Total
292123 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46809 | 2024-09-09 | N/A | 7.4 HIGH | ||
| Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/~hkario/marvin/, if PCKS #1 v1.5 padding is allowed when performing RSA descryption using a private key. | |||||
| CVE-2024-39714 | 2024-09-09 | N/A | 9.9 CRITICAL | ||
| A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server. | |||||
| CVE-2024-38651 | 2024-09-09 | N/A | 8.5 HIGH | ||
| A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server. | |||||
| CVE-2024-39715 | 2024-09-09 | N/A | 8.5 HIGH | ||
| A code injection vulnerability that allows a low-privileged user with REST API access granted to remotely upload arbitrary files to the VSPC server using REST API, leading to remote code execution on VSPC server. | |||||
| CVE-2024-40709 | 2024-09-09 | N/A | 7.8 HIGH | ||
| A missing authorization vulnerability allows a local low-privileged user on the machine to escalate their privileges to root level. | |||||
| CVE-2024-7644 | 1 Rems | 1 Leads Manager Tool | 2024-09-09 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads Handler. The manipulation of the argument leads_name/phone_number leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-40718 | 2024-09-09 | N/A | 8.8 HIGH | ||
| A server side request forgery vulnerability allows a low-privileged user to perform local privilege escalation through exploiting an SSRF vulnerability. | |||||
| CVE-2024-38650 | 2024-09-09 | N/A | 9.9 CRITICAL | ||
| An authentication bypass vulnerability can allow a low privileged attacker to access the NTLM hash of service account on the VSPC server. | |||||
| CVE-2024-6572 | 2024-09-09 | N/A | 7.4 HIGH | ||
| Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 (EOL) allows man-in-the-middle attackers to intercept traffic | |||||
| CVE-2024-8521 | 2024-09-09 | 5.0 MEDIUM | 4.3 MEDIUM | ||
| A vulnerability, which was classified as problematic, was found in Wavelog up to 1.8.0. Affected is the function index of the file /qso of the component Live QSO. The manipulation of the argument manual leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.8.1 is able to address this issue. The patch is identified as b31002cec6b71ab5f738881806bb546430ec692e. It is recommended to upgrade the affected component. | |||||
| CVE-2024-8523 | 2024-09-09 | 5.8 MEDIUM | 4.7 MEDIUM | ||
| A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue is the function formatData of the file /admin.php?m=Acquisi&a=testcj&lid=1 of the component SQL Command Execution Module. The manipulation of the argument data leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-7620 | 2024-09-09 | N/A | 6.6 MEDIUM | ||
| The Customizer Export/Import plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_import' function in all versions up to, and including, 0.9.7. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. NOTE: This vulnerability is only exploitable when used in conjunction with a race condition as the uploaded file is deleted shortly after it is created. | |||||
| CVE-2024-41160 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 7.8 HIGH |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. | |||||
| CVE-2024-42334 | 2024-09-08 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |||||
| CVE-2024-43859 | 1 Linux | 1 Linux Kernel | 2024-09-08 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate preallocated blocks in f2fs_file_open() chenyuwen reports a f2fs bug as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000011 fscrypt_set_bio_crypt_ctx+0x78/0x1e8 f2fs_grab_read_bio+0x78/0x208 f2fs_submit_page_read+0x44/0x154 f2fs_get_read_data_page+0x288/0x5f4 f2fs_get_lock_data_page+0x60/0x190 truncate_partial_data_page+0x108/0x4fc f2fs_do_truncate_blocks+0x344/0x5f0 f2fs_truncate_blocks+0x6c/0x134 f2fs_truncate+0xd8/0x200 f2fs_iget+0x20c/0x5ac do_garbage_collect+0x5d0/0xf6c f2fs_gc+0x22c/0x6a4 f2fs_disable_checkpoint+0xc8/0x310 f2fs_fill_super+0x14bc/0x1764 mount_bdev+0x1b4/0x21c f2fs_mount+0x20/0x30 legacy_get_tree+0x50/0xbc vfs_get_tree+0x5c/0x1b0 do_new_mount+0x298/0x4cc path_mount+0x33c/0x5fc __arm64_sys_mount+0xcc/0x15c invoke_syscall+0x60/0x150 el0_svc_common+0xb8/0xf8 do_el0_svc+0x28/0xa0 el0_svc+0x24/0x84 el0t_64_sync_handler+0x88/0xec It is because inode.i_crypt_info is not initialized during below path: - mount - f2fs_fill_super - f2fs_disable_checkpoint - f2fs_gc - f2fs_iget - f2fs_truncate So, let's relocate truncation of preallocated blocks to f2fs_file_open(), after fscrypt_file_open(). | |||||
| CVE-2022-33162 | 1 Ibm | 2 Security Directory Integrator, Security Verify Directory Integrator | 2024-09-07 | N/A | 9.8 CRITICAL |
| IBM Security Directory Integrator 7.2.0 and Security Verify Directory Integrator 10.0.0 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources, at the privilege level of a standard unprivileged user. IBM X-Force ID: 228570. | |||||
| CVE-2024-7454 | 1 Oretnom23 | 1 Clinic\'s Patient Management System | 2024-09-07 | 6.5 MEDIUM | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in SourceCodester Clinics Patient Management System 1.0. Affected by this issue is the function patient_name of the file patients.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273548. | |||||
| CVE-2024-45307 | 1 Onesoftnet | 1 Sudobot | 2024-09-07 | N/A | 9.8 CRITICAL |
| SudoBot, a Discord moderation bot, is vulnerable to privilege escalation and exploit of the `-config` command in versions prior to 9.26.7. Anyone is theoretically able to update any configuration of the bot and potentially gain control over the bot's settings. Every version of v9 before v9.26.7 is affected. Other versions (e.g. v8) are not affected. Users should upgrade to version 9.26.7 to receive a patch. A workaround would be to create a command permission overwrite in the Database. A SQL statement provided in the GitHub Security Advisor can be executed to create a overwrite that disallows users without `ManageGuild` permission to run the `-config` command. Run the SQL statement for every server the bot is in, and replace `<guild_id>` with the appropriate Guild ID each time. | |||||
| CVE-2024-44796 | 1 Xiebruce | 1 Picuploader | 2024-09-06 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter. | |||||
| CVE-2024-43804 | 1 Roxy-wi | 1 Roxy-wi | 2024-09-06 | N/A | 8.8 HIGH |
| Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. An OS Command Injection vulnerability allows any authenticated user on the application to execute arbitrary code on the web application server via port scanning functionality. User-supplied input is used without validation when constructing and executing an OS command. User supplied JSON POST data is parsed and if "id" JSON key does not exist, JSON value supplied via "ip" JSON key is assigned to the "ip" variable. Later on, "ip" variable which can be controlled by the attacker is used when constructing the cmd and cmd1 strings without any extra validation. Then, server_mod.subprocess_execute function is called on both cmd1 and cmd2. When the definition of the server_mod.subprocess_execute() function is analyzed, it can be seen that subprocess.Popen() is called on the input parameter with shell=True which results in OS Command Injection. This issue has not yet been patched. Users are advised to contact the Roxy-WI to coordinate a fix. | |||||