Total
19 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-37779 | 2024-09-27 | N/A | 8.8 HIGH | ||
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the Apache Ant script functionality. | |||||
CVE-2024-35373 | 2024-08-19 | N/A | 9.8 CRITICAL | ||
Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php. | |||||
CVE-2024-0801 | 2024-08-15 | N/A | 7.5 HIGH | ||
A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll. | |||||
CVE-2024-39227 | 1 Gl-inet | 56 A1300, A1300 Firmware, Ap1300 and 53 more | 2024-08-15 | N/A | 9.8 CRITICAL |
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain insecure permissions in the endpoint /cgi-bin/glc. This vulnerability allows unauthenticated attackers to execute arbitrary code or possibly a directory traversal via crafted JSON data. | |||||
CVE-2024-27622 | 2024-08-05 | N/A | 7.2 HIGH | ||
A remote code execution vulnerability has been identified in the User Defined Tags module of CMS Made Simple version 2.2.19 / 2.2.21. This vulnerability arises from inadequate sanitization of user-supplied input in the 'Code' section of the module. As a result, authenticated users with administrative privileges can inject and execute arbitrary PHP code. | |||||
CVE-2022-48217 | 1 Tradr-project | 1 Tf Remapper | 2024-08-03 | N/A | 8.1 HIGH |
The tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled old_tf_topic_name and/or new_tf_topic_name parameter. NOTE: the vendor's position is "it is the responsibility of the programmer to make sure that only known and required parameters are set and unexpected parameters are not." | |||||
CVE-2023-40743 | 1 Apache | 1 Axis | 2024-08-02 | N/A | 9.8 CRITICAL |
** UNSUPPORTED WHEN ASSIGNED ** When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API method, this could expose the application to DoS, SSRF and even attacks leading to RCE. As Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis 2/Java. As a workaround, you may review your code to verify no untrusted or unsanitized input is passed to "ServiceFactory.getService", or by applying the patch from https://github.com/apache/axis-axis1-java/commit/7e66753427466590d6def0125e448d2791723210 . The Apache Axis project does not expect to create an Axis 1.x release fixing this problem, though contributors that would like to work towards this are welcome. | |||||
CVE-2024-37570 | 1 Mitel | 2 6869i Sip, 6869i Sip Firmware | 2024-08-01 | N/A | 8.8 HIGH |
On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform sanitization on the username and path parameters (sent by an authenticated user) before appending flags to the busybox ftpget command. This leads to $() command execution. | |||||
CVE-2024-31812 | 2024-08-01 | N/A | 6.5 MEDIUM | ||
In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getWiFiExtenderConfig. | |||||
CVE-2024-31809 | 2024-08-01 | N/A | 8.8 HIGH | ||
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the FileName parameter in the setUpgradeFW function. | |||||
CVE-2024-24257 | 2024-08-01 | N/A | 7.5 HIGH | ||
An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component. | |||||
CVE-2024-23274 | 1 Apple | 1 Macos | 2024-08-01 | N/A | 7.8 HIGH |
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. | |||||
CVE-2024-23268 | 1 Apple | 1 Macos | 2024-08-01 | N/A | 7.8 HIGH |
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. | |||||
CVE-2024-36997 | 2024-07-08 | N/A | 8.1 HIGH | ||
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312, an admin user could store and execute arbitrary JavaScript code in the browser context of another Splunk user through the conf-web/settings REST endpoint. This could potentially cause a persistent cross-site scripting (XSS) exploit. | |||||
CVE-2024-36983 | 2024-07-08 | N/A | 8.0 HIGH | ||
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance. | |||||
CVE-2024-39243 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save. | |||||
CVE-2024-21503 | 2024-07-03 | N/A | 5.3 MEDIUM | ||
Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings. | |||||
CVE-2024-0044 | 2024-07-03 | N/A | 7.8 HIGH | ||
In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2021-39174 | 1 Catchethq | 1 Catchet | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email, database, etc). This issue was addressed in version 2.5.1 by improving `UpdateConfigCommandHandler` and preventing the use of nested variables in the resulting dotenv configuration file. As a workaround, only allow trusted source IP addresses to access to the administration dashboard. |