36997 matches found
CVE-2024-31465
XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.20, 15.5.4, and 15.9-rc-1, any user with edit right on any page can execute any code on the server by adding an object of type XWiki.SearchSuggestSourceClass to their user profile or any other page...
CVE-2024-31988
XWiki Platform is a generic wiki platform. Starting in version 13.9-rc-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, when the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, b...
CVE-2024-31984
XWiki Platform is a generic wiki platform. Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, by creating a document with a specially crafted title, it is possible to trigger remote code execution in the Solr-based search in XWiki. This allows any user who can edi...
CVE-2024-8049
In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 2024.4.1106, importing a document with unsupported features can lead to excessive processing, leading to excessive use of computing resources leaving the application process unavailable...
CVE-2024-2965
A Denial-of-Service DoS vulnerability exists in the SitemapLoader class of the langchain-ai/langchain repository, affecting all versions. The parsesitemap method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion when a sitemap URL refers to the...
CVE-2024-8652
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific path on the site. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ https://netcat.ru/ . Versions 6.4.0.24248 and o...
CVE-2024-56453
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-56448
Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-56455
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-56446
Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-56452
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-56437
Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-56438
Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-56456
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-56450
Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-56454
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-54105
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-54114
Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-54109
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-54101
Denial of service DoS vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability...