XWiki programming rights may be inherited by inclusion
Impact The content of a document included using {{include reference="targetdocument"/}} is executed with the right of the includer and not with the right of its author. This means that any user able to modify the target document can impersonate the author of the content which used the include...
9.9CVSS
7AI Score
0.0004EPSS
XWiki programming rights may be inherited by inclusion
Impact The content of a document included using {{include reference="targetdocument"/}} is executed with the right of the includer and not with the right of its author. This means that any user able to modify the target document can impersonate the author of the content which used the include...
9.9CVSS
7AI Score
0.0004EPSS
CVE-2023-49793 Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of CodeChecker store are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of....
6.5CVSS
6.5AI Score
0.0004EPSS
CVE-2023-49793 Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of CodeChecker store are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of....
6.5CVSS
0.0004EPSS
FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...
9.6CVSS
0.0004EPSS
FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...
9.6CVSS
7.1AI Score
0.0004EPSS
FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...
9.6CVSS
9.2AI Score
0.0004EPSS
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The content of a document included using {{include reference="targetdocument"/}} is executed with the right of the includer and not with the right of its author. This means that any user able...
9.9CVSS
0.0004EPSS
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The content of a document included using {{include reference="targetdocument"/}} is executed with the right of the includer and not with the right of its author. This means that any user able...
9.9CVSS
9.4AI Score
0.0004EPSS
In today’s interconnected digital world, the role of web applications and APIs has become central to business operations, acting as gateways to vast amounts of valuable data and services. However, their widespread use and accessibility make them prime targets for cybercriminals, posing substantial....
7.7AI Score
Change Healthcare confirms the customer data stolen in ransomware attack
For the first time since news broke about a ransomware attack on Change Healthcare, the company has released details about the data stolen during the attack. First, a quick refresher: On February 21, 2024, Change Healthcare experienced serious system outages due to a cyberattack. The incident led.....
7.4AI Score
CVE-2024-38369 XWiki programming rights may be inherited by inclusion
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The content of a document included using {{include reference="targetdocument"/}} is executed with the right of the includer and not with the right of its author. This means that any user able...
9.9CVSS
6.8AI Score
0.0004EPSS
CVE-2024-38369 XWiki programming rights may be inherited by inclusion
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The content of a document included using {{include reference="targetdocument"/}} is executed with the right of the includer and not with the right of its author. This means that any user able...
9.9CVSS
0.0004EPSS
9.1CVSS
7AI Score
0.0004EPSS
A flaw was found in Ghostscript. When the gp_validate_path_len function validates a path, it distinguishes between absolute and relative paths. In the case of relative paths, it will check the path with and without the current-directory-prefix ("foo" and "./foo"). This does not take into account...
6.7AI Score
EPSS
CVE-2024-38373 FreeRTOS-Plus-TCP Buffer Over-Read in DNS Response Parser
FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...
9.6CVSS
0.0004EPSS
CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`
Summary ZIP files uploaded to the server-side endpoint handling a CodeChecker store are not properly sanitized. An attacker can exercise a path traversal to make the CodeChecker server load and display files from an arbitrary location on the server machine. Details Target The vulnerable endpoint...
6.5CVSS
6.7AI Score
0.0004EPSS
CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`
Summary ZIP files uploaded to the server-side endpoint handling a CodeChecker store are not properly sanitized. An attacker can exercise a path traversal to make the CodeChecker server load and display files from an arbitrary location on the server machine. Details Target The vulnerable endpoint...
6.5CVSS
6.7AI Score
0.0004EPSS
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite...
7.5CVSS
7.8AI Score
0.0004EPSS
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite...
7.5CVSS
7.7AI Score
0.0004EPSS
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite...
7.5CVSS
0.0004EPSS
A flaw was found in Ghostscript. The uniprint device allows the user to provide various string fragments as device options, which are later appended to the output file. Two parameters, upWriteComponentCommands and upYMoveCommand, are treated as format strings, specifically for gp_fprintf and...
6.5AI Score
EPSS
A flaw was found in Python's subprocess module. When creating a new subprocess, the developer may specify a list of extra groups through the 'extra_groups=` parameter. When this optional parameter is informed with an empty list, the module fails to properly clean the associated groups from the new....
6.1CVSS
6.5AI Score
0.001EPSS
Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update
Summary Identity Insight customers are advised to update IBM WebSphere Liberty Profile (WLP) to version 24.0.0.6 for security update in WLP. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) |...
9.8CVSS
7.3AI Score
0.001EPSS
CVE-2024-6287 Incorrect Address Range Calculations
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite...
7.5CVSS
0.0004EPSS
Supply Chain Attack on WordPress.org Plugins Leads to 5 Maliciously Compromised WordPress Plugins
On Monday June 24th, 2024 the Wordfence Threat Intelligence team became aware of a plugin, Social Warfare, that was injected with malicious code on June 22, 2024 based on a forum post by the WordPress.org Plugin Review team. We immediately checked the malicious file and uploaded it to our internal....
7.1AI Score
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...
0.0004EPSS
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...
6.4AI Score
0.0004EPSS
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...
0.0004EPSS
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...
6.7AI Score
0.0004EPSS
Google Introduces Project Naptime for AI-Powered Vulnerability Research
Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. "The Naptime architecture is centered around the interaction between an AI agent and a target...
8.3AI Score
7.2AI Score
0.0004EPSS
Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about an identity spoofing vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...
8.8CVSS
6.5AI Score
0.0004EPSS
Summary Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable issue. Vulnerability Details ** CVEID: CVE-2024-22353 DESCRIPTION: **IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is...
7.5CVSS
7.5AI Score
0.0004EPSS
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server. The exploitation risk is limited since CRUDDIY is meant to be launched locally. Nevertheless, a user with the project running on their computer might visit a website which...
8.8CVSS
8.9AI Score
0.0004EPSS
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server. The exploitation risk is limited since CRUDDIY is meant to be launched locally. Nevertheless, a user with the project running on their computer might visit a website which...
8.8CVSS
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: fpga: region: add owner module and take its refcount The current implementation of the fpga region assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: fpga: bridge: add owner module and take its refcount The current implementation of the fpga bridge assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for usm migrate exec queue The GuC context scheduling queue is 2 entires deep, thus it is possible for a migration job to be stuck behind a fault if migration exec queue shares engines with.....
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from reorder of WRITE ->lqueued __blkcg_rstat_flush() can be run anytime, especially when blk_cgroup_bio_start is being executed. If WRITE of ->lqueued is re-ordered with READ of 'bisc->lnod...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga manager assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: fpga: region: add owner module and take its refcount The current implementation of the fpga region assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: fpga: bridge: add owner module and take its refcount The current implementation of the fpga bridge assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idle threads Top of the kernel thread stack should be reserved for pt_regs. However this is not the case for the idle threads of the secondary boot harts. Their stacks overlap with...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from reorder of WRITE ->lqueued __blkcg_rstat_flush() can be run anytime, especially when blk_cgroup_bio_start is being executed. If WRITE of ->lqueued is re-ordered with READ of 'bisc->lnod...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idle threads Top of the kernel thread stack should be reserved for pt_regs. However this is not the case for the idle threads of the secondary boot harts. Their stacks overlap with...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for usm migrate exec queue The GuC context scheduling queue is 2 entires deep, thus it is possible for a migration job to be stuck behind a fault if migration exec queue shares engines...
6.6AI Score
0.0004EPSS