ROOT-APP-MAVEN-CVE-2024-24549 CVE-2024-24549 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2024-24549 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2024-34750 CVE-2024-34750 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2024-34750 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2024-23672 CVE-2024-23672 in io.root.org.apache.tomcat.embed:tomcat-embed-websocket - Patched by Root

Root has patched CVE-2024-23672 in the io.root.org.apache.tomcat.embed:tomcat-embed-websocket package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2024-38809 CVE-2024-38809 in io.root.org.springframework:spring-web - Patched by Root

Root has patched CVE-2024-38809 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2024-22243 CVE-2024-22243 in io.root.org.springframework:spring-web - Patched by Root

Root has patched CVE-2024-22243 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2024-38828 CVE-2024-38828 in io.root.org.springframework:spring-webmvc - Patched by Root

Root has patched CVE-2024-38828 in the io.root.org.springframework:spring-webmvc package for Root:Maven. Multiple fixed versions available...

CVE-2024-31420 vulnerabilities

Vulnerabilities for packages: virt-operator-fips, virt-controller-fips...

CVE-2024-33394 vulnerabilities

Vulnerabilities for packages: virt-operator-fips, virt-controller-fips...

CVE-2024-1485 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips...

Memos 0.13.2 - Server-Side Request Forgery

SSRF vulnerabilities exist in the memos API service /o/get/httpmeta that allow unauthenticated and authenticated users to enumerate and read from the internal network. In addition, one SSRF vulnerability leads to a reflected XSS vulnerability, which may allow an attacker complete control over the...

TotoLink Router setMacFilterRules - Command Injection

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setMacFilterRules function. id: CVE-2024-24328 info: name: TotoLink Router setMacFilterRules - Command Injection author: pussycat0x severity: critical description: |...

WP Extended < 3.0.0 - Stored Cross-Site Scripting

The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

Templately <= 3.1.2 - Broken Access Control

Templately allow an attacker to logout users who signed in to their templately account, so you can sign in your templately account to exploit this vulnerability. Go to http://IP/wordpress/wp-admin/admin.php?page=templately&path=sign-in to sign in then logout. id: CVE-2024-47308 info: name:...

Swift Performance Lite < 2.3.7.2 - Local PHP File Inclusion

A vulnerability in Swift Performance Lite before version 2.3.7.2 allows unauthenticated attackers to perform local PHP file inclusion via the 'ajaxify' parameter. This can lead to arbitrary code execution on the server. id: CVE-2024-10516 info: name: Swift Performance Lite 2.3.7.2 - Local PHP Fil...

WordPress Download Manager < 3.3.07 - Unauthenticated Data Exposure

The WordPress Download Manager plugin before version 3.3.07 does not prevent directory listing on web servers that don't use htaccess, allowing unauthorized access to files stored in the download-manager-files directory. id: CVE-2024-13126 info: name: WordPress Download Manager 3.3.07 -...

Jan v0.4.12 'readFileSync' - Path Traversal

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface. id: CVE-2024-36857 info: name: Jan v0.4.12 'readFileSync' - Path Traversal author: Yusuf Amr severity: high description: | Jan v0.4.12 was discovered to contain an arbitrary file rea...

WordPress Stacks Mobile App Builder <=5.2.3 - Authentication Bypass

Stacks Mobile App Builder WordPress plugin ≤ 5.2.3 suffers from an authentication bypass vulnerability via improper handling of query parameters, allowing attackers to impersonate arbitrary users. id: CVE-2024-50477 info: name: WordPress Stacks Mobile App Builder =5.2.3 - Authentication Bypass...

LearnDash LMS < 4.10.2 - Sensitive Information Exposure via assignments

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads. id:...

Flowise 1.4.3 - Arbitrary File Read

Flowise 1.4.3 contains a path traversal caused by lack of sanitization of 'fileName' parameter in /api/v1/openai-assistants-file endpoint in index.ts, letting attackers read arbitrary files, exploit requires attacker to send crafted request. id: CVE-2024-36420 info: name: Flowise 1.4.3 - Arbitrar...

Rocket.Chat - Server-Side Request Forgery (SSRF)

A Server-Side Request Forgery SSRF affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1. id: CVE-2024-39713 info: name: Rocket.Chat - Server-Side Request Forgery SSRF author: iamnoooob,rootxharsh,pdresearch severity: high description: | A Server-Side Request Forgery SSRF affects...