CVE-2023-27361

Summary: CVE-2023-27361 affects NETGEAR RAX30 with a JSON parsing vulnerability in the rex_cgi component, causing a stack-based buffer overflow that can lead to remote code execution in the context of root. The flaw stems from insufficient validation of user-supplied JSON data length before copyi...

CVE-2023-27333

CVE-2023-27333 concerns TP-Link Archer AX21 routers. The vulnerability is a stack-based buffer overflow in the tmpServer service when handling command 0x422, caused by improper validation of user-supplied data length copying into a fixed-length stack buffer. Exploitation could allow remote code e...

CVE-2023-41222 D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability...

WordPress Follow Us Badges plugin <= 3.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpsite_follow_us_badges Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wpsitefollowusbadges Shortcode vulnerability discovered by Lucio Sá in WordPress Plugin Follow Us Badges versions = 3.1.10...

CVE-2023-51631

D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerabilit...

CVE-2023-51631

D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerabilit...

PT-2024-22669 · Sonicwall · Gms

Name of the Vulnerable Software and Affected Versions: GMS versions 9.3.4 and earlier Description: The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity XXE injection, potentially resulting in the disclosure of sensitive information. This issue could allow...

PT-2024-15859 · Grandstream · Grandstream Ucm Series Ip Pbx

Name of the Vulnerable Software and Affected Versions: Grandstream UCM Series IP PBX versions prior to 1.0.20.52 Description: The issue is related to a parameter injection vulnerability in the HTTP interface. A remote and authenticated attacker can execute arbitrary code by sending a crafted HTTP...

CVE-2023-50361

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...

Ivanti Avalanche WLAvalancheService Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The specific flaw exists within the WLAvalancheService, which listens on TCP port 1777 by default. The issue results from t...

Ivanti Avalanche InstallPackageThread Time-Of-Check Time-Of-Use Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The specific flaw exists within the InstallPackageThread class. The issue results from the lack of proper locking when...

Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The specific flaw exists within the WLAvalancheService, which listens on TCP port 1777 by default. The issue...

CVE-2024-29003

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction...

CVE-2024-29001

A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be exploited...

PT-2024-3481 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: The issue is related to a XSS vulnerability in the maps section of the user interface. This vulnerability requires authentication and user interaction to be exploited. It may...

PT-2024-3094 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: A vulnerability was identified in the user interface of the SolarWinds Platform, related to a SWQL injection issue. This vulnerability requires authentication and user interacti...

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service, or to execute a Cross-Site Scripting attack. Such an attack could result in execution of arbitrary code in the victim's...

CVE-2024-2539

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget 'id' attributes in all versions up to, and including, 8.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-2792

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in all versions up to, and including, 1.13.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

CVE-2024-25697

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link which when opening an authenticated users bio page will render an image in the victims browser. The privileges required to execute...