6667 matches found
WordPress Houzez Theme - Functionality Plugin <= 3.2.2 is vulnerable to SQL Injection
Software Houzez Theme - Functionality Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.2.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5793 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 838e09ac4d68 Credits István Márton Required privilege Sell...
CVE-2023-46685
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A set of specially crafted network packets can lead to arbitrary command execution...
CVE-2023-49867
CVE-2023-49867 describes a stack-based buffer overflow in the Realtek rtl819x Jungle SDK v3.4.11, specifically the boa web server API /boafrm/formWsc. The vulnerability stems from an unsafe handling of the targetAPMac parameter: the code copies hexadecimal characters into a stack buffer (targetAP...
Experts Warn of Mekotio Banking Trojan Targeting Latin American Countries
Financial institutions in Latin America are being threatened by a banking trojan called Mekotio aka Melcoz. That's according to findings from Trend Micro, which said it recently observed a surge in cyber attacks distributing the Windows malware. Mekotio, known to be actively put to use since 2015...
PT-2024-13231 · Realtek · Realtek Rtl819X Jungle Sdk
Name of the Vulnerable Software and Affected Versions: Realtek rtl819x Jungle SDK version 3.4.11 Description: A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality. This can be triggered by a specially crafted series of network requests, potentially leading t...
PT-2024-13933
Name of the Vulnerable Software and Affected Versions: Realtek rtl819x Jungle SDK version 3.4.11 Description: Three os command injection vulnerabilities exist in the boa formWsc functionality. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can sen...
Broken Access Control
TYPO3 is vulnerable to Broken Access Control. The vulnerability is due to regular backend users having access to import functionality that is typically restricted to admin users or users with specific User TSconfig settings enabled options.impexp.enableImportForNonAdminUser...
Trend Micro Apex One modOSCE SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is required to exploit this vulnerability. The specific flaw exists within the client management functionality. The issue results from the lack of proper validati...
Improper Access Control
github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is due to the createPost function not preventing users from specifying a RemoteId for their posts, allowing attackers to create posts with user-defined post IDs. Attackers can use this to cause...
MetaMask: Missing Line Terminator on allowedOrigins enables origin spoofing
The vulnerability identified by @pkkr was related to the Snaps allowedOrigins functionality, which allows Snap developers to control which origins can interact with certain Snap APIs. Due to a missing regex terminator, the origin control could be bypassed, enabling a malicious domain to access...
CVE-2024-6428
CVE-2024-6428 affects Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x
CVE-2024-6428 Limited DoS due to permitting creating users with user-defined IDs
Mattermost versions 9.8.0, 9.7.x = 9.7.4, 9.6.x = 9.6.2, 9.5.x = 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken...
CVE-2024-39361 Creating posts with user-defined IDs permitted in CreatePost API
Mattermost versions 9.8.0, 9.7.x = 9.7.4, 9.6.x = 9.6.2 and 9.5.x = 9.5.5 fail to prevent users from specifying a RemoteId for their posts which allows an attacker to specify both a remoteId and the post ID, resulting in creating a post with a user-defined post ID. This can cause some broken...
CVE-2024-39361
CVE-2024-39361 affects Mattermost 9.8.0, 9.7.x up to 9.7.4, 9.6.x up to 9.6.2, and 9.5.x up to 9.5.5. The issue is that the CreatePost API does not prevent users from supplying a RemoteId for posts, allowing an attacker to specify both a remoteId and the post ID and thereby create posts with user...
CBL Mariner 2.0 Security Update: mysql / rust / cmake / curl / tensorflow (CVE-2023-23914)
The version of mysql / rust / cmake / curl / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-23914 advisory. - A cleartext transmission of sensitive information vulnerability exists in...
Progress Software WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability
This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The specific flaw exists within the SessionControler class. The issue results from the lack ...
CVE-2024-3826 Broken SAML Validation
In versions of Akana in versions prior to and including 2022.1.3 validation is broken when using the SAML Single Sign-On SSO functionality...
CVE-2024-39348
Download of code without integrity check vulnerability in AirPrint functionality in Synology Router Manager SRM before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors...
CVE-2024-39347
Incorrect default permissions vulnerability in firewall functionality in Synology Router Manager SRM before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to access highly sensitive intranet resources via unspecified vectors...
CVE-2024-39348
CVE-2024-39348 affects Synology Router Manager (SRM) by a vulnerability in the AirPrint functionality where code is downloaded without integrity checks. This can allow a remote attacker to execute arbitrary code via unspecified vectors, with network access and user interaction required. Affected ...