CVE-2024-32041 FreeRDP OutOfBound Read in zgfx_decompress_segment

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...

PT-2024-23735 · Nanomq · Nanomq

Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.21.7 Description: A heap-buffer-overflow issue in the read byte function allows attackers to cause a denial of service via transmission of crafted hexstreams. Recommendations: For NanoMQ version 0.21.7, consider disabling the...

PT-2024-21614

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-05205-g77fadd89fe2d-dirty 213 Description The issue arises when the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to itself, resulting in a qdisc lock deadlock. Thi...

CVE-2023-47634 Decidim has race condition in Endorsements

Decidim is a participatory democracy framework. Starting in version 0.10.0 and prior to versions 0.26.9, 0.27.5, and 0.28.0, a race condition in the endorsement of resources for instance, a proposal allows a user to make more than once endorsement. To exploit this vulnerability, the request to se...

PT-2024-13948 · Ebyte · Ebyte E880-Ir01-V1.1

Name of the Vulnerable Software and Affected Versions: EBYTE E880-IR01-V1.1 Description: An issue discovered in the software allows an attacker to obtain sensitive information via a crafted POST request to the "/cgi-bin/luci" API endpoint. The POST request is used to exploit this issue, but...

CVE-2024-21631 Integer overflow in URI leading to potential host spoofing

Vapor is an HTTP web framework for Swift. Prior to version 4.90.0, Vapor's vaporurlparserparse function uses uint16t indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs. This vulnerability does not affect Vapor directly but could impact...

RakRak Document Plus vulnerable to path traversal

Overview RakRak Document Plus provided by Sumitomo Electric Information Systems Co., Ltd. contains a path traversal vulnerability CWE-22. Asato Masamu of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

PT-2023-29089 · Unknown · Pgyer Codefever

Name of the Vulnerable Software and Affected Versions: PGYER codefever version 2023.8.14-2ce4006 Description: An issue in the code allows a remote attacker to execute arbitrary code via a crafted request to the branchList component. Recommendations: For version 2023.8.14-2ce4006, as a temporary...

CVE-2023-29530 Laminas Diactoros vulnerable to HTTP Multiline Header Termination

Laminas Diactoros provides PSR HTTP Message implementations. In versions 2.18.0 and prior, 2.19.0, 2.20.0, 2.21.0, 2.22.0, 2.23.0, 2.24.0, and 2.25.0, users who create HTTP requests or responses using laminas/laminas-diactoros, when providing a newline at the start or end of a header key or value...

CVE-2023-24820 RIOT-OS vulnerable to Integer Underflow during IPHC receive

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create a hard fault...

PT-2023-19804 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device,...

PT-2023-22300 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 13.10.11 XWiki Platform versions prior to 14.4.8 XWiki Platform versions prior to 14.10.2 XWiki Platform versions prior to 15.0-rc-1 Description: Any user with view rights can execute arbitrary Groovy, Python ...

CVE-2023-28438

Pimcore is an open source data and experience management platform. Prior to version 10.5.19, since a user with 'report' permission can already write arbitrary SQL queries and given the fact that this endpoint is using the GET method no CSRF protection, an attacker can inject an arbitrary query by...

PT-2023-20687

Name of the Vulnerable Software and Affected Versions Samsung Baseband Modem Chipset for Exynos Modem 5123 Samsung Baseband Modem Chipset for Exynos Modem 5300 Samsung Baseband Modem Chipset for Exynos 980 Samsung Baseband Modem Chipset for Exynos 1080 Samsung Baseband Modem Chipset for Exynos Au...

CVE-2023-27476 XML External Entity (XXE) Injection in OWSLib

OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service interface standards, and their related content models. OWSLib's XML parser which supports both lxml and xml.etree does not disable entity resolution, and could lead to arbitrary file reads from an...

PT-2023-21153 · Xml.Etree +2 · Xml.Etree +2

Name of the Vulnerable Software and Affected Versions: OWSLib versions prior to 0.28.1 Description: The XML parser in OWSLib does not disable entity resolution, which could lead to arbitrary file reads from an attacker-controlled XML payload. This issue affects all XML parsing in the codebase. Th...

CVE-2023-25656 notation-go has excessive memory allocation on verification

notation-go is a collection of libraries for supporting Notation sign, verify, push, and pull of oci artifacts. Prior to version 1.0.0-rc.3, notation-go users will find their application using excessive memory when verifying signatures. The application will be killed, and thus availability is...

CVE-2023-23618 gitk can inadvertently call executables in the worktree

Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when gitk is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running...

CVE-2023-23615 Malicious users in Discourse can create spam topics as any user due to improper access control

Discourse is an open source discussion platform. The embeddable comments can be exploited to create new topics as any user but without any clear title or content. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. As a workaround, disable embeddable comments ...

PT-2025-13328 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc6+ Description: A synchronization issue exists in the Linux kernel's fscache module. The freeing of a relinquished volume wakes up pending volume acquisition using wake up bit, but this is mismatched wit...