forgery (CSRF) vulnerability in Wpdataaccess WP Data Access Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programmers B.V. | 4.3 |
2024-08-26 | CVE-2024-43316 | Checkoutplugins | Cross-Site Request Forgery (CSRF) vulnerability in Checkoutplugins Stripe Payments for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For WooCommerce by Checkout.This issue affects Stripe Payments For WooCommerce by Checkout: from n/a through 1.9.1. | 4.3 |
2024-08-26 | CVE-2024-43336 | Wpusermanager | Cross-Site Request Forgery (CSRF) vulnerability in Wpusermanager WP User Manager Cross-Site Request Forgery (CSRF) vulnerability in WP User Manager.This issue affects WP User Manager: from n/a through 2.9.10. | 4.3 |
2024-08-26 | CVE-2024-43337 | Getbrave | Cross-Site Request Forgery (CSRF) vulnerability in Getbrave Brave Cross-Site Request Forgery (CSRF) vulnerability in Brave Brave Popup Builder.This issue affects Brave Popup Builder: from n/a through 0.7.0. | 4.3 |
2024-08-26 | CVE-2024-43340 | Advancedformintegration | Cross-Site Request Forgery (CSRF) vulnerability in Advancedformintegration Advanced Form Integration Cross-Site Request Forgery (CSRF) vulnerability in Nasirahmed Advanced Form Integration.This issue affects Advanced Form Integration: from n/a through 1.89.4. | 4.3 |
2024-08-26 | CVE-2024-43356 | Bobbingwide | Cross-Site Request Forgery (CSRF) vulnerability in Bobbingwide OIK Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide.This issue affects oik: from n/a through 4.12.0. | 4.3 |
4 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-08-30 | CVE-2024-39300 | Elecom | Missing Authentication for Critical Function vulnerability in Elecom Wab-I1750-Ps Firmware Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. | 3.7 |
2024-08-26 | CVE-2024-43265 | Analytify | Cross-Site Request Forgery (CSRF) vulnerability in Analytify - Google Analytics Dashboard Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.3.1. | 3.5 |
2024-08-26 | CVE-2024-42792 | Lopalopa | Cross-Site Request Forgery (CSRF) vulnerability in Lopalopa Music Management System 1.0 A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via /music/ajax.php?action=delete_playlist page. | 3.5 |
2024-08-31 | CVE-2024-0109 | Nvidia | Out-of-bounds Read vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. | 3.3 |