CVE-2024-52802

RIOT is an operating system for internet of things IoT devices. In version 2024.04 and prior, the function parseadvertise, located in /sys/net/applicationlayer/dhcpv6/client.c, has no minimum header length check for dhcpv6optt after processing dhcpv6msgt. This omission could lead to an out-of-bou...

RIOT 缓冲区错误漏洞

RIOT is RIOT's open source set of operating systems for applications in the Internet of Things IoT space. A buffer error vulnerability exists in RIOT 2024.04 and prior versions that stems from the lack of a minimum header length check, which could lead to remote reading and thus system...

CVE-2024-47173 Aimeos GraphQL API admin interface denial of service vulnerability in SaaS and marketplace setups

Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. Version 2024.07.2 fixes the issue...

Aimeos 安全漏洞

Aimeos is an open source e-commerce framework for online stores from Aimeos Open Source. A security vulnerability exists in Aimeos version 2024.04 through versions prior to 2024.07.1. An attacker exploiting this vulnerability could cause a denial of service on the system...

CVE-2024-37294 Aimeos denial of service vulnerability in SaaS and marketplace setups

Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-core package to...

PT-2024-27166 · Unknown · Aimeos-Core

Name of the Vulnerable Software and Affected Versions: aimeos-core version 2024.04 Description: An arbitrary file upload vulnerability in the image upload function allows attackers to execute arbitrary code via uploading a crafted PHP file. Recommendations: For version 2024.04, update to a versio...

Archer Platform 安全漏洞

Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists prior to Archer Platform version 6 2024.04 that stems from the presence of a stored cross-site scripting XSS vulnerability...

PT-2024-25699 · Rsa · Archer Platform

Name of the Vulnerable Software and Affected Versions: Archer Platform versions prior to 2024.04 Archer Platform version 6.14.0.3 is a fixed release, implying versions prior to 6.14.0.3 are also vulnerable, but since 6.14.0.3 is mentioned as a fixed release and it is part of the versions prior to...

Archer Platform 安全漏洞

Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists prior to Archer Platform version 6 2024.04 that stems from the presence of a stored cross-site scripting XSS vulnerability...

Archer Platform 安全漏洞

Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists prior to Archer Platform version 6 2024.04 that stems from the presence of a stored cross-site scripting XSS vulnerability...

Archer Platform 安全漏洞

Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists prior to Archer Platform version 6 2024.04 that stems from improper authentication handling...