CVE-2024-54214

Unrestricted Upload of File with Dangerous Type vulnerability in roninwp Revy revy allows Upload a Web Shell to a Web Server.This issue affects Revy: from n/a through = 1.18...

Veeam Service Provider Console 安全漏洞

Veeam Service Provider Console is a cloud-enabled platform from Veeam USA. A security vulnerability exists in Veeam Service Provider Console. An attacker could exploit the vulnerability to delete arbitrary files on the VSPC server machine...

CVE-2024-8672 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution

The Widget Options – The 1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin allowing users to supply inp...

Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path

A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file that is not within the expected context. This attacker must have previous high access to the Keycloak server in order to perform resource creation, for example, an LDAP provider...

Exploit for Code Injection in Vmware Spring_Cloud_Data_Flow

CVE-2024-37084 Vulnerability Exploitation Example PoC CVE-2...

CVE-2024-9422

The GEO my WP WordPress plugin (prior to v4.5) and its companion gmw-premium-settings (prior to v3.1) suffer from insufficient validation of uploaded files, allowing attackers to upload arbitrary files (e.g., PHP) to the server and potentially enable remote attacks. Remediation: update to GEO my ...

Exploit for CVE-2023-38646

Metabase Pre-Authentication RCE CVE-2023-38646 CVE-2023-38...

CVE-2024-52581 Litestar allows unbounded resource consumption (DoS vulnerability)

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 2.13.0, the multipart form parser shipped with litestar expects the entire request body as a single byte string and there is no default limit for the total size of the request body. This allows an attacker to...

CVE-2024-52292 Craft Allows Attackers to Read Arbitrary System Files

Craft is a content management system CMS. The dataUrl function can be exploited if an attacker has write permissions on system notification templates. This function accepts an absolute file path, reads the file's content, and converts it into a Base64-encoded string. By embedding this function...

CVE-2024-52292 Craft Allows Attackers to Read Arbitrary System Files

Craft is a content management system CMS. The dataUrl function can be exploited if an attacker has write permissions on system notification templates. This function accepts an absolute file path, reads the file's content, and converts it into a Base64-encoded string. By embedding this function...

Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server

When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthenticationProvider, which...

GHSA-F3F8-VX3W-HP5Q codechecker vulnerable to authentication bypass when using specifically crafted URLs

Summary Authentication bypass occurs when the API URL ends with Authentication, Configuration or ServerInfo. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. Details All...

cgi.force_redirect configuration is bypassable due to the environment variable collision

...

SUSE-SU-2024:3843-1 Security update for 389-ds

This update for 389-ds fixes the following issues: - Persist extracted key path for ldapsslclientinit over repeat invocations bsc1230852 - Re-enable use of .dsrc basedn for dsidm commands bsc1231462 - Update to version 2.2.10git18.20ce9289: RFE: Use previously extracted key path Update dsidm to...

CVE-2024-39332

Webswing 23.2.2 is affected. The vulnerability allows remote attackers to modify client-side JavaScript, enabling path traversal and likely remote code execution through modification of server shell scripts. Affected component: Webswing (version 23.2.2). Root cause: server-side handling that perm...

[SECURITY] [DSA 5800-1] xorg-server security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5800-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 29, 2024 https://www.debian.org/security/faq -...

[SECURITY] [DLA 3940-1] xorg-server security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3940-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 29, 2024 https://wiki.debian.org/LTS -...

CVE-2024-8392

CVE-2024-8392 affects WordPress plugin “Sogrid” (Post Grid Layouts with Pagination) for WordPress. The vulnerability is a Local File Inclusion (LFI) via the tab parameter in all versions up to and including 1.5.2, requiring Administrator-level access or higher. This enables an authenticated attac...

PT-2024-16131 · Wildfly · Wildfly

Name of the Vulnerable Software and Affected Versions: Wildfly affected versions not specified Description: A flaw in the Wildfly deployment system allows a user to perform Cross-site scripting, enabling an attacker or insider to execute a deployment with a malicious payload. This could trigger...

CVE-2024-49367 Nginx UI's log path can be controlled

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, the log path of nginxui is controllable. This issue can be combined with the directory traversal at /api/configs to read directories and file contents on the server. Version 2.0.0-beta.36 fixes the issue...