CVE-2024-5208 Uncontrolled Resource Consumption in mintplex-labs/anything-llm
An uncontrolled resource consumption vulnerability exists in the upload-link endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service (DOS) by shutting down the server through sending invalid upload requests. Specifically, the server can be made to...
6.5CVSS
7.2AI Score
0.0004EPSS
CVE-2024-5208 Uncontrolled Resource Consumption in mintplex-labs/anything-llm
An uncontrolled resource consumption vulnerability exists in the upload-link endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service (DOS) by shutting down the server through sending invalid upload requests. Specifically, the server can be made to...
6.5CVSS
0.0004EPSS
The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's tab anchor metabox in all versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
6.4CVSS
0.0004EPSS
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,.....
7.5AI Score
0.0004EPSS
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw...
8.8CVSS
0.001EPSS
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw...
8.8CVSS
9AI Score
0.001EPSS
7.4AI Score
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6840-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6840-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...
8AI Score
0.0004EPSS
Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...
8.3AI Score
0.0004EPSS
Moodle < 4.1.11, 4.2.x < 4.2.8, 4.3.x < 4.3.5, 4.4.x < 4.4.1 Multiple Vulnerabilities
Moodle is prone to multiple...
7.3AI Score
0.0004EPSS
CentOS 7 : firefox (RHSA-2024:3951)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3951 advisory. If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects...
7.5AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
CVE-2024-6145 Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw...
8.8CVSS
0.001EPSS
Moodle HTTP authorization header is preserved between "emulated redirects"
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect...
6.5AI Score
0.0004EPSS
Dolibarr arbitrary file upload vulnerability
An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL...
7.7AI Score
0.0004EPSS
Dolibarr arbitrary file upload vulnerability
An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL...
7.7AI Score
0.0004EPSS
Moodle HTTP authorization header is preserved between "emulated redirects"
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect...
6.5AI Score
0.0004EPSS
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect...
6.2AI Score
0.0004EPSS
An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL...
8AI Score
0.0004EPSS
An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL...
0.0004EPSS
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect...
0.0004EPSS
CVE-2024-38275 moodle: HTTP authorization header is preserved between "emulated redirects"
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect...
0.0004EPSS
Helpful tools to get started in IoT Assessments
The Internet of Things (IoT) can be a daunting field to get into. With many different tools and products available on the market it can be confusing to even know where to start. Having performed dozens of IoT assessments, I felt it would be beneficial to compile a basic list of items that are...
6.9AI Score
Exploring malicious Windows drivers (Part 2): the I/O system, IRPs, stack locations, IOCTLs and more
This blog post is part of a multi-part series, and it is highly recommended to read the first entry here before continuing. As the second entry in our "Exploring malicious Windows drivers" series, we will continue where the first left off: Discussing the I/O system and IRPs. We will expand on...
6.6AI Score
XWiki < 4.10.20 - Remote code execution
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed....
10CVSS
7.6AI Score
0.001EPSS
XWiki < 4.10.15 - Information Disclosure
The Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all documents of all wikis to anybody who has access to it, by default it is public. This exposes all information stored in the wiki (but not some protected...
7.5CVSS
6.3AI Score
0.508EPSS
CrateDB Database - Arbitrary File Read
CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY.....
6.5CVSS
7AI Score
0.052EPSS
Smart s200 Management Platform v.S200 - SQL Injection
SQL Injection vulnerability in Baizhuo Network Smart s200 Management Platform v.S200 allows a local attacker to obtain sensitive information and escalate privileges via the /importexport.php...
7.5AI Score
0.001EPSS
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser.This issue affects Apache...
6.1AI Score
0.0004EPSS
LyLme-Spage - Arbitary File Upload
An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted...
7.7AI Score
EPSS
Sensitive Information Disclosure
urllib3 is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper handling of the Proxy-Authorization header, which is not removed on cross-origin redirects, which could allow an attacker to expose sensntive authentication material to unintended hosts. Note that this.....
4.4CVSS
4.7AI Score
0.0004EPSS
PaperCut MF EmailRenderer Server-Side Template Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut MF. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the EmailRenderer class. The...
7.2CVSS
7.8AI Score
0.001EPSS
(0Day) Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. A crafted Cookie header in an HTTP request can...
8.8CVSS
7.5AI Score
0.001EPSS
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect...
6.3AI Score
0.0004EPSS
An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL...
7.2AI Score
0.0004EPSS
An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL...
0.0004EPSS
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin...
4.4CVSS
4.5AI Score
0.0004EPSS
A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the 'server.maxHeadersCount' threshold could be used to crash a ws server, leading to a denial of service. Mitigation The issue can be mitigated by reducing the maximum allowed length of the request...
7.5CVSS
7.2AI Score
0.0004EPSS
urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects
When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...
4.4CVSS
7AI Score
0.0004EPSS
urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects
When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...
4.4CVSS
4.8AI Score
0.0004EPSS
ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in [email protected] (e55e510) and backported to [email protected] (22c2876), [email protected] (eeb76d3), and...
7.5CVSS
7.4AI Score
0.0004EPSS
ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in [email protected] (e55e510) and backported to [email protected] (22c2876), [email protected] (eeb76d3), and...
7.5CVSS
7.4AI Score
0.0004EPSS
urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to...
4.4CVSS
0.0004EPSS
urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to...
4.4CVSS
4.8AI Score
0.0004EPSS
ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in [email protected] (e55e510) and backported to [email protected] (22c2876), [email protected] (eeb76d3), and...
7.5CVSS
0.0004EPSS
urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to...
4.4CVSS
4.6AI Score
0.0004EPSS
ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in [email protected] (e55e510) and backported to [email protected] (22c2876), [email protected] (eeb76d3), and...
7.5CVSS
7.5AI Score
0.0004EPSS
urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to...
4.4CVSS
4.8AI Score
0.0004EPSS
Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities
Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details **...
8.2CVSS
9.7AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 conversion from inline inode format to a normal...
7.5AI Score
0.0004EPSS