Total
78226 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-42948 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-09-03 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-6586 | 2024-09-03 | N/A | 7.3 HIGH | ||
| Lightdash version 0.1024.6 allows users with the necessary permissions, such as Administrator or Editor, to create and share dashboards. A dashboard that contains HTML elements which point to a threat actor controlled source can trigger an SSRF request when exported, via a POST request to /api/v1/dashboards//export. The forged request contains the value of the exporting user’s session token. A threat actor could obtain the session token of any user who exports the dashboard. The obtained session token can be used to perform actions as the victim on the application, resulting in session takeover. | |||||
| CVE-2024-2694 | 1 Muffingroup | 1 Betheme | 2024-09-03 | N/A | 8.8 HIGH |
| The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 27.5.6 via deserialization of untrusted input of the 'mfn-page-items' post meta value. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |||||
| CVE-2024-8016 | 1 Theeventscalendar | 1 Events Calendar Pro | 2024-09-03 | N/A | 7.2 HIGH |
| The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.0.2 via deserialization of untrusted input from the 'filters' parameter in widgets. This makes it possible for authenticated attackers, with administrator-level access and above, to inject a PHP Object. The additional presence of a POP chain allows attackers to execute code remotely. In certain configurations, this can be exploitable by lower level users. We confirmed that this plugin installed with Elementor makes it possible for users with contributor-level access and above to exploit this issue. | |||||
| CVE-2024-8252 | 1 Codection | 1 Clean Login | 2024-09-03 | N/A | 8.8 HIGH |
| The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. | |||||
| CVE-2024-43873 | 1 Linux | 1 Linux Kernel | 2024-09-03 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never set, it will be read uninitialized. 2. if VIRTIO_VSOCK_F_SEQPACKET is set and then cleared, then seqpacket_allow will not be cleared appropriately (existing apps I know about don't usually do this but it's legal and there's no way to be sure no one relies on this). To fix: - initialize seqpacket_allow after allocation - set it unconditionally in set_features | |||||
| CVE-2024-23365 | 2024-09-03 | N/A | 8.4 HIGH | ||
| Memory corruption while releasing shared resources in MinkSocket listener thread. | |||||
| CVE-2024-7435 | 2024-09-03 | N/A | 8.8 HIGH | ||
| The Attire theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.6 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |||||
| CVE-2024-33035 | 2024-09-03 | N/A | 8.4 HIGH | ||
| Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients. | |||||
| CVE-2024-23362 | 2024-09-03 | N/A | 7.1 HIGH | ||
| Cryptographic issue while parsing RSA keys in COBR format. | |||||
| CVE-2024-23359 | 2024-09-03 | N/A | 8.2 HIGH | ||
| Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. | |||||
| CVE-2024-23358 | 2024-09-03 | N/A | 7.5 HIGH | ||
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem. | |||||
| CVE-2024-23364 | 2024-09-03 | N/A | 7.5 HIGH | ||
| Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). | |||||
| CVE-2024-5148 | 2024-09-03 | N/A | 7.5 HIGH | ||
| A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition. | |||||
| CVE-2024-23495 | 1 Intel | 2 Distribution For Gdb, Oneapi Base Toolkit | 2024-08-31 | N/A | 7.8 HIGH |
| Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-23491 | 1 Intel | 2 Distribution For Gdb, Oneapi Base Toolkit | 2024-08-31 | N/A | 7.3 HIGH |
| Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-7651 | 1 Appcheap | 1 App Builder | 2024-08-31 | N/A | 7.5 HIGH |
| The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to limited SQL Injection via the ‘app-builder-search’ parameter in all versions up to, and including, 4.2.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | |||||
| CVE-2024-6117 | 1 Hamastar | 1 Meetinghub Paperless Meetings | 2024-08-30 | N/A | 8.8 HIGH |
| A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Paperless Meetings 2021 allows remote authenticated users to perform arbitrary system commands via a crafted ASP file. | |||||
| CVE-2024-8194 | 1 Google | 1 Chrome | 2024-08-30 | N/A | 8.8 HIGH |
| Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-39620 | 1 Cridio | 1 Listingpro | 2024-08-30 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro allows SQL Injection.This issue affects ListingPro: from n/a through 2.9.4. | |||||