CVE-2024-25978

CVE-2024-25978 : Moodle is affected by a denial-of-service risk due to insufficient file size checks in the file picker’s unzip functionality. The available connected documents confirm the vulnerability and its impact but do not provide concrete technical details such as affected versions or exac...

CVE-2024-25978 Msa-24-0001: denial of service risk in file picker unzip functionality

Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality...

Remote Code Execution (RCE)

redaxo/source is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of user-supplied input within the 'Template' functionality with in modules.modules.php, which allows attackers to execute arbitrary code...

CVE-2024-21915 Rockwell Automation FactoryTalk® Service Platform Elevated Privileges Vulnerability Through Web Service Functionality

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform FTSP. If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read an...

[SECURITY] Fedora 38 Update: rust-userfaultfd-0.8.1-2.fc38

Rust bindings for the Linux userfaultfd functionality...

PT-2024-3880 · Automationdirect · Automationdirect P3-550E

Name of the Vulnerable Software and Affected Versions: AutomationDirect P3-550E version 1.2.10.9 Description: The issue is related to a heap-based buffer overflow vulnerability in the Programming Software Connection CurrDir functionality. This can be triggered by a specially crafted network packe...

Authorization Bypass

pixelfed/pixelfed is vulnerable to Authorization Bypass. The vulnerability is due to insufficient checks during request processing, allowing attackers to access and potentially modify administrative and moderator functionalities beyond intended user permissions...

CVE-2024-25108 Insufficient authorization allowing elevated access to resources in pixelfed

Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This...

[SECURITY] Fedora 39 Update: rust-userfaultfd-0.8.1-2.fc39

Rust bindings for the Linux userfaultfd functionality...

Cross Site Scripting (XSS)

com.liferay.portal:release.portal.bom and com.liferay.portal:release.dxp.bom are vulnerable to Cross Site Scripting XSS. The vulnerability is due to lack of user input validation within the search functionality if highlighting is disabled by adding any searchable content to the application...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2024:0395-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0395-1 advisory. - A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe/TCP subsystem in...

CVE-2024-24577

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitindexadd can cause heap corruption that could be leveraged for arbitrary code execution. There...

Improper access control

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially causing a Denial ...

CVE-2024-24575 libgit2 is vulnerable to a denial of service attack in `git_revparse_single`

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially causing a Denial ...

CVE-2023-43482

A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...

Command injection

A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...

Total Upkeep < 1.15.9 - Improper Authorization to Unauthenticated Arbitrary File Download

Description The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check in all versions up to, and including, 1.15.8. This makes it possible for unauthenticated attackers to...

SUSE SLES15 Security Update : kernel RT (Live Patch 5 for SLE 15 SP5) (SUSE-SU-2024:0348-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0348-1 advisory. - A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe-oF/TCP subsystem...

CVE-2024-0797 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store <= 1.0.6.1 - Missing Authorization

The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible fo...

CVE-2024-22208 phpMyFAQ sharing FAQ functionality can easily be abused for phishing purposes

phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The 'sharing FAQ' functionality allows any unauthenticated actor to misuse the phpMyFAQ application to send arbitrary emails to a large range of targets. The phpMyFAQ application has a...