Last update performed on 03/18/2024 at 11:57:07 PM

(14) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : patchstack.com

Vulnerability ID : CVE-2024-27957

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Unrestricted Upload of File with Dangerous Type vulnerability in Pie Register.This issue affects Pie Register: from n/a through 3.8.3.1.

CVE ID : CVE-2024-27957
Source : audit@patchstack.com
CVSS Score : 10.0

References :
https://patchstack.com/database/vulnerability/pie-register/wordpress-pie-register-plugin-3-8-3-1-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-434

Source : cyber.gov.il

Vulnerability ID : CVE-2024-27767

First published on : 18-03-2024 14:15:08
Last modified on : 18-03-2024 19:40:00

Description :
CWE-287: Improper Authentication may allow Authentication Bypass

CVE ID : CVE-2024-27767
Source : cna@cyber.gov.il
CVSS Score : 10.0

References :
https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0 | source : cna@cyber.gov.il

Vulnerability : CWE-287

Vulnerability ID : CVE-2024-27768

First published on : 18-03-2024 14:15:08
Last modified on : 18-03-2024 19:40:00

Description :
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE

CVE ID : CVE-2024-27768
Source : cna@cyber.gov.il
CVSS Score : 9.8

References :
https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered | source : cna@cyber.gov.il
https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0 | source : cna@cyber.gov.il

Vulnerability : CWE-22

Source : github.com

Vulnerability ID : CVE-2024-24578

First published on : 18-03-2024 22:15:07
Last modified on : 18-03-2024 22:15:07

Description :
RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices. RaspberryMatic / OCCU prior to version 3.75.6.20240316 contains a unauthenticated remote code execution (RCE) vulnerability, caused by multiple issues within the Java based `HMIPServer.jar` component. RaspberryMatric includes a Java based `HMIPServer`, that can be accessed through URLs starting with `/pages/jpages`. The `FirmwareController` class does however not perform any session id checks, thus this feature can be accessed without a valid session. Due to this issue, attackers can gain remote code execution as root user, allowing a full system compromise. Version 3.75.6.20240316 contains a patch.

CVE ID : CVE-2024-24578
Source : security-advisories@github.com
CVSS Score : 10.0

References :
https://github.com/jens-maus/RaspberryMatic/security/advisories/GHSA-q967-q4j8-637h | source : security-advisories@github.com

Vulnerability : CWE-23
Vulnerability : CWE-306

Vulnerability ID : CVE-2024-28255

First published on : 15-03-2024 20:15:10
Last modified on : 17-03-2024 22:38:29

Description :
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request's path is checked against this list. When the request's path contains any of the excluded endpoints the filter returns without validating the JWT. Unfortunately, an attacker may use Path Parameters to make any path contain any arbitrary strings. For example, a request to `GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/111` will match the excluded endpoint condition and therefore will be processed with no JWT validation allowing an attacker to bypass the authentication mechanism and reach any arbitrary endpoint, including the ones listed above that lead to arbitrary SpEL expression injection. This bypass will not work when the endpoint uses the `SecurityContext.getUserPrincipal()` since it will return `null` and will throw an NPE. This issue may lead to authentication bypass and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-237`.

CVE ID : CVE-2024-28255
Source : security-advisories@github.com
CVSS Score : 9.8

References :
https://github.com/open-metadata/OpenMetadata/blob/e2043a3f31312ebb42391d6c93a67584d798de52/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java#L111 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/e2043a3f31312ebb42391d6c93a67584d798de52/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java#L113 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-6wx7-qw5p-wh84 | source : security-advisories@github.com

Vulnerability : CWE-287

Vulnerability ID : CVE-2024-21652

First published on : 18-03-2024 18:15:09
Last modified on : 18-03-2024 19:40:00

Description :
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a chain of vulnerabilities, including a Denial of Service (DoS) flaw and in-memory data storage weakness, to effectively bypass the application's brute force login protection. This is a critical security vulnerability that allows attackers to bypass the brute force login protection mechanism. Not only can they crash the service affecting all users, but they can also make unlimited login attempts, increasing the risk of account compromise. Versions 2.8.13, 2.9.9, and 2.10.4 contain a patch for this issue.

CVE ID : CVE-2024-21652
Source : security-advisories@github.com
CVSS Score : 9.8

References :
https://github.com/argoproj/argo-cd/security/advisories/GHSA-x32m-mvfj-52xv | source : security-advisories@github.com

Vulnerability : CWE-307

Vulnerability ID : CVE-2024-28253

First published on : 15-03-2024 20:15:09
Last modified on : 17-03-2024 22:38:29

Description :
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. `CompiledRule::validateExpression` is also called from `PolicyRepository.prepare`. `prepare()` is called from `EntityRepository.prepareInternal()` which, in turn, gets called from `EntityResource.createOrUpdate()`. Note that even though there is an authorization check (`authorizer.authorize()`), it gets called after `prepareInternal()` gets called and therefore after the SpEL expression has been evaluated. In order to reach this method, an attacker can send a PUT request to `/api/v1/policies` which gets handled by `PolicyResource.createOrUpdate()`. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query and is also tracked as `GHSL-2023-252`. This issue may lead to Remote Code Execution and has been addressed in version 1.3.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-28253
Source : security-advisories@github.com
CVSS Score : 9.4

References :
https://codeql.github.com/codeql-query-help/java/java-spel-expression-injection | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/b6b337e09a05101506a5faba4b45d370cc3c9fc8/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/EntityRepository.java#L693 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/b6b337e09a05101506a5faba4b45d370cc3c9fc8/openmetadata-service/src/main/java/org/openmetadata/service/resources/EntityResource.java#L219 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/b6b337e09a05101506a5faba4b45d370cc3c9fc8/openmetadata-service/src/main/java/org/openmetadata/service/resources/policies/PolicyResource.java#L365 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/PolicyRepository.java#L113 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-7vf4-x5m2-r6gr | source : security-advisories@github.com

Vulnerability : CWE-94

Source : incibe.es

Vulnerability ID : CVE-2024-2599

First published on : 18-03-2024 14:15:13
Last modified on : 18-03-2024 19:40:00

Description :
File upload restriction evasion vulnerability in AMSS++ version 4.31. This vulnerability could allow an authenticated user to potentially obtain RCE through webshell, compromising the entire infrastructure.

CVE ID : CVE-2024-2599
Source : cve-coordination@incibe.es
CVSS Score : 9.9

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-434

Source : yd.MitsubishiElectric.co.jp

Vulnerability ID : CVE-2024-0802

First published on : 15-03-2024 01:15:57
Last modified on : 15-03-2024 12:53:06

Description :
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet.

CVE ID : CVE-2024-0802
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Score : 9.8

References :
https://jvn.jp/vu/JVNVU99690199/ | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14 | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Vulnerability : CWE-468

Vulnerability ID : CVE-2024-0803

First published on : 15-03-2024 01:15:57
Last modified on : 15-03-2024 12:53:06

Description :
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

CVE ID : CVE-2024-0803
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Score : 9.8

Vulnerability : CWE-190

Vulnerability ID : CVE-2024-1915

First published on : 15-03-2024 01:15:58
Last modified on : 15-03-2024 12:53:06

Description :
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

CVE ID : CVE-2024-1915
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Score : 9.8

Vulnerability : CWE-468

Vulnerability ID : CVE-2024-1916

First published on : 15-03-2024 01:15:58
Last modified on : 15-03-2024 12:53:06

CVE ID : CVE-2024-1916
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Score : 9.8

Vulnerability : CWE-190

Vulnerability ID : CVE-2024-1917

First published on : 15-03-2024 01:15:58
Last modified on : 15-03-2024 12:53:06

CVE ID : CVE-2024-1917
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Score : 9.8

Vulnerability : CWE-190

Source : se.com

Vulnerability ID : CVE-2024-2051

First published on : 18-03-2024 16:15:09
Last modified on : 18-03-2024 19:40:00

Description :
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover and unauthorized access to the system when an attacker conducts brute-force attacks against the login form.

CVE ID : CVE-2024-2051
Source : cybersecurity@se.com
CVSS Score : 9.8

References :
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-072-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-072-01.pdf | source : cybersecurity@se.com

Vulnerability : CWE-307

(92) HIGH VULNERABILITIES [7.0, 8.9]

Source : wordfence.com

Vulnerability ID : CVE-2024-1795

First published on : 15-03-2024 07:15:08
Last modified on : 15-03-2024 12:53:06

Description :
The HUSKY – Products Filter for WooCommerce Professional plugin for WordPress is vulnerable to SQL Injection via the 'name' parameter in the woof shortcode in all versions up to, and including, 1.3.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE ID : CVE-2024-1795
Source : security@wordfence.com
CVSS Score : 8.8

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3051027%40woocommerce-products-filter&new=3051027%40woocommerce-products-filter&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/fff8dfbc-fd59-47db-85bb-de2a7c6a9a5f?source=cve | source : security@wordfence.com

Vulnerability ID : CVE-2024-1685

First published on : 16-03-2024 06:15:10
Last modified on : 17-03-2024 22:38:29

Description :
The Social Media Share Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.1.0 via deserialization of untrusted input through the attachmentUrl parameter. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

CVE ID : CVE-2024-1685
Source : security@wordfence.com
CVSS Score : 8.8

References :
https://plugins.trac.wordpress.org/browser/social-media-builder/trunk/classes/SgmbButton.php#L32 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/9c17d18a-090f-4b35-a257-cfc0a16d5459?source=cve | source : security@wordfence.com

Source : vuldb.com

Vulnerability ID : CVE-2024-2485

First published on : 15-03-2024 07:15:13
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256892. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2485
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/SetSpeedWan.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256892 | source : cna@vuldb.com
https://vuldb.com/?id.256892 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2486

First published on : 15-03-2024 08:15:07
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256893 was assigned to this vulnerability.

CVE ID : CVE-2024-2486
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formQuickIndex.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256893 | source : cna@vuldb.com
https://vuldb.com/?id.256893 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2487

First published on : 15-03-2024 09:15:07
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName/mac leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-256894 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2487
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formSetDeviceName_devName.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256894 | source : cna@vuldb.com
https://vuldb.com/?id.256894 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2488

First published on : 15-03-2024 09:15:08
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIP leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256895. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2488
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formSetPPTPServer.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256895 | source : cna@vuldb.com
https://vuldb.com/?id.256895 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2489

First published on : 15-03-2024 09:15:08
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256896. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2489
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formSetQosBand.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256896 | source : cna@vuldb.com
https://vuldb.com/?id.256896 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2490

First published on : 15-03-2024 10:15:08
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256897 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2490
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/Emilytutu/IoT-vulnerable/blob/main/Tenda/AC18/setSchedWifi_end.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256897 | source : cna@vuldb.com
https://vuldb.com/?id.256897 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2546

First published on : 17-03-2024 02:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256999. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2546
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/A18/fromSetWirelessRepeat_a.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256999 | source : cna@vuldb.com
https://vuldb.com/?id.256999 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2547

First published on : 17-03-2024 04:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257000. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2547
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/R7WebsSecurityHandler.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257000 | source : cna@vuldb.com
https://vuldb.com/?id.257000 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2558

First published on : 17-03-2024 09:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257057 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2558
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formexeCommand.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257057 | source : cna@vuldb.com
https://vuldb.com/?id.257057 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2581

First published on : 18-03-2024 03:15:06
Last modified on : 18-03-2024 12:38:25

Description :
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257081 was assigned to this vulnerability.

CVE ID : CVE-2024-2581
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10/V16.03.10.13/fromSetRouteStatic.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257081 | source : cna@vuldb.com
https://vuldb.com/?id.257081 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2514

First published on : 15-03-2024 23:15:08
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability classified as critical was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256951. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2514
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20Auth%20bypass%20-%20login.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256951 | source : cna@vuldb.com
https://vuldb.com/?id.256951 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2566

First published on : 17-03-2024 15:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240313. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file api/client/get_extension_yl.php. The manipulation of the argument imei leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257065 was assigned to this vulnerability.

CVE ID : CVE-2024-2566
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://h0e4a0r1t.github.io/2024/vulns/Fujian%20Kelixin%20Communication%20Co.,%20Ltd.%20Command%20and%20Dispatch%20Platform%20SQL%20Injection%20Vulnerability-get_extension_yl.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.257065 | source : cna@vuldb.com
https://vuldb.com/?id.257065 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2569

First published on : 18-03-2024 00:15:07
Last modified on : 18-03-2024 01:13:31

Description :
A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin-manage-user.php. The manipulation leads to execution after redirect. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257072.

CVE ID : CVE-2024-2569
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20admin-manage-user.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257072 | source : cna@vuldb.com
https://vuldb.com/?id.257072 | source : cna@vuldb.com

Vulnerability : CWE-698

Vulnerability ID : CVE-2024-2570

First published on : 18-03-2024 00:15:08
Last modified on : 18-03-2024 01:13:31

Description :
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit-task.php. The manipulation leads to execution after redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257073 was assigned to this vulnerability.

CVE ID : CVE-2024-2570
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20edit-task.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257073 | source : cna@vuldb.com
https://vuldb.com/?id.257073 | source : cna@vuldb.com

Vulnerability : CWE-698

Vulnerability ID : CVE-2024-2571

First published on : 18-03-2024 01:15:48
Last modified on : 18-03-2024 01:53:02

Description :
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage-admin.php. The manipulation leads to execution after redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257074 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-2571
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20manage-admin.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257074 | source : cna@vuldb.com
https://vuldb.com/?id.257074 | source : cna@vuldb.com

Vulnerability : CWE-698

Vulnerability ID : CVE-2024-2572

First published on : 18-03-2024 01:15:48
Last modified on : 18-03-2024 01:53:02

Description :
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /task-details.php. The manipulation leads to execution after redirect. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257075.

CVE ID : CVE-2024-2572
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20task-details.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257075 | source : cna@vuldb.com
https://vuldb.com/?id.257075 | source : cna@vuldb.com

Vulnerability : CWE-698

Vulnerability ID : CVE-2024-2573

First published on : 18-03-2024 01:15:48
Last modified on : 18-03-2024 01:53:02

Description :
A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file /task-info.php. The manipulation leads to execution after redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257076.

CVE ID : CVE-2024-2573
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20task-info.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257076 | source : cna@vuldb.com
https://vuldb.com/?id.257076 | source : cna@vuldb.com

Vulnerability : CWE-698

Vulnerability ID : CVE-2024-2574

First published on : 18-03-2024 02:15:06
Last modified on : 18-03-2024 12:38:25

Description :
A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argument task_id leads to authorization bypass. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257077 was assigned to this vulnerability.

CVE ID : CVE-2024-2574
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20edit-task.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257077 | source : cna@vuldb.com
https://vuldb.com/?id.257077 | source : cna@vuldb.com

Vulnerability : CWE-639

Vulnerability ID : CVE-2024-2575

First published on : 18-03-2024 02:15:06
Last modified on : 18-03-2024 12:38:25

Description :
A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument task_id leads to authorization bypass. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257078 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-2575
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20task-details.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257078 | source : cna@vuldb.com
https://vuldb.com/?id.257078 | source : cna@vuldb.com

Vulnerability : CWE-639

Vulnerability ID : CVE-2024-2576

First published on : 18-03-2024 02:15:06
Last modified on : 18-03-2024 12:38:25

Description :
A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument admin_id leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257079.

CVE ID : CVE-2024-2576
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20update-admin.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257079 | source : cna@vuldb.com
https://vuldb.com/?id.257079 | source : cna@vuldb.com

Vulnerability : CWE-639

Vulnerability ID : CVE-2024-2577

First published on : 18-03-2024 03:15:06
Last modified on : 18-03-2024 12:38:25

Description :
A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /update-employee.php. The manipulation of the argument admin_id leads to authorization bypass. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257080.

CVE ID : CVE-2024-2577
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20update-employee.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257080 | source : cna@vuldb.com
https://vuldb.com/?id.257080 | source : cna@vuldb.com

Vulnerability : CWE-639

Source : mattermost.com

Vulnerability ID : CVE-2024-2450

First published on : 15-03-2024 10:15:08
Last modified on : 15-03-2024 12:53:06

Description :
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to correctly verify account ownership when switching from email to SAML authentication, allowing an authenticated attacker to take over other user accounts via a crafted switch request under specific conditions.

CVE ID : CVE-2024-2450
Source : responsibledisclosure@mattermost.com
CVSS Score : 8.8

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-287

Source : github.com

Vulnerability ID : CVE-2024-28254

First published on : 15-03-2024 20:15:10
Last modified on : 17-03-2024 22:38:29

Description :
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `?AlertUtil::validateExpression` method evaluates an SpEL expression using `getValue` which by default uses the `StandardEvaluationContext`, allowing the expression to reach and interact with Java classes such as `java.lang.Runtime`, leading to Remote Code Execution. The `/api/v1/events/subscriptions/validation/condition/<expression>` endpoint passes user-controlled data `AlertUtil::validateExpession` allowing authenticated (non-admin) users to execute arbitrary system commands on the underlaying operating system. In addition, there is a missing authorization check since `Authorizer.authorize()` is never called in the affected path and, therefore, any authenticated non-admin user is able to trigger this endpoint and evaluate arbitrary SpEL expressions leading to arbitrary command execution. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query and is also tracked as `GHSL-2023-235`. This issue may lead to Remote Code Execution and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-28254
Source : security-advisories@github.com
CVSS Score : 8.8

References :
https://codeql.github.com/codeql-query-help/java/java-spel-expression-injection | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/84054a85d3478e3e3795fe92daa633ec11c9d6d9/openmetadata-service/src/main/java/org/openmetadata/service/events/subscription/AlertUtil.java#L101 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/84054a85d3478e3e3795fe92daa633ec11c9d6d9/openmetadata-service/src/main/java/org/openmetadata/service/events/subscription/AlertUtil.java#L108 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-j86m-rrpr-g8gw | source : security-advisories@github.com
https://github.com/spring-projects/spring-framework/blob/4e2d3573189b7c0afce62bce29cd915de4077f56/spring-expression/src/main/java/org/springframework/expression/spel/standard/SpelExpression.java#L106 | source : security-advisories@github.com

Vulnerability : CWE-78

Vulnerability ID : CVE-2024-28847

First published on : 15-03-2024 20:15:10
Last modified on : 17-03-2024 22:38:29

Description :
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. Similarly to the GHSL-2023-250 issue, `AlertUtil::validateExpression` is also called from `EventSubscriptionRepository.prepare()`, which can lead to Remote Code Execution. `prepare()` is called from `EntityRepository.prepareInternal()` which, in turn, gets called from `EntityResource.createOrUpdate()`. Note that, even though there is an authorization check (`authorizer.authorize()`), it gets called after `prepareInternal()` gets called and, therefore, after the SpEL expression has been evaluated. In order to reach this method, an attacker can send a PUT request to `/api/v1/events/subscriptions` which gets handled by `EventSubscriptionResource.createOrUpdateEventSubscription()`. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query. This issue may lead to Remote Code Execution and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-251`.

CVE ID : CVE-2024-28847
Source : security-advisories@github.com
CVSS Score : 8.8

References :
https://codeql.github.com/codeql-query-help/java/java-spel-expression-injection | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/b6b337e09a05101506a5faba4b45d370cc3c9fc8/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/EntityRepository.java#L693 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/b6b337e09a05101506a5faba4b45d370cc3c9fc8/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/EventSubscriptionRepository.java#L69-L83 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/b6b337e09a05101506a5faba4b45d370cc3c9fc8/openmetadata-service/src/main/java/org/openmetadata/service/resources/EntityResource.java#L219 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/b6b337e09a05101506a5faba4b45d370cc3c9fc8/openmetadata-service/src/main/java/org/openmetadata/service/resources/events/subscription/EventSubscriptionResource.java#L289 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-8p5r-6mvv-2435 | source : security-advisories@github.com

Vulnerability : CWE-94

Vulnerability ID : CVE-2024-28848

First published on : 15-03-2024 20:15:10
Last modified on : 17-03-2024 22:38:29

Description :
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `?CompiledRule::validateExpression` method evaluates an SpEL expression using an `StandardEvaluationContext`, allowing the expression to reach and interact with Java classes such as `java.lang.Runtime`, leading to Remote Code Execution. The `/api/v1/policies/validation/condition/<expression>` endpoint passes user-controlled data `CompiledRule::validateExpession` allowing authenticated (non-admin) users to execute arbitrary system commands on the underlaying operating system. In addition, there is a missing authorization check since `Authorizer.authorize()` is never called in the affected path and therefore any authenticated non-admin user is able to trigger this endpoint and evaluate arbitrary SpEL expressions leading to arbitrary command execution. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query and is also tracked as `GHSL-2023-236`. This issue may lead to Remote Code Execution and has been resolved in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-28848
Source : security-advisories@github.com
CVSS Score : 8.8

References :
https://codeql.github.com/codeql-query-help/java/java-spel-expression-injection | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-service/src/main/java/org/openmetadata/service/security/policyevaluator/CompiledRule.java#L51 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-service/src/main/java/org/openmetadata/service/security/policyevaluator/CompiledRule.java#L57 | source : security-advisories@github.com
https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-5xv3-fm7g-865r | source : security-advisories@github.com

Vulnerability : CWE-94

Vulnerability ID : CVE-2023-41334

First published on : 18-03-2024 19:15:05
Last modified on : 18-03-2024 19:40:00

Description :
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the `TranformGraph().to_dot_graph` function. A malicious user can provide a command or a script file as a value to the `savelayout` argument, which will be placed as the first value in a list of arguments passed to `subprocess.Popen`. Although an error will be raised, the command or script will be executed successfully. Version 5.3.3 fixes this issue.

CVE ID : CVE-2023-41334
Source : security-advisories@github.com
CVSS Score : 8.4

References :
https://github.com/astropy/astropy/blob/9b97d98802ee4f5350a62b681c35d8687ee81d91/astropy/coordinates/transformations.py#L539 | source : security-advisories@github.com
https://github.com/astropy/astropy/commit/22057d37b1313f5f5a9b5783df0a091d978dccb5 | source : security-advisories@github.com
https://github.com/astropy/astropy/security/advisories/GHSA-h2x6-5jx5-46hf | source : security-advisories@github.com

Vulnerability : CWE-77

Vulnerability ID : CVE-2024-28855

First published on : 18-03-2024 22:15:08
Last modified on : 18-03-2024 22:15:08

Description :
ZITADEL, open source authentication management software, uses Go templates to render the login UI. Due to a improper use of the `text/template` instead of the `html/template` package, the Login UI did not sanitize input parameters prior to versions 2.47.3, 2.46.1, 2.45.1, 2.44.3, 2.43.9, 2.42.15, and 2.41.15. An attacker could create a malicious link, where he injected code which would be rendered as part of the login screen. While it was possible to inject HTML including JavaScript, the execution of such scripts would be prevented by the Content Security Policy. Versions 2.47.3, 2.46.1, 2.45.1, 2.44.3, 2.43.9, 2.42.15, and 2.41.15 contain a patch for this issue. No known workarounds are available.

CVE ID : CVE-2024-28855
Source : security-advisories@github.com
CVSS Score : 8.1

Vulnerability : CWE-20

Vulnerability ID : CVE-2024-23333

First published on : 18-03-2024 21:15:06
Last modified on : 18-03-2024 21:15:06

Description :
LDAP Account Manager (LAM) is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When the file is then accessed via web the code would be executed. The issue is mitigated by the following: An attacker needs to know LAM's master configuration password to be able to change the main settings; and the webserver needs write access to a directory that is accessible via web. LAM itself does not provide any such directories. The issue has been fixed in 8.7. As a workaround, limit access to LAM configuration pages to authorized users.

CVE ID : CVE-2024-23333
Source : security-advisories@github.com
CVSS Score : 7.9

References :
https://github.com/LDAPAccountManager/lam/releases/tag/8.7 | source : security-advisories@github.com
https://github.com/LDAPAccountManager/lam/security/advisories/GHSA-fm9w-7m7v-wxqv | source : security-advisories@github.com

Vulnerability : CWE-74

Vulnerability ID : CVE-2024-27096

First published on : 18-03-2024 17:15:06
Last modified on : 18-03-2024 19:40:00

Description :
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can exploit a SQL injection vulnerability in the search engine to extract data from the database. This issue has been patched in version 10.0.13.

CVE ID : CVE-2024-27096
Source : security-advisories@github.com
CVSS Score : 7.7

References :
https://github.com/glpi-project/glpi/commit/61a0c2302b4f633f5065358adc36058e1abc37f9 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/releases/tag/10.0.13 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-2x8m-vrcm-2jqv | source : security-advisories@github.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-28252

First published on : 15-03-2024 19:15:07
Last modified on : 17-03-2024 22:38:29

Description :
CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. If you have a NetFraming based CoreWCF service, extra system resources could be consumed by connections being left established instead of closing or aborting them. There are two scenarios when this can happen. When a client established a connection to the service and sends no data, the service will wait indefinitely for the client to initiate the NetFraming session handshake. Additionally, once a client has established a session, if the client doesn't send any requests for the period of time configured in the binding ReceiveTimeout, the connection is not properly closed as part of the session being aborted. The bindings affected by this behavior are NetTcpBinding, NetNamedPipeBinding, and UnixDomainSocketBinding. Only NetTcpBinding has the ability to accept non local connections. The currently supported versions of CoreWCF are v1.4.x and v1.5.x. The fix can be found in v1.4.2 and v1.5.3 of the CoreWCF packages. Users are advised to upgrade. There are no workarounds for this issue.

CVE ID : CVE-2024-28252
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/CoreWCF/CoreWCF/issues/1345 | source : security-advisories@github.com
https://github.com/CoreWCF/CoreWCF/security/advisories/GHSA-32jq-mv89-5rx7 | source : security-advisories@github.com

Vulnerability : CWE-404

Vulnerability ID : CVE-2024-28854

First published on : 15-03-2024 19:15:07
Last modified on : 17-03-2024 22:38:29

Description :
tls-listener is a rust lang wrapper around a connection listener to support TLS. With the default configuration of tls-listener, a malicious user can open 6.4 `TcpStream`s a second, sending 0 bytes, and can trigger a DoS. The default configuration options make any public service using `TlsListener::new()` vulnerable to a slow-loris DoS attack. This impacts any publicly accessible service using the default configuration of tls-listener in versions prior to 0.10.0. Users are advised to upgrade. Users unable to upgrade may mitigate this by passing a large value, such as `usize::MAX` as the parameter to `Builder::max_handshakes`.

CVE ID : CVE-2024-28854
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://en.wikipedia.org/wiki/Slowloris_(computer_security) | source : security-advisories@github.com
https://github.com/tmccombs/tls-listener/commit/d5a7655d6ea9e53ab57c3013092c5576da964bc4 | source : security-advisories@github.com
https://github.com/tmccombs/tls-listener/security/advisories/GHSA-2qph-qpvm-2qf7 | source : security-advisories@github.com

Vulnerability : CWE-400

Vulnerability ID : CVE-2024-21661

First published on : 18-03-2024 19:15:06
Last modified on : 18-03-2024 19:40:00

Description :
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service (DoS) attack, rendering the application inoperable and affecting all users. The issue arises from unsafe manipulation of an array in a multi-threaded environment. The vulnerability is rooted in the application's code, where an array is being modified while it is being iterated over. This is a classic programming error but becomes critically unsafe when executed in a multi-threaded environment. When two threads interact with the same array simultaneously, the application crashes. This is a Denial of Service (DoS) vulnerability. Any attacker can crash the application continuously, making it impossible for legitimate users to access the service. The issue is exacerbated because it does not require authentication, widening the pool of potential attackers. Versions 2.8.13, 2.9.9, and 2.10.4 contain a patch for this issue.

CVE ID : CVE-2024-21661
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311 | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/commit/2a22e19e06aaf6a1e734443043310a66c234e345 | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/commit/5bbb51ab423f273dda74ab956469843d2db2e208 | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/commit/ce04dc5c6f6e92033221ec6d96b74403b065ca8b | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7 | source : security-advisories@github.com

Vulnerability : CWE-787

Vulnerability ID : CVE-2024-21662

First published on : 18-03-2024 19:15:06
Last modified on : 18-03-2024 19:40:00

Description :
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can effectively bypass the rate limit and brute force protections by exploiting the application's weak cache-based mechanism. This loophole in security can be combined with other vulnerabilities to attack the default admin account. This flaw undermines a patch for CVE-2020-8827 intended to protect against brute-force attacks. The application's brute force protection relies on a cache mechanism that tracks login attempts for each user. This cache is limited to a `defaultMaxCacheSize` of 1000 entries. An attacker can overflow this cache by bombarding it with login attempts for different users, thereby pushing out the admin account's failed attempts and effectively resetting the rate limit for that account. This is a severe vulnerability that enables attackers to perform brute force attacks at an accelerated rate, especially targeting the default admin account. Users should upgrade to version 2.8.13, 2.9.9, or 2.10.4 to receive a patch.

CVE ID : CVE-2024-21662
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://argo-cd.readthedocs.io/en/stable/security_considerations/#cve-2020-8827-insufficient-anti-automationanti-brute-force | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/commit/17b0df1168a4c535f6f37e95f25ed7cd81e1fa4d | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/commit/6e181d72b31522f886a2afa029d5b26d7912ec7b | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/commit/cebb6538f7944c87ca2fecb5d17f8baacc431456 | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/security/advisories/GHSA-2vgg-9h6w-m454 | source : security-advisories@github.com

Vulnerability : CWE-307

Vulnerability ID : CVE-2024-28865

First published on : 18-03-2024 22:15:09
Last modified on : 18-03-2024 22:15:09

Description :
django-wiki is a wiki system for Django. Installations of django-wiki prior to version 0.10.1 are vulnerable to maliciously crafted article content that can cause severe use of server CPU through a regular expression loop. Version 0.10.1 fixes this issue. As a workaround, close off access to create and edit articles by anonymous users.

CVE ID : CVE-2024-28865
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/django-wiki/django-wiki/commit/8e280fd6c0bd27ce847c67b2d216c6cbf920f88c | source : security-advisories@github.com
https://github.com/django-wiki/django-wiki/security/advisories/GHSA-wj85-w4f4-xh8h | source : security-advisories@github.com

Vulnerability : CWE-1333

Vulnerability ID : CVE-2024-27920

First published on : 15-03-2024 20:15:09
Last modified on : 17-03-2024 22:38:29

Description :
projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This advisory outlines the impacted users, provides details on the security patch, and suggests mitigation strategies. The vulnerability is addressed in Nuclei v3.2.0. Users are strongly recommended to update to this version to mitigate the security risk. Users should refrain from using custom workflows if unable to upgrade immediately. Only trusted, verified workflows should be executed.

CVE ID : CVE-2024-27920
Source : security-advisories@github.com
CVSS Score : 7.4

References :
https://docs.projectdiscovery.io/templates/protocols/code | source : security-advisories@github.com
https://docs.projectdiscovery.io/templates/reference/template-signing | source : security-advisories@github.com
https://docs.projectdiscovery.io/templates/workflows/overview | source : security-advisories@github.com
https://github.com/projectdiscovery/nuclei/pull/4822 | source : security-advisories@github.com
https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-w5wx-6g2r-r78q | source : security-advisories@github.com

Vulnerability : CWE-78

Vulnerability ID : CVE-2024-28248

First published on : 18-03-2024 22:15:08
Last modified on : 18-03-2024 22:15:08

Description :
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. This issue has been patched in Cilium 1.15.2, 1.14.8, and 1.13.13. There are no known workarounds for this issue.

CVE ID : CVE-2024-28248
Source : security-advisories@github.com
CVSS Score : 7.2

References :
https://docs.cilium.io/en/stable/security/policy/language/#http | source : security-advisories@github.com
https://github.com/cilium/cilium/releases/tag/v1.13.13 | source : security-advisories@github.com
https://github.com/cilium/cilium/releases/tag/v1.14.8 | source : security-advisories@github.com
https://github.com/cilium/cilium/releases/tag/v1.15.2 | source : security-advisories@github.com
https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85 | source : security-advisories@github.com

Vulnerability : CWE-693

Source : patchstack.com

Vulnerability ID : CVE-2023-51474

First published on : 16-03-2024 02:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu TerraClassifieds.This issue affects TerraClassifieds: from n/a through 2.0.3.

CVE ID : CVE-2023-51474
Source : audit@patchstack.com
CVSS Score : 8.8

References :
https://patchstack.com/database/vulnerability/terraclassifieds/wordpress-terraclassifieds-plugin-2-0-3-cross-site-request-forgery-csrf-to-account-takeover-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2024-27987

First published on : 15-03-2024 11:15:09
Last modified on : 15-03-2024 12:53:06

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GiveWP Give allows Reflected XSS.This issue affects Give: from n/a through 3.3.1.

CVE ID : CVE-2024-27987
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/give/wordpress-give-plugin-3-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-25921

First published on : 15-03-2024 13:15:07
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Concerted Action Action Network allows Reflected XSS.This issue affects Action Network: from n/a through 1.4.2.

CVE ID : CVE-2024-25921
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/wp-action-network/wordpress-action-network-plugin-1-4-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27192

First published on : 15-03-2024 13:15:08
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Configure SMTP allows Reflected XSS.This issue affects Configure SMTP: from n/a through 3.1.

CVE ID : CVE-2024-27192
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/configure-smtp/wordpress-configure-smtp-plugin-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27193

First published on : 15-03-2024 13:15:09
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PayU PayU India allows Reflected XSS.This issue affects PayU India: from n/a through 3.8.2.

CVE ID : CVE-2024-27193
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/payu-india/wordpress-payu-india-plugin-3-8-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27196

First published on : 15-03-2024 13:15:09
Last modified on : 15-03-2024 16:26:49

Description :
Cross Site Scripting (XSS) vulnerability in Joel Starnes postMash – custom post order allows Reflected XSS.This issue affects postMash – custom post order: from n/a through 1.2.0.

CVE ID : CVE-2024-27196
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/postmash/wordpress-postmash-custom-post-order-plugin-1-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-25597

First published on : 15-03-2024 14:15:08
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Etoile Web Design Ultimate Reviews allows Stored XSS.This issue affects Ultimate Reviews: from n/a through 3.2.8.

CVE ID : CVE-2024-25597
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/ultimate-reviews/wordpress-ultimate-reviews-plugin-3-2-8-unauthenticated-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27194

First published on : 16-03-2024 02:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Andrei Ivasiuc Fontific | Google Fonts allows Stored XSS.This issue affects Fontific | Google Fonts: from n/a through 0.1.6.

CVE ID : CVE-2024-27194
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/fontific/wordpress-fontific-plugin-0-1-6-csrf-to-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2024-27195

First published on : 16-03-2024 02:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Sandi Verdev Watermark RELOADED allows Stored XSS.This issue affects Watermark RELOADED: from n/a through 1.3.5.

CVE ID : CVE-2024-27195
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/watermark-reloaded/wordpress-watermark-reloaded-plugin-1-3-5-csrf-to-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2024-27197

First published on : 16-03-2024 02:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Bee BeePress allows Stored XSS.This issue affects BeePress: from n/a through 6.9.8.

CVE ID : CVE-2024-27197
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/beepress/wordpress-beepress-plugin-6-9-8-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2024-27958

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Visualizer allows Reflected XSS.This issue affects Visualizer: from n/a through 3.10.5.

CVE ID : CVE-2024-27958
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-plugin-3-10-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27959

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management: from n/a through 4.2.9.

CVE ID : CVE-2024-27959
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/woosquare/wordpress-apiexperts-square-for-woocommerce-plugin-4-2-9-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27960

First published on : 17-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Email Subscription Popup allows Stored XSS.This issue affects Email Subscription Popup: from n/a through 1.2.20.

CVE ID : CVE-2024-27960
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/email-subscribe/wordpress-email-subscription-popup-plugin-1-2-20-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27961

First published on : 17-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0.

CVE ID : CVE-2024-27961
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/cf7-antispam/wordpress-antispam-for-contact-form-7-plugin-0-6-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Source : cyber.gov.il

Vulnerability ID : CVE-2024-27769

First published on : 18-03-2024 14:15:08
Last modified on : 18-03-2024 19:40:00

Description :
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor may allow Taking Ownership Over Devices

CVE ID : CVE-2024-27769
Source : cna@cyber.gov.il
CVSS Score : 8.8

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-27770

First published on : 18-03-2024 14:15:08
Last modified on : 18-03-2024 19:40:00

Description :
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal

CVE ID : CVE-2024-27770
Source : cna@cyber.gov.il
CVSS Score : 8.8

Vulnerability : CWE-23

Vulnerability ID : CVE-2024-27771

First published on : 18-03-2024 14:15:08
Last modified on : 18-03-2024 19:40:00

Description :
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE

CVE ID : CVE-2024-27771
Source : cna@cyber.gov.il
CVSS Score : 8.8

Vulnerability : CWE-22

Vulnerability ID : CVE-2024-27772

First published on : 18-03-2024 14:15:09
Last modified on : 18-03-2024 19:40:00

Description :
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow RCE

CVE ID : CVE-2024-27772
Source : cna@cyber.gov.il
CVSS Score : 8.8

Vulnerability : CWE-78

Vulnerability ID : CVE-2024-27773

First published on : 18-03-2024 14:15:09
Last modified on : 18-03-2024 19:40:00

Description :
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow RCE

CVE ID : CVE-2024-27773
Source : cna@cyber.gov.il
CVSS Score : 8.8

Vulnerability : CWE-348

Vulnerability ID : CVE-2024-27774

First published on : 18-03-2024 14:15:09
Last modified on : 18-03-2024 19:40:00

Description :
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware

CVE ID : CVE-2024-27774
Source : cna@cyber.gov.il
CVSS Score : 7.5

Vulnerability : CWE-259

Source : zephyrproject.org

Vulnerability ID : CVE-2023-7060

First published on : 15-03-2024 19:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Zephyr OS IP packet handling does not properly drop IP packets arriving on an external interface with a source address equal to 127.0.01 or the destination address.

CVE ID : CVE-2023-7060
Source : vulnerabilities@zephyrproject.org
CVSS Score : 8.6

References :
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fjc8-223c-qgqr | source : vulnerabilities@zephyrproject.org

Source : redhat.com

Vulnerability ID : CVE-2024-1753

First published on : 18-03-2024 15:15:41
Last modified on : 18-03-2024 19:40:00

Description :
A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.

CVE ID : CVE-2024-1753
Source : secalert@redhat.com
CVSS Score : 8.6

References :
https://access.redhat.com/security/cve/CVE-2024-1753 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2265513 | source : secalert@redhat.com
https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf | source : secalert@redhat.com
https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3 | source : secalert@redhat.com

Vulnerability : CWE-269

Vulnerability ID : CVE-2024-2002

First published on : 18-03-2024 13:15:07
Last modified on : 18-03-2024 19:40:00

Description :
A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.

CVE ID : CVE-2024-2002
Source : secalert@redhat.com
CVSS Score : 7.5

References :
https://access.redhat.com/security/cve/CVE-2024-2002 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2267700 | source : secalert@redhat.com
https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt | source : secalert@redhat.com

Vulnerability : CWE-415

Vulnerability ID : CVE-2024-1013

First published on : 18-03-2024 11:15:09
Last modified on : 18-03-2024 12:38:25

Description :
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.

CVE ID : CVE-2024-1013
Source : secalert@redhat.com
CVSS Score : 7.1

References :
https://access.redhat.com/security/cve/CVE-2024-1013 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2260823 | source : secalert@redhat.com
https://github.com/lurcher/unixODBC/pull/157 | source : secalert@redhat.com

Vulnerability : CWE-823

Source : adobe.com

Vulnerability ID : CVE-2024-20767

First published on : 18-03-2024 12:15:06
Last modified on : 18-03-2024 12:38:25

Description :
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction.

CVE ID : CVE-2024-20767
Source : psirt@adobe.com
CVSS Score : 8.2

References :
https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html | source : psirt@adobe.com

Vulnerability : CWE-284

Vulnerability ID : CVE-2024-20745

First published on : 18-03-2024 15:15:41
Last modified on : 18-03-2024 19:40:00

Description :
Premiere Pro versions 24.1, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2024-20745
Source : psirt@adobe.com
CVSS Score : 7.8

References :
https://helpx.adobe.com/security/products/premiere_pro/apsb24-12.html | source : psirt@adobe.com

Vulnerability : CWE-122

Vulnerability ID : CVE-2024-20746

First published on : 18-03-2024 15:15:41
Last modified on : 18-03-2024 19:40:00

Description :
Premiere Pro versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2024-20746
Source : psirt@adobe.com
CVSS Score : 7.8

References :
https://helpx.adobe.com/security/products/premiere_pro/apsb24-12.html | source : psirt@adobe.com

Vulnerability : CWE-787

Vulnerability ID : CVE-2024-20752

First published on : 18-03-2024 16:15:07
Last modified on : 18-03-2024 19:40:00

Description :
Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2024-20752
Source : psirt@adobe.com
CVSS Score : 7.8

References :
https://helpx.adobe.com/security/products/bridge/apsb24-15.html | source : psirt@adobe.com

Vulnerability : CWE-416

Vulnerability ID : CVE-2024-20755

First published on : 18-03-2024 16:15:07
Last modified on : 18-03-2024 19:40:00

Description :
Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2024-20755
Source : psirt@adobe.com
CVSS Score : 7.8

References :
https://helpx.adobe.com/security/products/bridge/apsb24-15.html | source : psirt@adobe.com

Vulnerability : CWE-122

Vulnerability ID : CVE-2024-20756

First published on : 18-03-2024 16:15:07
Last modified on : 18-03-2024 19:40:00

Description :
Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2024-20756
Source : psirt@adobe.com
CVSS Score : 7.8

References :
https://helpx.adobe.com/security/products/bridge/apsb24-15.html | source : psirt@adobe.com

Vulnerability : CWE-787

Vulnerability ID : CVE-2024-20761

First published on : 18-03-2024 18:15:08
Last modified on : 18-03-2024 19:40:00

Description :
Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2024-20761
Source : psirt@adobe.com
CVSS Score : 7.8

References :
https://helpx.adobe.com/security/products/animate/apsb24-19.html | source : psirt@adobe.com

Vulnerability : CWE-787

Vulnerability ID : CVE-2024-20754

First published on : 18-03-2024 18:15:07
Last modified on : 18-03-2024 19:40:00

Description :
Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2024-20754
Source : psirt@adobe.com
CVSS Score : 7.5

References :
https://helpx.adobe.com/security/products/lightroom/apsb24-17.html | source : psirt@adobe.com

Vulnerability : CWE-426

Source : incibe.es

Vulnerability ID : CVE-2024-2584

First published on : 18-03-2024 14:15:10
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

CVE ID : CVE-2024-2584
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2585

First published on : 18-03-2024 14:15:10
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send_2.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

CVE ID : CVE-2024-2585
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2586

First published on : 18-03-2024 14:15:10
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

CVE ID : CVE-2024-2586
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2587

First published on : 18-03-2024 14:15:10
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_khet_person.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

CVE ID : CVE-2024-2587
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2588

First published on : 18-03-2024 14:15:10
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/admin/index.php, in the 'id' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

CVE ID : CVE-2024-2588
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2589

First published on : 18-03-2024 14:15:11
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_school_person.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

CVE ID : CVE-2024-2589
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2590

First published on : 18-03-2024 14:15:11
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/mail/main/select_send.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

CVE ID : CVE-2024-2590
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2591

First published on : 18-03-2024 14:15:11
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_group.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

CVE ID : CVE-2024-2591
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2592

First published on : 18-03-2024 14:15:11
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/person/pic_show.php, in the 'person_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

CVE ID : CVE-2024-2592
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2593

First published on : 18-03-2024 14:15:12
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/book/main/bookdetail_group.php, in the 'b_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.

CVE ID : CVE-2024-2593
Source : cve-coordination@incibe.es
CVSS Score : 7.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2594

First published on : 18-03-2024 14:15:12
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/admin/index.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.

CVE ID : CVE-2024-2594
Source : cve-coordination@incibe.es
CVSS Score : 7.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2595

First published on : 18-03-2024 14:15:12
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/book/main/bookdetail_khet_person.php, in the 'b_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.

CVE ID : CVE-2024-2595
Source : cve-coordination@incibe.es
CVSS Score : 7.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2596

First published on : 18-03-2024 14:15:12
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/mail/main/select_send.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.

CVE ID : CVE-2024-2596
Source : cve-coordination@incibe.es
CVSS Score : 7.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2597

First published on : 18-03-2024 14:15:13
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/book/main/bookdetail_school_person.php, in the 'b_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.

CVE ID : CVE-2024-2597
Source : cve-coordination@incibe.es
CVSS Score : 7.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2598

First published on : 18-03-2024 14:15:13
Last modified on : 18-03-2024 19:40:00

Description :
Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/book/main/select_send_2.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.

CVE ID : CVE-2024-2598
Source : cve-coordination@incibe.es
CVSS Score : 7.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss | source : cve-coordination@incibe.es

Vulnerability : CWE-79

Source : vmware.com

Vulnerability ID : CVE-2024-22257

First published on : 18-03-2024 15:15:41
Last modified on : 18-03-2024 19:40:00

Description :
In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, versions 6.2.x prior to 6.2.3, an application is possible vulnerable to broken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.

CVE ID : CVE-2024-22257
Source : security@vmware.com
CVSS Score : 8.2

References :
https://spring.io/security/cve-2024-22257 | source : security@vmware.com

Vulnerability ID : CVE-2024-22259

First published on : 16-03-2024 05:15:20
Last modified on : 17-03-2024 22:38:29

Description :
Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.

CVE ID : CVE-2024-22259
Source : security@vmware.com
CVSS Score : 8.1

References :
https://spring.io/security/cve-2024-22259 | source : security@vmware.com

Source : se.com

Vulnerability ID : CVE-2024-2050

First published on : 18-03-2024 16:15:08
Last modified on : 18-03-2024 19:40:00

Description :
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists when an attacker injects then executes arbitrary malicious JavaScript code within the context of the product.

CVE ID : CVE-2024-2050
Source : cybersecurity@se.com
CVSS Score : 8.2

References :
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-072-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-072-01.pdf | source : cybersecurity@se.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2229

First published on : 18-03-2024 16:15:09
Last modified on : 18-03-2024 19:40:00

Description :
CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution when a malicious project file is loaded into the application by a valid user.

CVE ID : CVE-2024-2229
Source : cybersecurity@se.com
CVSS Score : 7.8

References :
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-072-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-072-02.pdf | source : cybersecurity@se.com

Vulnerability : CWE-502

Vulnerability ID : CVE-2024-2052

First published on : 18-03-2024 16:15:09
Last modified on : 18-03-2024 19:40:00

Description :
CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could allow unauthenticated files and logs exfiltration and download of files when an attacker modifies the URL to download to a different location.

CVE ID : CVE-2024-2052
Source : cybersecurity@se.com
CVSS Score : 7.5

References :
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-072-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-072-01.pdf | source : cybersecurity@se.com

Vulnerability : CWE-552

Source : tenable.com

Vulnerability ID : CVE-2024-2390

First published on : 18-03-2024 16:15:09
Last modified on : 18-03-2024 19:40:00

Description :
As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.

CVE ID : CVE-2024-2390
Source : vulnreport@tenable.com
CVSS Score : 7.8

References :
https://www.tenable.com/security/tns-2024-05 | source : vulnreport@tenable.com

Vulnerability : CWE-269

Source : mitre.org

Vulnerability ID : CVE-2024-29154

First published on : 18-03-2024 06:15:06
Last modified on : 18-03-2024 12:38:25

Description :
danielmiessler fabric through 1.3.0 allows installer/client/gui/static/js/index.js XSS because of innerHTML mishandling, such as in htmlToPlainText.

CVE ID : CVE-2024-29154
Source : cve@mitre.org
CVSS Score : 7.4

References :
https://sec1.io/security-advisories/cross-site-scripting-xss/ | source : cve@mitre.org

(150) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : redhat.com

Vulnerability ID : CVE-2023-6725

First published on : 15-03-2024 13:15:06
Last modified on : 15-03-2024 16:26:49

Description :
An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information.

CVE ID : CVE-2023-6725
Source : secalert@redhat.com
CVSS Score : 6.6

References :
https://access.redhat.com/security/cve/CVE-2023-6725 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2249273 | source : secalert@redhat.com

Vulnerability : CWE-1220

Vulnerability ID : CVE-2023-7250

First published on : 18-03-2024 13:15:06
Last modified on : 18-03-2024 19:40:00

Description :
A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.

CVE ID : CVE-2023-7250
Source : secalert@redhat.com
CVSS Score : 5.3

References :
https://access.redhat.com/security/cve/CVE-2023-7250 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2244707 | source : secalert@redhat.com

Vulnerability : CWE-183

Vulnerability ID : CVE-2024-2496

First published on : 18-03-2024 13:15:08
Last modified on : 18-03-2024 19:40:00

Description :
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.

CVE ID : CVE-2024-2496
Source : secalert@redhat.com
CVSS Score : 5.0

References :
https://access.redhat.com/security/cve/CVE-2024-2496 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2269672 | source : secalert@redhat.com

Vulnerability : CWE-476

Source : cert.pl

Vulnerability ID : CVE-2024-1605

First published on : 18-03-2024 10:15:20
Last modified on : 18-03-2024 12:38:25

Description :
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute with the application's privileges. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.201.

CVE ID : CVE-2024-1605
Source : cvd@cert.pl
CVSS Score : 6.6

References :
https://cert.pl/en/posts/2024/03/CVE-2024-1604 | source : cvd@cert.pl
https://cert.pl/posts/2024/03/CVE-2024-1604 | source : cvd@cert.pl
https://www.bmc.com/it-solutions/control-m.html | source : cvd@cert.pl

Vulnerability : CWE-284

Vulnerability ID : CVE-2024-1604

First published on : 18-03-2024 10:15:19
Last modified on : 18-03-2024 12:38:25

Description :
Improper authorization in the report management and creation module of BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users to read and make unauthorized changes to any reports available within the application, even without proper permissions. The attacker must know the unique identifier of the report they want to manipulate. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.201.

CVE ID : CVE-2024-1604
Source : cvd@cert.pl
CVSS Score : 6.4

Vulnerability : CWE-863

Vulnerability ID : CVE-2024-1606

First published on : 18-03-2024 10:15:20
Last modified on : 18-03-2024 12:38:25

Description :
Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users for manipulation of generated web pages via injection of HTML code. This might lead to a successful phishing attack for example by tricking users into using a hyperlink pointing to a website controlled by an attacker. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.200.

CVE ID : CVE-2024-1606
Source : cvd@cert.pl
CVSS Score : 4.6

Vulnerability : CWE-80

Source : vuldb.com

Vulnerability ID : CVE-2024-2481

First published on : 15-03-2024 06:15:11
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability, which was classified as critical, was found in Surya2Developer Hostel Management System 1.0. Affected is an unknown function of the file /admin/manage-students.php. The manipulation of the argument del leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-256890 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-2481
Source : cna@vuldb.com
CVSS Score : 6.5

References :
https://github.com/blackslim3/cve_sidequest/blob/main/poc/Broken_Access_Control%20on%20Hostel%20Management%20System%20using%20PHP%20and%20MySQL%201.0.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256890 | source : cna@vuldb.com
https://vuldb.com/?id.256890 | source : cna@vuldb.com

Vulnerability : CWE-284

Vulnerability ID : CVE-2024-2478

First published on : 15-03-2024 06:15:09
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability was found in BradWenqiang HR 2.0. It has been rated as critical. Affected by this issue is the function selectAll of the file /bishe/register of the component Background Management. The manipulation of the argument userName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-256886 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2478
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/zuizui35/cve/blob/main/cve.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256886 | source : cna@vuldb.com
https://vuldb.com/?id.256886 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2480

First published on : 15-03-2024 06:15:10
Last modified on : 16-03-2024 22:15:07

Description :
A vulnerability classified as critical was found in MHA Sistemas arMHAzena 9.6.0.0. This vulnerability affects unknown code of the component Executa Page. The manipulation of the argument Companhia/Planta/Agente de/Agente até leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256888. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2480
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://johnermac.github.io/cve/sqli/ | source : cna@vuldb.com
https://vuldb.com/?ctiid.256888 | source : cna@vuldb.com
https://vuldb.com/?id.256888 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2516

First published on : 16-03-2024 12:15:14
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as critical, was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This affects an unknown part of the file home.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256953 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2516
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Blind%20SQL%20Injection%20-%20home.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256953 | source : cna@vuldb.com
https://vuldb.com/?id.256953 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2517

First published on : 16-03-2024 12:15:15
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as critical. This vulnerability affects unknown code of the file book_history.php. The manipulation of the argument del_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-256954 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2517
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Blind%20SQL%20Injection%20-%20book_history.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256954 | source : cna@vuldb.com
https://vuldb.com/?id.256954 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2520

First published on : 16-03-2024 16:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/bookdate.php. The manipulation of the argument room_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256957 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2520
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20bookdate.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256957 | source : cna@vuldb.com
https://vuldb.com/?id.256957 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2522

First published on : 16-03-2024 17:15:05
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability classified as critical has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This affects an unknown part of the file /admin/booktime.php. The manipulation of the argument room_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256959. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2522
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20booktime.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256959 | source : cna@vuldb.com
https://vuldb.com/?id.256959 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2524

First published on : 16-03-2024 18:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as critical, has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This issue affects some unknown processing of the file /admin/receipt.php. The manipulation of the argument room_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256961 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2524
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20receipt.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256961 | source : cna@vuldb.com
https://vuldb.com/?id.256961 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2527

First published on : 16-03-2024 19:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/rooms.php. The manipulation of the argument room_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256964. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2527
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20rooms.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256964 | source : cna@vuldb.com
https://vuldb.com/?id.256964 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2528

First published on : 16-03-2024 20:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/update-rooms.php. The manipulation of the argument room_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256965 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2528
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20update-rooms.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256965 | source : cna@vuldb.com
https://vuldb.com/?id.256965 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2529

First published on : 16-03-2024 20:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/rooms.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-256966 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2529
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Arbitrary%20File%20Upload%20-%20rooms.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256966 | source : cna@vuldb.com
https://vuldb.com/?id.256966 | source : cna@vuldb.com

Vulnerability : CWE-434

Vulnerability ID : CVE-2024-2531

First published on : 16-03-2024 22:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability classified as critical has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected is an unknown function of the file /admin/update-rooms.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256968. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2531
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Arbitrary%20File%20Upload%20-%20update-rooms.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256968 | source : cna@vuldb.com
https://vuldb.com/?id.256968 | source : cna@vuldb.com

Vulnerability : CWE-434

Vulnerability ID : CVE-2024-2532

First published on : 16-03-2024 22:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability classified as critical was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/update-users.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256969 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2532
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20update-users.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256969 | source : cna@vuldb.com
https://vuldb.com/?id.256969 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2534

First published on : 17-03-2024 00:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as critical, was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This affects an unknown part of the file /admin/users.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256971. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2534
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20users.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256971 | source : cna@vuldb.com
https://vuldb.com/?id.256971 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2554

First published on : 17-03-2024 05:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file update-employee.php. The manipulation of the argument admin_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257053 was assigned to this vulnerability.

CVE ID : CVE-2024-2554
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#3sql-injection-vulnerability-in-update-employeephp | source : cna@vuldb.com
https://vuldb.com/?ctiid.257053 | source : cna@vuldb.com
https://vuldb.com/?id.257053 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2555

First published on : 17-03-2024 07:15:05
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update-admin.php. The manipulation of the argument admin_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257054 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-2555
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-update-adminphp | source : cna@vuldb.com
https://vuldb.com/?ctiid.257054 | source : cna@vuldb.com
https://vuldb.com/?id.257054 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2556

First published on : 17-03-2024 08:15:05
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257055.

CVE ID : CVE-2024-2556
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/tht1997/WhiteBox/blob/main/sourcecodesters/employee-management-system-php-attendance-info.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257055 | source : cna@vuldb.com
https://vuldb.com/?id.257055 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2561

First published on : 17-03-2024 11:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as critical, has been found in 74CMS 3.28.0. Affected by this issue is the function sendCompanyLogo of the file /controller/company/Index.php#sendCompanyLogo of the component Company Logo Handler. The manipulation of the argument imgBase64 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257060.

CVE ID : CVE-2024-2561
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://gist.github.com/Southseast/9f5284d8ee0f6d91e72eef73b285512a | source : cna@vuldb.com
https://vuldb.com/?ctiid.257060 | source : cna@vuldb.com
https://vuldb.com/?id.257060 | source : cna@vuldb.com

Vulnerability : CWE-434

Vulnerability ID : CVE-2024-2562

First published on : 17-03-2024 12:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as critical, was found in PandaXGO PandaX up to 20240310. This affects the function InsertRole of the file /apps/system/services/role_menu.go. The manipulation of the argument roleKey leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257061 was assigned to this vulnerability.

CVE ID : CVE-2024-2562
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/PandaXGO/PandaX/issues/4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.257061 | source : cna@vuldb.com
https://vuldb.com/?id.257061 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2564

First published on : 17-03-2024 14:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in PandaXGO PandaX up to 20240310 and classified as critical. This issue affects the function ExportUser of the file /apps/system/api/user.go. The manipulation of the argument filename leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257063.

CVE ID : CVE-2024-2564
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/PandaXGO/PandaX/issues/6 | source : cna@vuldb.com
https://vuldb.com/?ctiid.257063 | source : cna@vuldb.com
https://vuldb.com/?id.257063 | source : cna@vuldb.com

Vulnerability : CWE-24

Vulnerability ID : CVE-2024-2565

First published on : 17-03-2024 15:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in PandaXGO PandaX up to 20240310. It has been classified as critical. Affected is an unknown function of the file /apps/system/router/upload.go of the component File Extension Handler. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257064.

CVE ID : CVE-2024-2565
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/PandaXGO/PandaX/issues/5 | source : cna@vuldb.com
https://vuldb.com/?ctiid.257064 | source : cna@vuldb.com
https://vuldb.com/?id.257064 | source : cna@vuldb.com

Vulnerability : CWE-434

Vulnerability ID : CVE-2024-2604

First published on : 18-03-2024 21:15:06
Last modified on : 18-03-2024 21:15:06

Description :
A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257182 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-2604
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20File%20Manager%20App/Arbitrary%20File%20Upload%20-%20update-file.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257182 | source : cna@vuldb.com
https://vuldb.com/?id.257182 | source : cna@vuldb.com

Vulnerability : CWE-434

Vulnerability ID : CVE-2024-2563

First published on : 17-03-2024 12:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in PandaXGO PandaX up to 20240310 and classified as critical. This vulnerability affects the function DeleteImage of the file /apps/system/router/upload.go. The manipulation of the argument fileName with the input ../../../../../../../../../tmp/1.txt leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257062 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-2563
Source : cna@vuldb.com
CVSS Score : 5.4

References :
https://github.com/PandaXGO/PandaX/pull/3 | source : cna@vuldb.com
https://vuldb.com/?ctiid.257062 | source : cna@vuldb.com
https://vuldb.com/?id.257062 | source : cna@vuldb.com

Vulnerability : CWE-24

Vulnerability ID : CVE-2024-2557

First published on : 17-03-2024 09:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/admin.php. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257056. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2557
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://github.com/vanitashtml/CVE-Dumps/blob/main/Execute%20After%20Redirect%20-%20Food%20Management%20System.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257056 | source : cna@vuldb.com
https://vuldb.com/?id.257056 | source : cna@vuldb.com

Vulnerability : CWE-285

Vulnerability ID : CVE-2024-2497

First published on : 15-03-2024 17:15:08
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2497
Source : cna@vuldb.com
CVSS Score : 4.7

References :
https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.256919 | source : cna@vuldb.com
https://vuldb.com/?id.256919 | source : cna@vuldb.com

Vulnerability : CWE-94

Vulnerability ID : CVE-2024-2568

First published on : 17-03-2024 23:15:05
Last modified on : 18-03-2024 01:13:31

Description :
A vulnerability has been found in heyewei JFinalCMS 5.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/div_data/delete?divId=9 of the component Custom Data Page. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257071.

CVE ID : CVE-2024-2568
Source : cna@vuldb.com
CVSS Score : 4.7

References :
https://github.com/bigbigbigbaby/cms/blob/main/5.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257071 | source : cna@vuldb.com
https://vuldb.com/?id.257071 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2483

First published on : 15-03-2024 07:15:11
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability, which was classified as problematic, has been found in Surya2Developer Hostel Management Service 1.0. This issue affects some unknown processing of the file /change-password.php of the component Password Change Handler. The manipulation of the argument oldpassword leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256889 was assigned to this vulnerability.

CVE ID : CVE-2024-2483
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/blackslim3/cve_sidequest/blob/main/poc/CSRF%20on%20Hostel%20Management%20System%20using%20PHP%20and%20MySQL%201.0.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256889 | source : cna@vuldb.com
https://vuldb.com/?id.256889 | source : cna@vuldb.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2024-2559

First published on : 17-03-2024 10:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257058 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2559
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromSysToolReboot.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257058 | source : cna@vuldb.com
https://vuldb.com/?id.257058 | source : cna@vuldb.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2024-2560

First published on : 17-03-2024 11:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257059. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2560
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromSysToolRestoreSet.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257059 | source : cna@vuldb.com
https://vuldb.com/?id.257059 | source : cna@vuldb.com

Vulnerability : CWE-352

Source : patchstack.com

Vulnerability ID : CVE-2024-25598

First published on : 15-03-2024 13:15:07
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.This issue affects Livemesh Addons for Elementor: from n/a through 8.3.

CVE ID : CVE-2024-25598
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/addons-for-elementor/wordpress-elementor-addons-by-livemesh-plugin-8-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-25916

First published on : 15-03-2024 13:15:07
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joseph C Dolson My Calendar allows Stored XSS.This issue affects My Calendar: from n/a through 3.4.23.

CVE ID : CVE-2024-25916
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/my-calendar/wordpress-my-calendar-plugin-3-4-23-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-25919

First published on : 15-03-2024 13:15:07
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.6.

CVE ID : CVE-2024-25919
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/custom-field-template/wordpress-custom-field-template-plugin-2-6-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-25934

First published on : 15-03-2024 13:15:08
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormFacade allows Stored XSS.This issue affects FormFacade: from n/a through 1.0.0.

CVE ID : CVE-2024-25934
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/formfacade/wordpress-formfacade-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-25936

First published on : 15-03-2024 13:15:08
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoundCloud Inc., Lawrie Malen SoundCloud Shortcode allows Stored XSS.This issue affects SoundCloud Shortcode: from n/a through 4.0.1.

CVE ID : CVE-2024-25936
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/soundcloud-shortcode/wordpress-soundcloud-shortcode-plugin-4-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27189

First published on : 15-03-2024 13:15:08
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a through 2.2.5.

CVE ID : CVE-2024-27189
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/wp-social-widget/wordpress-wp-social-widget-plugin-2-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-25593

First published on : 15-03-2024 14:15:07
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Stored XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.5.5.

CVE ID : CVE-2024-25593
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/nex-forms-express-wp-form-builder/wordpress-nex-forms-plugin-8-5-5-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-23523

First published on : 16-03-2024 05:15:21
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Elementor Pro.This issue affects Elementor Pro: from n/a through 3.19.2.

CVE ID : CVE-2024-23523
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/elementor-pro/wordpress-elementor-pro-plugin-3-19-2-contributor-arbitrary-user-meta-data-retrieval-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-25592

First published on : 15-03-2024 14:15:07
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV Broken Link Checker allows Stored XSS.This issue affects Broken Link Checker: from n/a through 2.2.3.

CVE ID : CVE-2024-25592
Source : audit@patchstack.com
CVSS Score : 5.9

References :
https://patchstack.com/database/vulnerability/broken-link-checker/wordpress-broken-link-checker-plugin-2-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-25596

First published on : 15-03-2024 14:15:07
Last modified on : 15-03-2024 16:26:49

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Doofinder Doofinder for WooCommerce allows Stored XSS.This issue affects Doofinder for WooCommerce: from n/a through 2.1.8.

CVE ID : CVE-2024-25596
Source : audit@patchstack.com
CVSS Score : 5.9

References :
https://patchstack.com/database/vulnerability/doofinder-for-woocommerce/wordpress-doofinder-for-woocommerce-plugin-2-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2023-50898

First published on : 15-03-2024 15:15:08
Last modified on : 15-03-2024 16:26:49

Description :
Missing Authorization vulnerability in sirv.Com Sirv.This issue affects Sirv: from n/a through 7.1.2.

CVE ID : CVE-2023-50898
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/sirv/wordpress-image-optimizer-resizer-and-cdn-sirv-plugin-7-1-2-broken-access-control-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-862

Vulnerability ID : CVE-2023-51489

First published on : 16-03-2024 01:15:49
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0.11.

CVE ID : CVE-2023-51489
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/polldaddy/wordpress-crowdsignal-polls-ratings-plugin-3-0-11-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2023-51491

First published on : 16-03-2024 01:15:49
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Averta Depicter Slider.This issue affects Depicter Slider: from n/a through 2.0.6.

CVE ID : CVE-2023-51491
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/depicter/wordpress-depicter-slider-plugin-2-0-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2023-51521

First published on : 16-03-2024 01:15:50
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.18.

CVE ID : CVE-2023-51521
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/quiz-master-next/wordpress-quiz-and-survey-master-plugin-8-1-18-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2023-51486

First published on : 16-03-2024 02:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in RedNao WooCommerce PDF Invoice Builder.This issue affects WooCommerce PDF Invoice Builder: from n/a through 1.2.101.

CVE ID : CVE-2023-51486
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/woo-pdf-invoice-builder/wordpress-woocommerce-pdf-invoice-builder-create-invoices-packing-slips-and-more-plugin-1-2-101-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2023-51487

First published on : 16-03-2024 02:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32.

CVE ID : CVE-2023-51487
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/ari-stream-quiz/wordpress-ari-stream-quiz-wordpress-quizzes-builder-plugin-1-2-32-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2024-24845

First published on : 16-03-2024 05:15:21
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sewpafly Post Thumbnail Editor.This issue affects Post Thumbnail Editor: from n/a through 2.4.8.

CVE ID : CVE-2024-24845
Source : audit@patchstack.com
CVSS Score : 5.3

References :
https://patchstack.com/database/vulnerability/post-thumbnail-editor/wordpress-post-thumbnail-editor-plugin-2-4-8-unauthenticated-sensitive-data-exposure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-24867

First published on : 17-03-2024 16:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 6.9.4.

CVE ID : CVE-2024-24867
Source : audit@patchstack.com
CVSS Score : 5.3

References :
https://patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-stats-manager-plugin-6-9-4-sensitive-data-exposure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-25933

First published on : 17-03-2024 16:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7.

CVE ID : CVE-2024-25933
Source : audit@patchstack.com
CVSS Score : 5.3

References :
https://patchstack.com/database/vulnerability/pepro-ultimate-invoice/wordpress-peprodev-ultimate-invoice-plugin-1-9-7-sensitive-data-exposure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-25591

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Benjamin Rojas WP Editor.This issue affects WP Editor: from n/a through 1.2.7.

CVE ID : CVE-2024-25591
Source : audit@patchstack.com
CVSS Score : 5.3

References :
https://patchstack.com/database/vulnerability/wp-editor/wordpress-wp-editor-plugin-1-2-7-sensitive-data-exposure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-25903

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.This issue affects Frontend File Manager: from n/a through 22.7.

CVE ID : CVE-2024-25903
Source : audit@patchstack.com
CVSS Score : 5.3

References :
https://patchstack.com/database/vulnerability/nmedia-user-file-uploader/wordpress-frontend-file-manager-plugin-plugin-22-7-sensitive-data-exposure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2023-50861

First published on : 15-03-2024 14:15:07
Last modified on : 15-03-2024 16:26:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY – Products Filter for WooCommerce (formerly WOOF).This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.4.3.

CVE ID : CVE-2023-50861
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/woocommerce-products-filter/wordpress-husky-plugin-1-3-4-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2023-50886

First published on : 15-03-2024 15:15:08
Last modified on : 15-03-2024 16:26:49

Description :
Cross-Site Request Forgery (CSRF), Incorrect Authorization vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.3.7.

CVE ID : CVE-2023-50886
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/legal-pages/wordpress-legal-pages-plugin-1-3-7-broken-access-control-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352
Vulnerability : CWE-863

Vulnerability ID : CVE-2023-51369

First published on : 15-03-2024 15:15:08
Last modified on : 15-03-2024 16:26:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in SysBasics Customize My Account for WooCommerce.This issue affects Customize My Account for WooCommerce: from n/a through 1.8.3.

CVE ID : CVE-2023-51369
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/customize-my-account-for-woocommerce/wordpress-customize-my-account-for-woocommerce-plugin-1-8-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2023-51522

First published on : 15-03-2024 15:15:08
Last modified on : 15-03-2024 16:26:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This issue affects Paid Member Subscriptions: from n/a through 2.10.4.

CVE ID : CVE-2023-51522
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/paid-member-subscriptions/wordpress-paid-membership-subscriptions-plugin-2-10-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2023-51407

First published on : 16-03-2024 01:15:48
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Rocket Elements Split Test For Elementor.This issue affects Split Test For Elementor: from n/a through 1.6.9.

CVE ID : CVE-2023-51407
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/split-test-for-elementor/wordpress-split-test-for-elementor-plugin-1-6-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2023-51510

First published on : 16-03-2024 01:15:49
Last modified on : 17-03-2024 22:38:29

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Atlas Gondal Export Media URLs.This issue affects Export Media URLs: from n/a through 1.0.

CVE ID : CVE-2023-51510
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/export-media-urls/wordpress-export-media-urls-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2023-51512

First published on : 16-03-2024 01:15:49
Last modified on : 17-03-2024 22:38:29

Description :
Cross Site Request Forgery (CSRF) vulnerability in WBW Product Table by WBW.This issue affects Product Table by WBW: from n/a through 1.8.6.

CVE ID : CVE-2023-51512
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/woo-product-tables/wordpress-product-table-by-wbw-plugin-1-8-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Source : github.com

Vulnerability ID : CVE-2024-27085

First published on : 15-03-2024 20:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Discourse is an open source platform for community discussion. In affected versions users that are allowed to invite others can inject arbitrarily large data in parameters used in the invite route. The problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should disable invites or restrict access to them using the `invite allowed groups` site setting.

CVE ID : CVE-2024-27085
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/discourse/discourse/commit/62ea382247c1f87361d186392c45ca74c83be295 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-cvp5-h7p8-mjj6 | source : security-advisories@github.com

Vulnerability : CWE-400

Vulnerability ID : CVE-2024-27100

First published on : 15-03-2024 20:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could render an instance inoperable. A site could be disrupted by either a malicious moderator on the same site or a malicious staff member on another site in the same multisite cluster. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-27100
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc | source : security-advisories@github.com

Vulnerability : CWE-400

Vulnerability ID : CVE-2024-27930

First published on : 18-03-2024 16:15:08
Last modified on : 18-03-2024 19:40:00

Description :
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sensitive fields data from items on which he has read access. This issue has been patched in version 10.0.13.

CVE ID : CVE-2024-27930
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/glpi-project/glpi/commit/1942b70b2422fff51822f6eb3af500c94760871e | source : security-advisories@github.com
https://github.com/glpi-project/glpi/releases/tag/10.0.13 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-82vv-j9pr-qmwq | source : security-advisories@github.com

Vulnerability : CWE-285

Vulnerability ID : CVE-2024-27937

First published on : 18-03-2024 16:15:08
Last modified on : 18-03-2024 19:40:00

Description :
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the email address of all GLPI users. This issue has been patched in version 10.0.13.

CVE ID : CVE-2024-27937
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/glpi-project/glpi/commit/d02c537d23cbb729fe18b87f71b3c6e84e9892da | source : security-advisories@github.com
https://github.com/glpi-project/glpi/releases/tag/10.0.13 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-98qw-hpg3-2hpj | source : security-advisories@github.com

Vulnerability : CWE-285

Vulnerability ID : CVE-2024-27098

First published on : 18-03-2024 17:15:06
Last modified on : 18-03-2024 19:40:00

Description :
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13.

CVE ID : CVE-2024-27098
Source : security-advisories@github.com
CVSS Score : 6.4

References :
https://github.com/glpi-project/glpi/commit/3b6bc1b4aa1f3693b20ada3425d2de5108522484 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/releases/tag/10.0.13 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-92x4-q9w5-837w | source : security-advisories@github.com

Vulnerability : CWE-918

Vulnerability ID : CVE-2024-28249

First published on : 18-03-2024 22:15:08
Last modified on : 18-03-2024 22:15:08

Description :
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sent unencrypted and IPsec-eligible traffic between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.15.2, 1.14.8, and 1.13.13. There is no known workaround for this issue.

CVE ID : CVE-2024-28249
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/cilium/cilium/releases/tag/v1.13.13 | source : security-advisories@github.com
https://github.com/cilium/cilium/releases/tag/v1.14.8 | source : security-advisories@github.com
https://github.com/cilium/cilium/releases/tag/v1.15.2 | source : security-advisories@github.com
https://github.com/cilium/cilium/security/advisories/GHSA-j89h-qrvr-xc36 | source : security-advisories@github.com

Vulnerability : CWE-311

Vulnerability ID : CVE-2024-28250

First published on : 18-03-2024 22:15:08
Last modified on : 18-03-2024 22:15:08

Description :
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's Envoy proxy and pods on other nodes is sent unencrypted and Wireguard-eligible traffic that is sent between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.14.8 and 1.15.2 in in native routing mode (`routingMode=native`) and in Cilium 1.14.4 in tunneling mode (`routingMode=tunnel`). Not that in tunneling mode, `encryption.wireguard.encapsulate` must be set to `true`. There is no known workaround for this issue.

CVE ID : CVE-2024-28250
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/cilium/cilium/releases/tag/v1.13.13 | source : security-advisories@github.com
https://github.com/cilium/cilium/releases/tag/v1.14.8 | source : security-advisories@github.com
https://github.com/cilium/cilium/releases/tag/v1.15.2 | source : security-advisories@github.com
https://github.com/cilium/cilium/security/advisories/GHSA-v6q2-4qr3-5cw6 | source : security-advisories@github.com

Vulnerability : CWE-311

Vulnerability ID : CVE-2024-24748

First published on : 15-03-2024 20:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Discourse is an open source platform for community discussion. In affected versions an attacker can learn that a secret subcategory exists under a public category which has no public subcategories. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-24748
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/discourse/discourse/commit/819361ba28f86a1347059af300bb5cca690f9193 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-3qh8-xw23-cq4x | source : security-advisories@github.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-24827

First published on : 15-03-2024 20:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Discourse is an open source platform for community discussion. Without a rate limit on the POST /uploads endpoint, it makes it easier for an attacker to carry out a DoS attack on the server since creating an upload can be a resource intensive process. Do note that the impact varies from site to site as various site settings like `max_image_size_kb`, `max_attachment_size_kb` and `max_image_megapixels` will determine the amount of resources used when creating an upload. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. Users unable to upgrade should reduce `max_image_size_kb`, `max_attachment_size_kb` and `max_image_megapixels` as smaller uploads require less resources to process. Alternatively, `client_max_body_size` can be reduced in Nginx to prevent large uploads from reaching the server.

CVE ID : CVE-2024-24827
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/discourse/discourse/commit/003b80e62f97cd8c0114d6b9d3f93c10443e6fae | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-58vw-246g-fjj4 | source : security-advisories@github.com

Vulnerability : CWE-400

Vulnerability ID : CVE-2024-28242

First published on : 15-03-2024 20:15:09
Last modified on : 17-03-2024 22:38:29

Description :
Discourse is an open source platform for community discussion. In affected versions an attacker can learn that secret categories exist when they have backgrounds set. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. Users unable to upgrade should temporarily remove category backgrounds.

CVE ID : CVE-2024-28242
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/discourse/discourse/commit/b425fbc2a28341a5627928f963519006712c3d39 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-c7q7-7f6q-2c23 | source : security-advisories@github.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-28862

First published on : 16-03-2024 00:15:07
Last modified on : 17-03-2024 22:38:29

Description :
The Ruby One Time Password library (ROTP) is an open source library for generating and validating one time passwords. Affected versions had overly permissive default permissions. Users should patch to version 6.3.0. Users unable to patch may correct file permissions after installation.

CVE ID : CVE-2024-28862
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/mdp/rotp/security/advisories/GHSA-x2h8-qmj4-g62f | source : security-advisories@github.com

Vulnerability : CWE-276

Vulnerability ID : CVE-2024-27914

First published on : 18-03-2024 17:15:07
Last modified on : 18-03-2024 19:40:00

Description :
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI administrator in order to exploit a reflected XSS vulnerability. The XSS will only trigger if the administrator navigates through the debug bar. This issue has been patched in version 10.0.13.

CVE ID : CVE-2024-27914
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/glpi-project/glpi/commit/69e0dee8de0c0df139b42dbfa1a8997888c2af95 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/releases/tag/10.0.13 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-rcxj-fqr4-q34r | source : security-advisories@github.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-28859

First published on : 15-03-2024 23:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer unserialize user input in his project. This vulnerability present no direct threat but is a vector that will enable remote code execution if a developper deserialize user untrusted data. Symfony 1 depends on Swift Mailer which is bundled by default in vendor directory in the default installation since 1.3.0. Swift Mailer classes implement some `__destruct()` methods. These methods are called when php destroys the object in memory. However, it is possible to include any object type in `$this->_keys` to make PHP access to another array/object properties than intended by the developer. In particular, it is possible to abuse the array access which is triggered on foreach($this->_keys ...) for any class implementing ArrayAccess interface. This may allow an attacker to execute any PHP command which leads to remote code execution. This issue has been addressed in version 1.5.18. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-28859
Source : security-advisories@github.com
CVSS Score : 5.0

References :
https://github.com/FriendsOfSymfony1/symfony1/commit/edb850f94fb4de18ca53d0d1824910d6e8130166 | source : security-advisories@github.com
https://github.com/FriendsOfSymfony1/symfony1/security/advisories/GHSA-wjv8-pxr6-5f4r | source : security-advisories@github.com

Vulnerability : CWE-502

Vulnerability ID : CVE-2024-27104

First published on : 18-03-2024 17:15:06
Last modified on : 18-03-2024 19:40:00

Description :
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. A user with rights to create and share dashboards can build a dashboard containing javascript code. Any user that will open this dashboard will be subject to an XSS attack. This issue has been patched in version 10.0.13.

CVE ID : CVE-2024-27104
Source : security-advisories@github.com
CVSS Score : 4.5

References :
https://github.com/glpi-project/glpi/commit/b409ca437864607b03c2014b9e3293b7f141af65 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/releases/tag/10.0.13 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-prc3-cx5m-h5mj | source : security-advisories@github.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2023-51699

First published on : 15-03-2024 19:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. An OS command injection vulnerability within the Fluid project's JuicefsRuntime can potentially allow an authenticated user, who has the authority to create or update the K8s CRD Dataset/JuicefsRuntime, to execute arbitrary OS commands within the juicefs related containers. This could lead to unauthorized access, modification or deletion of data. Users who're using versions < 0.9.3 with JuicefsRuntime should upgrade to v0.9.3.

CVE ID : CVE-2023-51699
Source : security-advisories@github.com
CVSS Score : 4.0

References :
https://github.com/fluid-cloudnative/fluid/commit/e0184cff8790ad000c3e8943392c7f544fad7d66 | source : security-advisories@github.com
https://github.com/fluid-cloudnative/fluid/security/advisories/GHSA-wx8q-4gm9-rj2g | source : security-advisories@github.com

Vulnerability : CWE-78

Vulnerability ID : CVE-2024-28851

First published on : 15-03-2024 19:15:07
Last modified on : 17-03-2024 22:38:29

Description :
The Snowflake Hive metastore connector provides an easy way to query Hive-managed data via Snowflake. Snowflake Hive MetaStore Connector has addressed a potential elevation of privilege vulnerability in a `helper script` for the Hive MetaStore Connector. A malicious insider without admin privileges could, in theory, use the script to download content from a Microsoft domain to the local system and replace the valid content with malicious code. If the attacker then also had local access to the same system where the maliciously modified script is run, they could attempt to manipulate users into executing the attacker-controlled helper script, potentially gaining elevated privileges to the local system. The vulnerability in the script was patched on February 09, 2024, without a version bump to the Connector. User who use the helper script are strongly advised to use the latest version as soon as possible. Users unable to upgrade should avoid using the helper script.

CVE ID : CVE-2024-28851
Source : security-advisories@github.com
CVSS Score : 4.0

References :
https://github.com/snowflakedb/snowflake-hive-metastore-connector/blob/master/scripts/add_snowflake_hive_metastore_connector_script_action.sh | source : security-advisories@github.com
https://github.com/snowflakedb/snowflake-hive-metastore-connector/commit/dfbf87dff456f6bb62c927711d97316f0c71d8ca | source : security-advisories@github.com
https://github.com/snowflakedb/snowflake-hive-metastore-connector/security/advisories/GHSA-r68p-g2x9-mq7x | source : security-advisories@github.com

Vulnerability : CWE-269

Vulnerability ID : CVE-2024-28237

First published on : 18-03-2024 22:15:07
Last modified on : 18-03-2024 22:15:07

Description :
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to configure or talk a victim with administrator rights into configuring a webcam snapshot URL which when tested through the "Test" button included in the web interface will execute JavaScript code in the victims browser when attempting to render the snapshot image. An attacker who successfully talked a victim with admin rights into performing a snapshot test with such a crafted URL could use this to retrieve or modify sensitive configuration settings, interrupt prints or otherwise interact with the OctoPrint instance in a malicious way. The vulnerability is patched in version 1.10.0rc3. OctoPrint administrators are strongly advised to thoroughly vet who has admin access to their installation and what settings they modify based on instructions by strangers.

CVE ID : CVE-2024-28237
Source : security-advisories@github.com
CVSS Score : 4.0

References :
https://github.com/OctoPrint/OctoPrint/commit/779894c1bc6478332d14bc9ed1006df1354eb517 | source : security-advisories@github.com
https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-x7mf-wrh9-r76c | source : security-advisories@github.com

Vulnerability : CWE-79

Source : wordfence.com

Vulnerability ID : CVE-2024-1796

First published on : 15-03-2024 07:15:09
Last modified on : 15-03-2024 12:53:06

Description :
The HUSKY – Products Filter for WooCommerce Professional plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'woof' shortcode in all versions up to, and including, 1.3.5.1 due to insufficient input sanitization and output escaping on user supplied attributes such as 'swoof_slug'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2024-1796
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3045600%40woocommerce-products-filter&new=3045600%40woocommerce-products-filter&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/748bc714-25ba-404e-ac3d-e588fd95b2f9?source=cve | source : security@wordfence.com

Vulnerability ID : CVE-2024-2399

First published on : 15-03-2024 07:15:09
Last modified on : 15-03-2024 12:53:06

Description :
The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 4.10.23 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2024-2399
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/tags/4.10.23/widgets/premium-media-wheel.php#L2753 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3051259/premium-addons-for-elementor/trunk/widgets/premium-media-wheel.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/dc057069-15cd-477f-9106-e616e919c62f?source=cve | source : security@wordfence.com

Vulnerability ID : CVE-2024-2308

First published on : 16-03-2024 02:15:09
Last modified on : 17-03-2024 22:38:29

Description :
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button link in the EliSlider in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2024-2308
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050556%40elementinvader-addons-for-elementor&new=3050556%40elementinvader-addons-for-elementor&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/40a272dc-cb2a-472f-be42-733efcb2fa61?source=cve | source : security@wordfence.com

Vulnerability ID : CVE-2024-1239

First published on : 16-03-2024 03:15:06
Last modified on : 17-03-2024 22:38:29

Description :
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blog post read more button in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2024-1239
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3042291%40elementskit-lite&new=3042291%40elementskit-lite&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/1822fd58-0dba-4b15-9702-32e3aa4405b3?source=cve | source : security@wordfence.com

Vulnerability ID : CVE-2024-2042

First published on : 16-03-2024 03:15:07
Last modified on : 17-03-2024 22:38:29

Description :
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2024-2042
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.4/widgets/image-accordion/image-accordion.php#L962 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050248%40elementskit-lite&new=3050248%40elementskit-lite&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/be4ce3e6-8baa-419f-a48e-4256c306fbc1?source=cve | source : security@wordfence.com

Vulnerability ID : CVE-2023-6525

First published on : 16-03-2024 03:15:06
Last modified on : 17-03-2024 22:38:29

Description :
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the progress bar element attributes in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This primarily affects multi-site installations and installations where unfiltered_html has been disabled.

CVE ID : CVE-2023-6525
Source : security@wordfence.com
CVSS Score : 5.5

References :
https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.3/widgets/progressbar/progressbar.php#L535 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3011323/elementskit-lite/trunk/widgets/progressbar/progressbar.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/e724394d-97aa-42e4-b36e-6e49bfefa2f6?source=cve | source : security@wordfence.com

Vulnerability ID : CVE-2024-1733

First published on : 16-03-2024 06:15:13
Last modified on : 17-03-2024 22:38:29

Description :
The Word Replacer Pro plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the word_replacer_ultra() function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to update arbitrary content on the affected WordPress site.

CVE ID : CVE-2024-1733
Source : security@wordfence.com
CVSS Score : 5.3

References :
https://plugins.trac.wordpress.org/browser/word-replacer-ultra/trunk/inc/word-replacer-ultra-ajax.php#L16 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/1da53718-c2a2-45d0-ad43-daff3c68342d?source=cve | source : security@wordfence.com

Vulnerability ID : CVE-2024-1857

First published on : 16-03-2024 09:15:06
Last modified on : 17-03-2024 22:38:29

Description :
The Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.6 via the wps_wgm_preview_email_template(). This makes it possible for unauthenticated attackers to read password protected and draft posts that may contain sensitive data.

CVE ID : CVE-2024-1857
Source : security@wordfence.com
CVSS Score : 5.3

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3046745%40woo-gift-cards-lite&new=3046745%40woo-gift-cards-lite&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/2b0d0c44-0ee8-400b-a4ea-e5520c2a6710?source=cve | source : security@wordfence.com

Vulnerability ID : CVE-2024-2294

First published on : 16-03-2024 02:15:09
Last modified on : 17-03-2024 22:38:29

Description :
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an account with only activate_plugins capability to access arbitrary files on the server, which can contain sensitive information. This only impacts sites hosted on Windows servers.

CVE ID : CVE-2024-2294
Source : security@wordfence.com
CVSS Score : 4.9

References :
https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1615 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/backuply/trunk/main/ajax.php#L78 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050547%40backuply&new=3050547%40backuply&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/be3bd1f2-092c-47c4-a4e4-3365e107c57f?source=cve | source : security@wordfence.com

Source : us.ibm.com

Vulnerability ID : CVE-2021-38938

First published on : 15-03-2024 16:15:07
Last modified on : 15-03-2024 16:26:49

Description :
IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 210989.

CVE ID : CVE-2021-38938
Source : psirt@us.ibm.com
CVSS Score : 6.2

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/210989 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/6832964 | source : psirt@us.ibm.com

Vulnerability : CWE-522

Vulnerability ID : CVE-2023-47162

First published on : 15-03-2024 15:15:07
Last modified on : 15-03-2024 16:26:49

Description :
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270973.

CVE ID : CVE-2023-47162
Source : psirt@us.ibm.com
CVSS Score : 6.1

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/270973 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7142038 | source : psirt@us.ibm.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2023-47699

First published on : 15-03-2024 16:15:08
Last modified on : 15-03-2024 16:26:49

CVE ID : CVE-2023-47699
Source : psirt@us.ibm.com
CVSS Score : 6.1

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/270974 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7142038 | source : psirt@us.ibm.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2023-47147

First published on : 15-03-2024 16:15:08
Last modified on : 15-03-2024 16:26:49

Description :
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598.

CVE ID : CVE-2023-47147
Source : psirt@us.ibm.com
CVSS Score : 5.9

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/270598 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7142038 | source : psirt@us.ibm.com

Vulnerability : CWE-73

Vulnerability ID : CVE-2023-46182

First published on : 15-03-2024 15:15:07
Last modified on : 15-03-2024 16:26:49

CVE ID : CVE-2023-46182
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/269692 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7142038 | source : psirt@us.ibm.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2023-46179

First published on : 15-03-2024 15:15:07
Last modified on : 15-03-2024 16:26:49

Description :
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 269683.

CVE ID : CVE-2023-46179
Source : psirt@us.ibm.com
CVSS Score : 4.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/269683 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7142038 | source : psirt@us.ibm.com

Vulnerability : CWE-614

Vulnerability ID : CVE-2023-46181

First published on : 15-03-2024 16:15:07
Last modified on : 15-03-2024 16:26:49

Description :
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686.

CVE ID : CVE-2023-46181
Source : psirt@us.ibm.com
CVSS Score : 4.0

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/269686 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7142038 | source : psirt@us.ibm.com

Vulnerability : CWE-525

Source : mattermost.com

Vulnerability ID : CVE-2024-2445

First published on : 15-03-2024 10:15:07
Last modified on : 15-03-2024 12:53:06

Description :
Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to escape user-controlled outputs when generating HTML pages, which allows an attacker to perform reflected cross-site scripting attacks against the users of the Mattermost server.

CVE ID : CVE-2024-2445
Source : responsibledisclosure@mattermost.com
CVSS Score : 6.1

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-74

Vulnerability ID : CVE-2024-2446

First published on : 15-03-2024 10:15:08
Last modified on : 15-03-2024 12:53:06

Description :
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to limit the number of @-mentions processed per message, allowing an authenticated attacker to crash the client applications of other users via large, crafted messages.

CVE ID : CVE-2024-2446
Source : responsibledisclosure@mattermost.com
CVSS Score : 4.3

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-400

Source : fluidattacks.com

Vulnerability ID : CVE-2024-2180

First published on : 15-03-2024 05:15:06
Last modified on : 15-03-2024 12:53:06

Description :
Zemana AntiLogger v2.74.204.664 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x80002020 IOCTL code of the zam64.sys and zamguard64.sys drivers

CVE ID : CVE-2024-2180
Source : help@fluidattacks.com
CVSS Score : 5.5

References :
https://fluidattacks.com/advisories/gomez/ | source : help@fluidattacks.com
https://zemana.com/us/antilogger.html | source : help@fluidattacks.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-2204

First published on : 15-03-2024 05:15:07
Last modified on : 15-03-2024 12:53:06

Description :
Zemana AntiLogger v2.74.204.664 is vulnerable to a Denial of Service (DoS) vulnerability by triggering the 0x80002004 and 0x80002010 IOCTL codes of the zam64.sys and zamguard64.sys drivers.

CVE ID : CVE-2024-2204
Source : help@fluidattacks.com
CVSS Score : 5.5

References :
https://fluidattacks.com/advisories/hassan/ | source : help@fluidattacks.com
https://zemana.com/us/antilogger.html | source : help@fluidattacks.com

Vulnerability : CWE-476

Source : adobe.com

Vulnerability ID : CVE-2024-20757

First published on : 18-03-2024 16:15:08
Last modified on : 18-03-2024 19:40:00

Description :
Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2024-20757
Source : psirt@adobe.com
CVSS Score : 5.5

References :
https://helpx.adobe.com/security/products/bridge/apsb24-15.html | source : psirt@adobe.com

Vulnerability : CWE-125

Vulnerability ID : CVE-2024-20762

First published on : 18-03-2024 18:15:08
Last modified on : 18-03-2024 19:40:00

Description :
Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2024-20762
Source : psirt@adobe.com
CVSS Score : 5.5

References :
https://helpx.adobe.com/security/products/animate/apsb24-19.html | source : psirt@adobe.com

Vulnerability : CWE-125

Vulnerability ID : CVE-2024-20763

First published on : 18-03-2024 18:15:09
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-20763
Source : psirt@adobe.com
CVSS Score : 5.5

References :
https://helpx.adobe.com/security/products/animate/apsb24-19.html | source : psirt@adobe.com

Vulnerability : CWE-125

Vulnerability ID : CVE-2024-20764

First published on : 18-03-2024 18:15:09
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-20764
Source : psirt@adobe.com
CVSS Score : 5.5

References :
https://helpx.adobe.com/security/products/animate/apsb24-19.html | source : psirt@adobe.com

Vulnerability : CWE-125

Vulnerability ID : CVE-2024-20760

First published on : 18-03-2024 18:15:08
Last modified on : 18-03-2024 19:40:00

Description :
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE ID : CVE-2024-20760
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-20768

First published on : 18-03-2024 18:15:09
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-20768
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26028

First published on : 18-03-2024 18:15:09
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26028
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26030

First published on : 18-03-2024 18:15:10
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26030
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26031

First published on : 18-03-2024 18:15:10
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26031
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26032

First published on : 18-03-2024 18:15:10
Last modified on : 18-03-2024 19:40:00

Description :
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim's browser. Exploitation of this issue requires user interaction.

CVE ID : CVE-2024-26032
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26033

First published on : 18-03-2024 18:15:10
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26033
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26034

First published on : 18-03-2024 18:15:11
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26034
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26035

First published on : 18-03-2024 18:15:11
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26035
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26038

First published on : 18-03-2024 18:15:11
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26038
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26040

First published on : 18-03-2024 18:15:11
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26040
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26041

First published on : 18-03-2024 18:15:12
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26041
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26042

First published on : 18-03-2024 18:15:12
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26042
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26043

First published on : 18-03-2024 18:15:12
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26043
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26044

First published on : 18-03-2024 18:15:12
Last modified on : 18-03-2024 19:40:00

Description :
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim's browser.

CVE ID : CVE-2024-26044
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26045

First published on : 18-03-2024 18:15:13
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26045
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26052

First published on : 18-03-2024 18:15:13
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26052
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26056

First published on : 18-03-2024 18:15:14
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26056
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26059

First published on : 18-03-2024 18:15:14
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26059
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26061

First published on : 18-03-2024 18:15:14
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26061
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26062

First published on : 18-03-2024 18:15:14
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26062
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26064

First published on : 18-03-2024 18:15:15
Last modified on : 18-03-2024 19:40:00

Description :
Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable script. This could result in arbitrary code execution in the context of the victim's browser. Exploitation of this issue requires user interaction.

CVE ID : CVE-2024-26064
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26065

First published on : 18-03-2024 18:15:15
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26065
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26067

First published on : 18-03-2024 18:15:15
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26067
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26069

First published on : 18-03-2024 18:15:15
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26069
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26073

First published on : 18-03-2024 18:15:16
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26073
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26080

First published on : 18-03-2024 18:15:16
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26080
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26094

First published on : 18-03-2024 18:15:16
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26094
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26096

First published on : 18-03-2024 18:15:16
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26096
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26101

First published on : 18-03-2024 18:15:17
Last modified on : 18-03-2024 19:40:00

Description :
Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE ID : CVE-2024-26101
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26102

First published on : 18-03-2024 18:15:17
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26102
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26103

First published on : 18-03-2024 18:15:17
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26103
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26104

First published on : 18-03-2024 18:15:17
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26104
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26105

First published on : 18-03-2024 18:15:18
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26105
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26106

First published on : 18-03-2024 18:15:18
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26106
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26107

First published on : 18-03-2024 18:15:18
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26107
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26118

First published on : 18-03-2024 18:15:18
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26118
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26120

First published on : 18-03-2024 18:15:19
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26120
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26124

First published on : 18-03-2024 18:15:19
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26124
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26125

First published on : 18-03-2024 18:15:19
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26125
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-26063

First published on : 18-03-2024 18:15:14
Last modified on : 18-03-2024 19:40:00

Description :
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information, potentially bypassing security measures. Exploitation of this issue does not require user interaction.

CVE ID : CVE-2024-26063
Source : psirt@adobe.com
CVSS Score : 5.3

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-26119

First published on : 18-03-2024 18:15:19
Last modified on : 18-03-2024 19:40:00

Description :
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.

CVE ID : CVE-2024-26119
Source : psirt@adobe.com
CVSS Score : 5.3

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-284

Vulnerability ID : CVE-2024-26050

First published on : 18-03-2024 18:15:13
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26050
Source : psirt@adobe.com
CVSS Score : 4.8

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Source : incibe.es

Vulnerability ID : CVE-2024-2495

First published on : 15-03-2024 13:15:09
Last modified on : 15-03-2024 16:26:49

Description :
Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16.51b3d35. This vulnerability could allow an attacker to compromise the confidentiality and integrity of encrypted data.

CVE ID : CVE-2024-2495
Source : cve-coordination@incibe.es
CVSS Score : 5.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/cryptographic-key-plain-text-vulnerability-friendlyelecs-friendlywrt | source : cve-coordination@incibe.es

Vulnerability : CWE-1321

Source : opentext.com

Vulnerability ID : CVE-2023-7248

First published on : 15-03-2024 20:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests. The vulnerability would affect one of Vertica’s authentication functionalities by allowing specially crafted requests and sequences. This issue impacts the following Vertica Management Console versions: 10.x 11.1.1-24 or lower 12.0.4-18 or lower Please upgrade to one of the following Vertica Management Console versions: 10.x to upgrade to latest versions from below. 11.1.1-25 12.0.4-19 23.x 24.x

CVE ID : CVE-2023-7248
Source : security@opentext.com
CVSS Score : 5.0

References :
https://portal.microfocus.com/s/article/KM000027542?language=en_US | source : security@opentext.com

Vulnerability : CWE-20

Source : logitech.com

Vulnerability ID : CVE-2024-2537

First published on : 15-03-2024 18:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Improper Control of Dynamically-Managed Code Resources vulnerability in Logitech Logi Tune on MacOS allows Local Code Inclusion.

CVE ID : CVE-2024-2537
Source : cve-coordination@logitech.com
CVSS Score : 4.4

References :
https://hackerone.com/reports/2376663 | source : cve-coordination@logitech.com

Vulnerability : CWE-913

(19) LOW VULNERABILITIES [0.1, 3.9]

Source : vuldb.com

Vulnerability ID : CVE-2024-2482

First published on : 15-03-2024 07:15:10
Last modified on : 15-03-2024 12:53:06

Description :
A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /check_availability.php of the component HTTP POST Request Handler. The manipulation of the argument oldpassword leads to observable response discrepancy. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256891.

CVE ID : CVE-2024-2482
Source : cna@vuldb.com
CVSS Score : 3.7

References :
https://github.com/blackslim3/cve_sidequest/blob/main/poc/Username_and_Password_Enumeration%20on%20Hostel%20Management%20System%20using%20PHP%20and%20MySQL%201.0.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256891 | source : cna@vuldb.com
https://vuldb.com/?id.256891 | source : cna@vuldb.com

Vulnerability : CWE-204

Vulnerability ID : CVE-2024-2479

First published on : 15-03-2024 06:15:10
Last modified on : 16-03-2024 22:15:07

Description :
A vulnerability classified as problematic has been found in MHA Sistemas arMHAzena 9.6.0.0. This affects an unknown part of the component Cadastro Page. The manipulation of the argument Query leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256887. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2479
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://johnermac.github.io/cve/xss/ | source : cna@vuldb.com
https://vuldb.com/?ctiid.256887 | source : cna@vuldb.com
https://vuldb.com/?id.256887 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2515

First published on : 16-03-2024 09:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as problematic, has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this issue is some unknown functionality of the file home.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256952. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2515
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20home.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256952 | source : cna@vuldb.com
https://vuldb.com/?id.256952 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2518

First published on : 16-03-2024 13:15:05
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as problematic. This issue affects some unknown processing of the file book_history.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256955. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2518
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20book_history.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256955 | source : cna@vuldb.com
https://vuldb.com/?id.256955 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2519

First published on : 16-03-2024 15:15:08
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It has been classified as problematic. Affected is an unknown function of the file navbar.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256956. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2519
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20navbar.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256956 | source : cna@vuldb.com
https://vuldb.com/?id.256956 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2521

First published on : 16-03-2024 16:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/bookdate.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-256958 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2521
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20bookdate.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256958 | source : cna@vuldb.com
https://vuldb.com/?id.256958 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2523

First published on : 16-03-2024 17:15:05
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability classified as problematic was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This vulnerability affects unknown code of the file /admin/booktime.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256960. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2523
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20booktime.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256960 | source : cna@vuldb.com
https://vuldb.com/?id.256960 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2525

First published on : 16-03-2024 18:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as problematic, was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected is an unknown function of the file /admin/receipt.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-256962 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2525
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20receipt.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256962 | source : cna@vuldb.com
https://vuldb.com/?id.256962 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2526

First published on : 16-03-2024 19:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/rooms.php. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256963. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2526
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20rooms.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256963 | source : cna@vuldb.com
https://vuldb.com/?id.256963 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2530

First published on : 16-03-2024 21:15:29
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/update-rooms.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256967. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2530
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20update-rooms.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256967 | source : cna@vuldb.com
https://vuldb.com/?id.256967 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2533

First published on : 16-03-2024 23:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as problematic, has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-users.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-256970 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2533
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20update-users.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256970 | source : cna@vuldb.com
https://vuldb.com/?id.256970 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2535

First published on : 17-03-2024 01:15:50
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/users.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256972. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2535
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20users.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256972 | source : cna@vuldb.com
https://vuldb.com/?id.256972 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2553

First published on : 17-03-2024 04:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as problematic, was found in SourceCodester Product Review Rating System 1.0. Affected is an unknown function of the component Rate Product Handler. The manipulation of the argument Your Name/Comment leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257052.

CVE ID : CVE-2024-2553
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/BurakSevben/CVEs/blob/main/Product%20Rating%20System/Product%20Rating%20System%20-%20Cross-Site-Scripting-1.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257052 | source : cna@vuldb.com
https://vuldb.com/?id.257052 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2567

First published on : 17-03-2024 21:15:05
Last modified on : 17-03-2024 22:38:29

Description :
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in jurecapuder AndroidWeatherApp 1.0.0 on Android. Affected is an unknown function of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. VDB-257070 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: The code maintainer was contacted early about this disclosure but did not respond in any way. Instead the GitHub repository got deleted after a few days. We have to assume that the product is not supported anymore.

CVE ID : CVE-2024-2567
Source : cna@vuldb.com
CVSS Score : 1.8

References :
https://github.com/ctflearner/Android_Findings/blob/main/AndroidWeatherApp/Android_backup.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257070 | source : cna@vuldb.com
https://vuldb.com/?id.257070 | source : cna@vuldb.com

Vulnerability : CWE-530

Source : mattermost.com

Vulnerability ID : CVE-2024-24975

First published on : 15-03-2024 09:15:06
Last modified on : 15-03-2024 12:53:06

Description :
Uncontrolled Resource Consumption in Mattermost Mobile versions before 2.13.0 fails to limit the size of the code block that will be processed by the syntax highlighter, allowing an attacker to send a very large code block and crash the mobile app.

CVE ID : CVE-2024-24975
Source : responsibledisclosure@mattermost.com
CVSS Score : 3.5

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-400

Vulnerability ID : CVE-2024-28053

First published on : 15-03-2024 09:15:07
Last modified on : 15-03-2024 12:53:06

Description :
Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 fails to limit the size of the payload that can be read and parsed allowing an attacker to send a very large email payload and crash the server.

CVE ID : CVE-2024-28053
Source : responsibledisclosure@mattermost.com
CVSS Score : 3.1

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-400

Source : adobe.com

Vulnerability ID : CVE-2024-26051

First published on : 18-03-2024 18:15:13
Last modified on : 18-03-2024 19:40:00

CVE ID : CVE-2024-26051
Source : psirt@adobe.com
CVSS Score : 3.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html | source : psirt@adobe.com

Vulnerability : CWE-79

Source : github.com

Vulnerability ID : CVE-2024-28864

First published on : 18-03-2024 22:15:09
Last modified on : 18-03-2024 22:15:09

Description :
SecureProps is a PHP library designed to simplify the encryption and decryption of property data in objects. A vulnerability in SecureProps version 1.2.0 and 1.2.1 involves a regex failing to detect tags during decryption of encrypted data. This occurs when the encrypted data has been encoded with `NullEncoder` and passed to `TagAwareCipher`, and contains special characters such as `\n`. As a result, the decryption process is skipped since the tags are not detected. This causes the encrypted data to be returned in plain format. The vulnerability affects users who implement `TagAwareCipher` with any base cipher that has `NullEncoder` (not default). The patch for the issue has been released. Users are advised to update to version 1.2.2. As a workaround, one may use the default `Base64Encoder` with the base cipher decorated with `TagAwareCipher` to prevent special characters in the encrypted string from interfering with regex tag detection logic. This workaround is safe but may involve double encoding since `TagAwareCipher` uses `NullEncoder` by default.

CVE ID : CVE-2024-28864
Source : security-advisories@github.com
CVSS Score : 2.6

References :
https://github.com/IlicMiljan/Secure-Props/commit/ab7b561040cd37fda3dbf9a6cab01fefcaa16627 | source : security-advisories@github.com
https://github.com/IlicMiljan/Secure-Props/issues/20 | source : security-advisories@github.com
https://github.com/IlicMiljan/Secure-Props/pull/21 | source : security-advisories@github.com
https://github.com/IlicMiljan/Secure-Props/security/advisories/GHSA-rj29-j2g4-77q8 | source : security-advisories@github.com

Vulnerability : CWE-1333

Vulnerability ID : CVE-2024-22412

First published on : 18-03-2024 21:15:06
Last modified on : 18-03-2024 21:15:06

Description :
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles. In affected versions, the query cache only respects separate users, however this is not documented and not expected behavior. People relying on ClickHouse roles can have their access control lists bypassed if they are using query caching. Attackers who have control of a role could guess queries and see data they shouldn't have access to. Version 24.1 of ClickHouse and version 24.0.2.54535 of ClickHouse Cloud contain a patch for this issue. Based on the documentation, role based access control should be enforced regardless if query caching is enabled or not.

CVE ID : CVE-2024-22412
Source : security-advisories@github.com
CVSS Score : 2.4

References :
https://github.com/ClickHouse/ClickHouse/blob/bd17ee769e337906c4b1f404861e042ad72fcbfc/src/Interpreters/executeQuery.cpp#L1013-L1015 | source : security-advisories@github.com
https://github.com/ClickHouse/ClickHouse/pull/58611 | source : security-advisories@github.com
https://github.com/ClickHouse/ClickHouse/security/advisories/GHSA-45h5-f7g3-gr8r | source : security-advisories@github.com

Vulnerability : CWE-863

(130) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2024-26454

First published on : 15-03-2024 01:15:58
Last modified on : 15-03-2024 12:53:06

Description :
A Cross Site Scripting vulnerability in Healthcare-Chatbot through 9b7058a can occur via a crafted payload to the email1 or pwd1 parameter in login.php.

CVE ID : CVE-2024-26454
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/OmRajpurkar/Healthcare-Chatbot/issues/4 | source : cve@mitre.org
https://medium.com/%400x0d0x0a/healthcare-chatbot-xss-cve-2024-26454-acf2607bf210 | source : cve@mitre.org

Vulnerability ID : CVE-2024-26540

First published on : 15-03-2024 01:15:58
Last modified on : 15-03-2024 12:53:06

Description :
A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimg_library::CImg<unsigned char>::_load_analyze.

CVE ID : CVE-2024-26540
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/GreycLab/CImg/issues/403 | source : cve@mitre.org

Vulnerability ID : CVE-2024-25227

First published on : 15-03-2024 06:15:08
Last modified on : 15-03-2024 12:53:06

Description :
SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the tb_login parameter in admin login page.

CVE ID : CVE-2024-25227
Source : cve@mitre.org
CVSS Score : /

References :
https://thetrueartist.wixsite.com/cveblog/post/understanding-the-potential-impact-of-cve-2024-25227-what-you-need-to-know-and-how-it-was-discovered | source : cve@mitre.org

Vulnerability ID : CVE-2024-27756

First published on : 15-03-2024 07:15:09
Last modified on : 15-03-2024 12:53:06

Description :
An issue in GLPI v.10.0.12 and before allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the title field.

CVE ID : CVE-2024-27756
Source : cve@mitre.org
CVSS Score : /

References :
https://medium.com/%40cristiansindile/formula-injection-in-glpi-cve-2024-27756-3649c7cca092 | source : cve@mitre.org

Vulnerability ID : CVE-2024-28353

First published on : 15-03-2024 08:15:06
Last modified on : 15-03-2024 12:53:06

Description :
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.config.smb_admin_name in the apply.cgi interface, thereby gaining root shell privileges.

CVE ID : CVE-2024-28353
Source : cve@mitre.org
CVSS Score : /

References :
https://warp-desk-89d.notion.site/TEW-827DRU-5c40fb20572148f0b00f329d69273791 | source : cve@mitre.org

Vulnerability ID : CVE-2024-28354

First published on : 15-03-2024 08:15:07
Last modified on : 15-03-2024 12:53:06

Description :
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb[%d].username in the apply.cgi interface, thereby gaining root shell privileges.

CVE ID : CVE-2024-28354
Source : cve@mitre.org
CVSS Score : /

References :
https://warp-desk-89d.notion.site/TEW-827DRU-c732df50b2454ecaa5451b02f3adda6a | source : cve@mitre.org

Vulnerability ID : CVE-2024-28318

First published on : 15-03-2024 15:15:08
Last modified on : 15-03-2024 16:26:49

Description :
gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain a out of boundary write vulnerability via swf_get_string at scene_manager/swf_parse.c:325

CVE ID : CVE-2024-28318
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/gpac/gpac/issues/2764 | source : cve@mitre.org

Vulnerability ID : CVE-2024-28319

First published on : 15-03-2024 15:15:09
Last modified on : 15-03-2024 16:26:49

Description :
gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gf_dash_setup_period media_tools/dash_client.c:6374

CVE ID : CVE-2024-28319
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/gpac/gpac/issues/2763 | source : cve@mitre.org

Vulnerability ID : CVE-2024-28403

First published on : 15-03-2024 16:15:08
Last modified on : 15-03-2024 17:15:08

Description :
TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting (XSS) via the VPN Page.

CVE ID : CVE-2024-28403
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/X2000R/XSS_5_VPN/XSS.md | source : cve@mitre.org
https://www.totolink.net/home/menu/detail/menu_listtpl/products/id/242/ids/33.html | source : cve@mitre.org

Vulnerability ID : CVE-2024-28401

First published on : 15-03-2024 17:15:08
Last modified on : 17-03-2024 22:38:29

Description :
TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless Page.

CVE ID : CVE-2024-28401
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/X2000R/XSS_1_Root_Access_Control/XSS.md | source : cve@mitre.org
https://www.totolink.net/home/menu/detail/menu_listtpl/products/id/242/ids/33.html | source : cve@mitre.org

Vulnerability ID : CVE-2024-28404

First published on : 15-03-2024 17:15:08
Last modified on : 17-03-2024 22:38:29

Description :
TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page.

CVE ID : CVE-2024-28404
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/X2000R/XSS_3_MAC_Filtering/XSS.md | source : cve@mitre.org
https://www.totolink.net/home/menu/detail/menu_listtpl/products/id/242/ids/33.html | source : cve@mitre.org

Vulnerability ID : CVE-2024-27351

First published on : 15-03-2024 20:15:09
Last modified on : 17-03-2024 22:38:29

Description :
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.

CVE ID : CVE-2024-27351
Source : cve@mitre.org
CVSS Score : /

References :
https://docs.djangoproject.com/en/5.0/releases/security/ | source : cve@mitre.org
https://groups.google.com/forum/#%21forum/django-announce | source : cve@mitre.org
https://www.djangoproject.com/weblog/2024/mar/04/security-releases/ | source : cve@mitre.org

Vulnerability ID : CVE-2024-24156

First published on : 16-03-2024 06:15:13
Last modified on : 17-03-2024 22:38:29

Description :
Cross Site Scripting (XSS) vulnerability in Gnuboard g6 before Github commit 58c737a263ac0c523592fd87ff71b9e3c07d7cf5, allows remote attackers execute arbitrary code via the wr_content parameter.

CVE ID : CVE-2024-24156
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/gnuboard/g6/issues/316 | source : cve@mitre.org

Vulnerability ID : CVE-2024-28069

First published on : 16-03-2024 06:15:13
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and potentially conduct unauthorized actions within the vulnerable component.

CVE ID : CVE-2024-28069
Source : cve@mitre.org
CVSS Score : /

References :
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0001 | source : cve@mitre.org

Vulnerability ID : CVE-2024-28070

First published on : 16-03-2024 06:15:14
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation. A successful exploit could allow an attacker to access sensitive information and gain unauthorized access.

CVE ID : CVE-2024-28070
Source : cve@mitre.org
CVSS Score : /

References :
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0002 | source : cve@mitre.org

Vulnerability ID : CVE-2024-28639

First published on : 16-03-2024 06:15:14
Last modified on : 17-03-2024 22:38:29

Description :
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022, allow remote attackers to execute arbitrary code and cause a denial of service (DoS) via the IP field.

CVE ID : CVE-2024-28639
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ZIKH26/CVE-information/blob/master/TOTOLINK/Vulnerability%20Information_1.md | source : cve@mitre.org

Vulnerability ID : CVE-2024-28640

First published on : 16-03-2024 06:15:14
Last modified on : 17-03-2024 22:38:29

Description :
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.

CVE ID : CVE-2024-28640
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ZIKH26/CVE-information/blob/master/TOTOLINK/Vulnerability%20Information_2.md | source : cve@mitre.org

Vulnerability ID : CVE-2024-22513

First published on : 16-03-2024 07:15:06
Last modified on : 17-03-2024 22:38:29

Description :
djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the for_user method.

CVE ID : CVE-2024-22513
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/dmdhrumilmistry/CVEs/tree/main/CVE-2024-22513 | source : cve@mitre.org

Vulnerability ID : CVE-2023-52159

First published on : 18-03-2024 02:15:06
Last modified on : 18-03-2024 12:38:25

Description :
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry.

CVE ID : CVE-2023-52159
Source : cve@mitre.org
CVSS Score : /

References :
https://codeberg.org/bizdelnick/gross/wiki/Known-vulnerabilities#cve-2023-52159 | source : cve@mitre.org

Vulnerability ID : CVE-2024-24230

First published on : 18-03-2024 02:15:06
Last modified on : 18-03-2024 12:38:25

Description :
Komm.One CMS 10.4.2.14 has a Server-Side Template Injection (SSTI) vulnerability via the Velocity template engine. It allows remote attackers to execute arbitrary code via a URL that specifies java.lang.Runtime in conjunction with getRuntime().exec followed by an OS command.

CVE ID : CVE-2024-24230
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.munz4u.de/posts/2023/11/cve-2023-xxxxx-rce-via-ssti-in-komm.one-cms-10.4.2.14/ | source : cve@mitre.org

Vulnerability ID : CVE-2022-47036

First published on : 18-03-2024 03:15:05
Last modified on : 18-03-2024 12:38:25

Description :
Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been revealed via a brute force attack on an MD5 hash. It can be used for "debug login" by an admin. NOTE: the vulnerability is not fixed by the 2.1.1 firmware; instead, it is fixed in newer hardware, which would typically be used with firmware 2.1.1 or later.

CVE ID : CVE-2022-47036
Source : cve@mitre.org
CVSS Score : /

References :
https://semaja2.net/2023/06/11/siklu-tg-auth-bypass.html | source : cve@mitre.org

Vulnerability ID : CVE-2022-47037

First published on : 18-03-2024 03:15:06
Last modified on : 18-03-2024 12:38:25

Description :
Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials.

CVE ID : CVE-2022-47037
Source : cve@mitre.org
CVSS Score : /

References :
https://semaja2.net/2023/06/11/siklu-tg-auth-bypass.html | source : cve@mitre.org

Vulnerability ID : CVE-2024-24539

First published on : 18-03-2024 03:15:06
Last modified on : 18-03-2024 12:38:25

Description :
FusionPBX before 5.2.0 does not validate a session.

CVE ID : CVE-2024-24539
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/fusionpbx/fusionpbx/commit/2f8bed375c124c1d7e36138acc6903fcfcf15a8f | source : cve@mitre.org
https://github.com/fusionpbx/fusionpbx/commit/ee202cd61dc9a79fb2d634b1ad21ff2416d531cb | source : cve@mitre.org

Vulnerability ID : CVE-2024-27757

First published on : 18-03-2024 04:15:09
Last modified on : 18-03-2024 12:38:25

Description :
flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."

CVE ID : CVE-2024-27757
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/jubilianite/flusity-CMS/security/advisories/GHSA-5843-5m74-7fqh | source : cve@mitre.org

Vulnerability ID : CVE-2018-25099

First published on : 18-03-2024 05:15:06
Last modified on : 18-03-2024 12:38:25

Description :
In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() do not verify the tag.

CVE ID : CVE-2018-25099
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/DCIT/perl-CryptX/issues/47 | source : cve@mitre.org
https://github.com/libtom/libtomcrypt/pull/451 | source : cve@mitre.org
https://metacpan.org/dist/CryptX/changes | source : cve@mitre.org

Vulnerability ID : CVE-2021-47154

First published on : 18-03-2024 05:15:06
Last modified on : 18-03-2024 12:38:25

Description :
The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

CVE ID : CVE-2021-47154
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/ | source : cve@mitre.org
https://github.com/stigtsp/Net-CIDR-Lite/commit/23b6ff0590dc279521863a502e890ef19a5a76fc | source : cve@mitre.org
https://metacpan.org/dist/Net-CIDR-Lite/changes | source : cve@mitre.org
https://metacpan.org/pod/Net::CIDR::Lite | source : cve@mitre.org

Vulnerability ID : CVE-2021-47155

First published on : 18-03-2024 05:15:06
Last modified on : 18-03-2024 12:38:25

Description :
The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

CVE ID : CVE-2021-47155
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/#net-ipv4addrhttpsmetacpanorgreleasenet-ipv4addr | source : cve@mitre.org
https://metacpan.org/release/Net-IPv4Addr | source : cve@mitre.org

Vulnerability ID : CVE-2021-47156

First published on : 18-03-2024 05:15:06
Last modified on : 18-03-2024 12:38:25

Description :
The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

CVE ID : CVE-2021-47156
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/ | source : cve@mitre.org
https://metacpan.org/release/Net-IPAddress-Util | source : cve@mitre.org
https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes | source : cve@mitre.org

Vulnerability ID : CVE-2021-47157

First published on : 18-03-2024 05:15:06
Last modified on : 18-03-2024 12:38:25

Description :
The Kossy module before 0.60 for Perl allows JSON hijacking because of X-Requested-With mishandling.

CVE ID : CVE-2021-47157
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/kazeburo/Kossy/pull/16 | source : cve@mitre.org
https://metacpan.org/dist/Kossy/changes | source : cve@mitre.org

Vulnerability ID : CVE-2024-29151

First published on : 18-03-2024 06:15:05
Last modified on : 18-03-2024 12:38:25

Description :
Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI.

CVE ID : CVE-2024-29151
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/RocketChat/Rocket.Chat.Audit/blob/5ad78e8017a9e190602e8257c22500ded0d931a9/requirements.txt#L3 | source : cve@mitre.org

Vulnerability ID : CVE-2024-29156

First published on : 18-03-2024 07:15:05
Last modified on : 18-03-2024 12:38:25

Description :
In OpenStack Murano through 16.0.0, when YAQL before 3.0.0 is used, the Murano service's MuranoPL extension to the YAQL language fails to sanitize the supplied environment, leading to potential leakage of sensitive service account information.

CVE ID : CVE-2024-29156
Source : cve@mitre.org
CVSS Score : /

References :
https://launchpad.net/bugs/2048114 | source : cve@mitre.org
https://opendev.org/openstack/murano/tags | source : cve@mitre.org
https://opendev.org/openstack/yaql/commit/83e28324e1a0ce3970dd854393d2431123a909d3 | source : cve@mitre.org
https://wiki.openstack.org/wiki/OSSN/OSSN-0093 | source : cve@mitre.org

Vulnerability ID : CVE-2024-28550

First published on : 18-03-2024 13:15:07
Last modified on : 18-03-2024 19:40:00

Description :
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function.

CVE ID : CVE-2024-28550
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formExpandDlnaFile.md | source : cve@mitre.org

Vulnerability ID : CVE-2024-28537

First published on : 18-03-2024 14:15:09
Last modified on : 18-03-2024 19:40:00

Description :
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function.

CVE ID : CVE-2024-28537
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromNatStaticSetting.md | source : cve@mitre.org

Vulnerability ID : CVE-2024-28547

First published on : 18-03-2024 14:15:10
Last modified on : 18-03-2024 19:40:00

Description :
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the firewallEn parameter of formSetFirewallCfg function.

CVE ID : CVE-2024-28547
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formSetFirewallCfg.md | source : cve@mitre.org

Vulnerability ID : CVE-2024-28054

First published on : 18-03-2024 17:15:07
Last modified on : 18-03-2024 19:40:00

Description :
Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict (relative to some mail user agents) when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware.

CVE ID : CVE-2024-28054
Source : cve@mitre.org
CVSS Score : /

References :
https://gitlab.com/amavis/amavis/-/issues/112 | source : cve@mitre.org
https://gitlab.com/amavis/amavis/-/raw/v2.13.1/README_FILES/README.CVE-2024-28054 | source : cve@mitre.org
https://lists.amavis.org/pipermail/amavis-users/2024-March/006811.html | source : cve@mitre.org
https://metacpan.org/pod/MIME::Tools | source : cve@mitre.org
https://www.amavis.org/release-notes.txt | source : cve@mitre.org

Vulnerability ID : CVE-2024-25654

First published on : 18-03-2024 20:15:08
Last modified on : 18-03-2024 20:15:08

Description :
Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access credentials to authenticate to all services, and to decrypt sensitive data stored in the database.

CVE ID : CVE-2024-25654
Source : cve@mitre.org
CVSS Score : /

References :
https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25654 | source : cve@mitre.org

Vulnerability ID : CVE-2024-25655

First published on : 18-03-2024 20:15:08
Last modified on : 18-03-2024 20:15:08

Description :
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the application database) to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP.

CVE ID : CVE-2024-25655
Source : cve@mitre.org
CVSS Score : /

References :
https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25655 | source : cve@mitre.org

Vulnerability ID : CVE-2024-25656

First published on : 18-03-2024 20:15:08
Last modified on : 18-03-2024 20:15:08

Description :
Improper input validation in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS can result in unauthenticated CPE (Customer Premises Equipment) devices storing arbitrarily large amounts of data during registration. This can potentially lead to DDoS attacks on the application database and, ultimately, affect the entire product.

CVE ID : CVE-2024-25656
Source : cve@mitre.org
CVSS Score : /

References :
https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25656 | source : cve@mitre.org

Vulnerability ID : CVE-2024-25657

First published on : 18-03-2024 20:15:09
Last modified on : 18-03-2024 20:15:09

Description :
An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS could allow attackers to redirect authenticated users to malicious websites.

CVE ID : CVE-2024-25657
Source : cve@mitre.org
CVSS Score : /

References :
https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25657 | source : cve@mitre.org

Source : apache.org

Vulnerability ID : CVE-2024-23944

First published on : 15-03-2024 11:15:08
Last modified on : 15-03-2024 12:53:06

Description :
Information disclosure in persistent watchers handling in Apache ZooKeeper due to missing ACL check. It allows an attacker to monitor child znodes by attaching a persistent watcher (addWatch command) to a parent which the attacker has already access to. ZooKeeper server doesn't do ACL check when the persistent watcher is triggered and as a consequence, the full path of znodes that a watch event gets triggered upon is exposed to the owner of the watcher. It's important to note that only the path is exposed by this vulnerability, not the data of znode, but since znode path can contain sensitive information like user name or login ID, this issue is potentially critical. Users are recommended to upgrade to version 3.9.2, 3.8.4 which fixes the issue.

CVE ID : CVE-2024-23944
Source : security@apache.org
CVSS Score : /

References :
https://lists.apache.org/thread/96s5nqssj03rznz9hv58txdb2k1lr79k | source : security@apache.org

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-28752

First published on : 15-03-2024 11:15:09
Last modified on : 15-03-2024 12:53:06

Description :
A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.

CVE ID : CVE-2024-28752
Source : security@apache.org
CVSS Score : /

References :
https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt | source : security@apache.org

Vulnerability : CWE-918

Source : patchstack.com

Vulnerability ID : CVE-2023-51525

First published on : 15-03-2024 14:15:07
Last modified on : 15-03-2024 16:26:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Veribo, Roland Murg WP Simple Booking Calendar.This issue affects WP Simple Booking Calendar: from n/a through 2.0.8.4.

CVE ID : CVE-2023-51525
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/wp-simple-booking-calendar/wordpress-wp-simple-booking-calendar-plugin-2-0-8-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352

Source : cert.org

Vulnerability ID : CVE-2023-6960

First published on : 15-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
TTLock App virtual keys and settings are only deleted client side, and if preserved, can access the lock after intended deletion.

CVE ID : CVE-2023-6960
Source : cret@cert.org
CVSS Score : /

References :
https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/ | source : cret@cert.org

Vulnerability ID : CVE-2023-7003

First published on : 15-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener firmware.

CVE ID : CVE-2023-7003
Source : cret@cert.org
CVSS Score : /

References :
https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/ | source : cret@cert.org

Vulnerability ID : CVE-2023-7004

First published on : 15-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device, allowing for connection to a device that spoofs the MAC address of a lock, which compromises the legitimate locks integrity.

CVE ID : CVE-2023-7004
Source : cret@cert.org
CVSS Score : /

References :
https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/ | source : cret@cert.org

Vulnerability ID : CVE-2023-7006

First published on : 15-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
The unlockKey character in a lock using Sciener firmware can be brute forced through repeated challenge requests, compromising the locks integrity.

CVE ID : CVE-2023-7006
Source : cret@cert.org
CVSS Score : /

References :
https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/ | source : cret@cert.org

Vulnerability ID : CVE-2023-7007

First published on : 15-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Sciener server does not validate connection requests from the GatewayG2, allowing an impersonation attack that provides the attacker the unlockKey field.

CVE ID : CVE-2023-7007
Source : cret@cert.org
CVSS Score : /

References :
https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/ | source : cret@cert.org

Vulnerability ID : CVE-2023-7009

First published on : 15-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. These malicious commands, less then 16 bytes in length, will be processed by the lock as if they were encrypted communications. This can be further exploited by an attacker to compromise the lock's integrity.

CVE ID : CVE-2023-7009
Source : cret@cert.org
CVSS Score : /

References :
https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/ | source : cret@cert.org

Vulnerability ID : CVE-2023-7017

First published on : 15-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Sciener locks' firmware update mechanism do not authenticate or validate firmware updates if passed to the lock through the Bluetooth Low Energy service. A challenge request can be sent to the lock with a command to prepare for an update, rather than an unlock request, allowing an attacker to compromise the device.

CVE ID : CVE-2023-7017
Source : cret@cert.org
CVSS Score : /

References :
https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/ | source : cret@cert.org

Vulnerability ID : CVE-2024-2193

First published on : 15-03-2024 18:15:08
Last modified on : 17-03-2024 22:38:29

Description :
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.

CVE ID : CVE-2024-2193
Source : cret@cert.org
CVSS Score : /

References :
https://download.vusec.net/papers/ghostrace_sec24.pdf | source : cret@cert.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23 | source : cret@cert.org
https://ibm.github.io/system-security-research-updates/2024/03/12/ghostrace | source : cret@cert.org
https://kb.cert.org/vuls/id/488902 | source : cret@cert.org
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html | source : cret@cert.org
https://www.kb.cert.org/vuls/id/488902 | source : cret@cert.org
https://www.vusec.net/projects/ghostrace/ | source : cret@cert.org
https://xenbits.xen.org/xsa/advisory-453.html | source : cret@cert.org

Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Vulnerability ID : CVE-2021-47109

First published on : 15-03-2024 21:15:06
Last modified on : 17-03-2024 22:38:29

Description :
In the Linux kernel, the following vulnerability has been resolved: neighbour: allow NUD_NOARP entries to be forced GCed IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's possible to fill up the neighbour table with enough entries that it will overflow for valid connections after that. This behaviour is more prevalent after commit 58956317c8de ("neighbor: Improve garbage collection") is applied, as it prevents removal from entries that are not NUD_FAILED, unless they are more than 5s old.

CVE ID : CVE-2021-47109
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/d17d47da59f726dc4c87caebda3a50333d7e2fd3 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/d99029e6aab62aef0a0251588b2867e77e83b137 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ddf088d7aaaaacfc836104f2e632b29b1d383cfc | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Vulnerability ID : CVE-2021-47110

First published on : 15-03-2024 21:15:06
Last modified on : 17-03-2024 22:38:29

Description :
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machine_shutdown() hook and this only happens for boot CPU. We need to disable it for all CPUs to guard against memory corruption e.g. on restore from hibernate. Note, writing '0' to kvmclock MSR doesn't clear memory location, it just prevents hypervisor from updating the location so for the short while after write and while CPU is still alive, the clock remains usable and correct so we don't need to switch to some other clocksource.

CVE ID : CVE-2021-47110
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/1df2dc09926f61319116c80ee85701df33577d70 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/3b0becf8b1ecf642a9edaf4c9628ffc641e490d6 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/9084fe1b3572664ad276f427dce575f580c9799a | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/c02027b5742b5aa804ef08a4a9db433295533046 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Vulnerability ID : CVE-2021-47111

First published on : 15-03-2024 21:15:06
Last modified on : 17-03-2024 22:38:29

Description :
In the Linux kernel, the following vulnerability has been resolved: xen-netback: take a reference to the RX task thread Do this in order to prevent the task from being freed if the thread returns (which can be triggered by the frontend) before the call to kthread_stop done as part of the backend tear down. Not taking the reference will lead to a use-after-free in that scenario. Such reference was taken before but dropped as part of the rework done in 2ac061ce97f4. Reintroduce the reference taking and add a comment this time explaining why it's needed. This is XSA-374 / CVE-2021-28691.

CVE ID : CVE-2021-47111
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/107866a8eb0b664675a260f1ba0655010fac1e08 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/6b53db8c4c14b4e7256f058d202908b54a7b85b4 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/caec9bcaeb1a5f03f2d406305355c853af10c13e | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Vulnerability ID : CVE-2021-47112

First published on : 15-03-2024 21:15:06
Last modified on : 17-03-2024 22:38:29

Description :
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features (Async PF, PV EOI, steal time) work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all these features to make sure hypervisor doesn't write to stale locations after we jump to the previously hibernated kernel (which can try to place anything there). For secondary CPUs the job is already done by kvm_cpu_down_prepare(), register syscore ops to do the same for boot CPU.

CVE ID : CVE-2021-47112
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/38b858da1c58ad46519a257764e059e663b59ff2 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/7620a669111b52f224d006dea9e1e688e2d62c54 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/8b79feffeca28c5459458fe78676b081e87c93a4 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/d1629b5b925de9b27979e929dae7fcb766daf6b6 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Vulnerability ID : CVE-2021-47113

First published on : 15-03-2024 21:15:06
Last modified on : 17-03-2024 22:38:29

Description :
In the Linux kernel, the following vulnerability has been resolved: btrfs: abort in rename_exchange if we fail to insert the second ref Error injection stress uncovered a problem where we'd leave a dangling inode ref if we failed during a rename_exchange. This happens because we insert the inode ref for one side of the rename, and then for the other side. If this second inode ref insert fails we'll leave the first one dangling and leave a corrupt file system behind. Fix this by aborting if we did the insert for the first inode ref.

CVE ID : CVE-2021-47113
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/0df50d47d17401f9f140dfbe752a65e5d72f9932 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/dc09ef3562726cd520c8338c1640872a60187af5 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/ff8de2cec65a8c8521faade12a31b39c80e49f5b | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Vulnerability ID : CVE-2021-47114

First published on : 15-03-2024 21:15:06
Last modified on : 17-03-2024 22:38:29

Description :
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with buffer write, at that time isize is not yet updated to match the new size, if writeback is kicked in, it will invoke ocfs2_writepage()->block_write_full_page() where the pages out of inode size will be dropped. That will cause file corruption. Fix this by zero out eof blocks when extending the inode size. Running the following command with qemu-image 4.2.1 can get a corrupted coverted image file easily. qemu-img convert -p -t none -T none -f qcow2 $qcow_image \ -O qcow2 -o compat=1.1 $qcow_image.conv The usage of fallocate in qemu is like this, it first punches holes out of inode size, then extend the inode size. fallocate(11, FALLOC_FL_KEEP_SIZE|FALLOC_FL_PUNCH_HOLE, 2276196352, 65536) = 0 fallocate(11, 0, 2276196352, 65536) = 0 v1: https://www.spinics.net/lists/linux-fsdevel/msg193999.html v2: https://lore.kernel.org/linux-fsdevel/20210525093034.GB4112@quack2.suse.cz/T/

CVE ID : CVE-2021-47114
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

Vulnerability ID : CVE-2021-47115

First published on : 15-03-2024 21:15:06
Last modified on : 18-03-2024 11:15:07

Description :
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE ID : CVE-2021-47115
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :

Vulnerability ID : CVE-2021-47116

First published on : 15-03-2024 21:15:06
Last modified on : 17-03-2024 22:38:29

Description :
In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_mb_init_backend on error path. Fix a memory leak discovered by syzbot when a file system is corrupted with an illegally large s_log_groups_per_flex.

CVE ID : CVE-2021-47116
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

References :
https://git.kernel.org/stable/c/04fb2baa0b147f51db065a1b13a11954abe592d0 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/2050c6e5b161e5e25ce3c420fef58b24fa388a49 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/a8867f4e3809050571c98de7a2d465aff5e4daf5 | source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Vulnerability ID : CVE-2021-47117

First published on : 15-03-2024 21:15:06
Last modified on : 17-03-2024 22:38:29

Description :
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault: [130747.323114] kernel BUG at fs/ext4/extents_status.c:762! [130747.323117] Internal error: Oops - BUG: 0 [#1] SMP ...... [130747.334329] Call trace: [130747.334553] ext4_es_cache_extent+0x150/0x168 [ext4] [130747.334975] ext4_cache_extents+0x64/0xe8 [ext4] [130747.335368] ext4_find_extent+0x300/0x330 [ext4] [130747.335759] ext4_ext_map_blocks+0x74/0x1178 [ext4] [130747.336179] ext4_map_blocks+0x2f4/0x5f0 [ext4] [130747.336567] ext4_mpage_readpages+0x4a8/0x7a8 [ext4] [130747.336995] ext4_readpage+0x54/0x100 [ext4] [130747.337359] generic_file_buffered_read+0x410/0xae8 [130747.337767] generic_file_read_iter+0x114/0x190 [130747.338152] ext4_file_read_iter+0x5c/0x140 [ext4] [130747.338556] __vfs_read+0x11c/0x188 [130747.338851] vfs_read+0x94/0x150 [130747.339110] ksys_read+0x74/0xf0 This patch's modification is according to Jan Kara's suggestion in: https://patchwork.ozlabs.org/project/linux-ext4/patch/20210428085158.3728201-1-yebin10@huawei.com/ "I see. Now I understand your patch. Honestly, seeing how fragile is trying to fix extent tree after split has failed in the middle, I would probably go even further and make sure we fix the tree properly in case of ENOSPC and EDQUOT (those are easily user triggerable). Anything else indicates a HW problem or fs corruption so I'd rather leave the extent tree as is and don't try to fix it (which also means we will not create overlapping extents)."

CVE ID : CVE-2021-47117
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /

Vulnerability ID : CVE-2021-47118

First published on : 15-03-2024 21:15:06
Last modified on : 17-03-2024 22:38:29

Description :
In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing `cad_pid` During boot, kernel_init_freeable() initializes `cad_pid` to the init task's struct pid. Later on, we may change `cad_pid` via a sysctl, and when this happens proc_do_cad_pid() will increment the refcount on the new pid via get_pid(), and will decrement the refcount on the old pid via put_pid(). As we never called get_pid() when we initialized `cad_pid`, we decrement a reference we never incremented, can therefore free the init task's struct pid early. As there can be dangling references to the struct pid, we can later encounter a use-after-free (e.g. when delivering signals). This was spotted when fuzzing v5.13-rc3 with Syzkaller, but seems to have been around since the conversion of `cad_pid` to struct pid in commit 9ec52099e4b8 ("[PATCH] replace cad_pid by a struct pid") from the pre-KASAN stone age of v2.6.19. Fix this by getting a reference to the init task's struct pid when we assign it to `cad_pid`. Full KASAN splat below. ================================================================== BUG: KASAN: use-after-free in ns_of_pid include/linux/pid.h:153 [inline] BUG: KASAN: use-after-free in task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509 Read of size 4 at addr ffff23794dda0004 by task syz-executor.0/273 CPU: 1 PID: 273 Comm: syz-executor.0 Not tainted 5.12.0-00001-g9aef892b2d15 #1 Hardware name: linux,dummy-virt (DT) Call trace: ns_of_pid include/linux/pid.h:153 [inline] task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509 do_notify_parent+0x308/0xe60 kernel/signal.c:1950 exit_notify kernel/exit.c:682 [inline] do_exit+0x2334/0x2bd0 kernel/exit.c:845 do_group_exit+0x108/0x2c8 kernel/exit.c:922 get_signal+0x4e4/0x2a88 kernel/signal.c:2781 do_signal arch/arm64/kernel/signal.c:882 [inline] do_notify_resume+0x300/0x970 arch/arm64/kernel/signal.c:936 work_pending+0xc/0x2dc Allocated by task 0: slab_post_alloc_hook+0x50/0x5c0 mm/slab.h:516 slab_alloc_node mm/slub.c:2907 [inline] slab_alloc mm/slub.c:2915 [inline] kmem_cache_alloc+0x1f4/0x4c0 mm/slub.c:2920 alloc_pid+0xdc/0xc00 kernel/pid.c:180 copy_process+0x2794/0x5e18 kernel/fork.c:2129 kernel_clone+0x194/0x13c8 kernel/fork.c:2500 kernel_thread+0xd4/0x110 kernel/fork.c:2552 rest_init+0x44/0x4a0 init/main.c:687 arch_call_rest_init+0x1c/0x28 start_kernel+0x520/0x554 init/main.c:1064 0x0 Freed by task 270: slab_free_hook mm/slub.c:1562 [inline] slab_free_freelist_hook+0x98/0x260 mm/slub.c:1600 slab_free mm/slub.c:3161 [inline] kmem_cache_free+0x224/0x8e0 mm/slub.c:3177 put_pid.part.4+0xe0/0x1a8 kernel/pid.c:114 put_pid+0x30/0x48 kernel/pid.c:109 proc_do_cad_pid+0x190/0x1b0 kernel/sysctl.c:1401 proc_sys_call_handler+0x338/0x4b0 fs/proc/proc_sysctl.c:591 proc_sys_write+0x34/0x48 fs/proc/proc_sysctl.c:617 call_write_iter include/linux/fs.h:1977 [inline] new_sync_write+0x3ac/0x510 fs/read_write.c:518 vfs_write fs/read_write.c:605 [inline] vfs_write+0x9c4/0x1018 fs/read_write.c:585 ksys_write+0x124/0x240 fs/read_write.c:658 __do_sys_write fs/read_write.c:670 [inline] __se_sys_write fs/read_write.c:667 [inline] __arm64_sys_write+0x78/0xb0 fs/read_write.c:667 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline] invoke_syscall arch/arm64/kernel/syscall.c:49 [inline] el0_svc_common.constprop.1+0x16c/0x388 arch/arm64/kernel/syscall.c:129 do_el0_svc+0xf8/0x150 arch/arm64/kernel/syscall.c:168 el0_svc+0x28/0x38 arch/arm64/kernel/entry-common.c:416 el0_sync_handler+0x134/0x180 arch/arm64/kernel/entry-common.c:432 el0_sync+0x154/0x180 arch/arm64/kernel/entry.S:701 The buggy address belongs to the object at ffff23794dda0000 which belongs to the cache pid of size 224 The buggy address is located 4 bytes inside of 224-byte region [ff ---truncated---

CVE ID : CVE-2021-47118
Source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Score : /