Total
286990 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-3279 | 2024-08-12 | N/A | 9.1 CRITICAL | ||
| An improper access control vulnerability exists in the mintplex-labs/anything-llm application, specifically within the import endpoint. This vulnerability allows an anonymous attacker, without an account in the application, to import their own database file, leading to the deletion or spoofing of the existing `anythingllm.db` file. By exploiting this vulnerability, attackers can serve malicious data to users or collect information about them. The vulnerability stems from the application's failure to properly restrict access to the data-import functionality, allowing unauthorized database manipulation. | |||||
| CVE-2024-7414 | 2024-08-12 | N/A | 5.3 MEDIUM | ||
| The PDF Builder for WPForms plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.116. This is due to the plugin allowing direct access to the composer-setup.php file which has display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | |||||
| CVE-2024-21881 | 2024-08-12 | N/A | N/A | ||
| Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary OS Commands via encrypted package upload.This issue affects Envoy: 4.x and 5.x | |||||
| CVE-2024-7416 | 2024-08-12 | N/A | 5.3 MEDIUM | ||
| The Reveal Template plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.7. This is due to the plugin allowing direct access to the bootstrap.php file which has display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | |||||
| CVE-2024-7633 | 2024-08-12 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | |||||
| CVE-2024-42226 | 2024-08-12 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |||||
| CVE-2022-38322 | 2024-08-12 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |||||
| CVE-2024-34635 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 3.3 LOW |
| Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. | |||||
| CVE-2024-34634 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 3.3 LOW |
| Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. | |||||
| CVE-2024-34632 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 3.3 LOW |
| Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. | |||||
| CVE-2024-34633 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 3.3 LOW |
| Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. | |||||
| CVE-2024-34630 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34629 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary with text common object in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34628 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34627 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in parsing implemention in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34626 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34625 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34631 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34621 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34624 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||