PT-2024-39134

Name of the Vulnerable Software and Affected Versions: JobSearch WP Job Board plugin for WordPress versions up to, and including, 2.6.7 Description: The issue is related to missing file type validation in the jobsearch wp handle upload function, allowing authenticated attackers with...

SQL Injection

centreon/centreon is vulnerable to SQL Injection. The vulnerability is caused due to a missing validation while constructing SQL queries...

kernel: virtio-net: tun: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

Zip Slip

mobsf is vulnerable to Zip Slip. The vulnerability is caused due to a missing validation while extracting .a extension files. This allows an attacker to extract files to any desired location within the server running MobS...

Authorization Bypass

directus is vulnerable to Authorization Bypass. The vulnerability is caused due to a missing validation for the user parameter in the PATCH requests for the end point /presets. This allows an authenticated external attacker to modify presets created by the same user to assign them to another user...

PT-2024-5805 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this issue, where the target mus...

SUSE CVE-2024-7538

oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-5977 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Insecure Direct Object Reference to Authenticated (GiveWP Worker+) Arbitrary Post Actions

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.13.0 via the 'handleRequest' function due to missing validation on a user controlled key. This makes it possible for authenticated...

CVE-2024-3748 SP Project & Document Manager <= 4.71 - Data Update via IDOR

The SP Project & Document Manager WordPress plugin through 4.71 is missing validation in its upload function, allowing a user to manipulate the userid to make it appear that a file was uploaded by another user...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when a previously called buffer size is used without validation or reinitialization...

PT-2024-7754 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this issue, where the target mus...

GHSA-F5X3-32G6-XQ36 Denial of service while parsing a tar file due to lack of folders count validation

Description: During some analysis today on npm's node-tar package I came across the folder creation process, Basicly if you provide node-tar with a path like this ./a/b/c/foo.txt it would create every folder and sub-folder here a, b and c until it reaches the last folder to create foo.txt, In-thi...

PT-2024-18517 · Mediatek +1 · Mt6739 +19

Name of the Vulnerable Software and Affected Versions: In da affected versions not specified Description: The issue is related to a possible out of bounds write due to lack of validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is...

SUSE CVE-2024-1151

A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result,...

DEBIAN-CVE-2024-1151

A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result,...

PT-2024-20000 · Lemmy · Lemmy

Name of the Vulnerable Software and Affected Versions: Lemmy versions 0.17.0 through 0.19.0 Description: The issue allows any authenticated user to obtain arbitrary private message contents by creating a private message report. This is possible because the API response to creating a private messa...

CVE-2023-0079

The Customer Reviews for WooCommerce WordPress plugin before 5.17.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

PT-2023-31295 · Unknown · Job Portal

Name of the Vulnerable Software and Affected Versions: Job Portal version 1.0 Description: The issue concerns an Unauthenticated SQL Injection vulnerability. Specifically, the txtTotal parameter of the "Employer/InsertWalkin.php" resource does not validate the characters received, and they are se...

PT-2023-32441 · WordPress · Welcart E-Commerce

Name of the Vulnerable Software and Affected Versions: Welcart e-Commerce WordPress plugin versions prior to 2.9.5 Description: The issue arises from the lack of file validation for uploads and the absence of authorization and CSRF protection in an AJAX action handling file uploads. This allows a...

kernel: Linux kernel: Denial of Service in vmwgfx due to invalid DMA surface copies

A flaw was discovered in the Linux kernel’s DRM vmwgfx driver related to how cursor images are snooped and copied. When the dimensions of a DMA surface copybox were derived from untrusted userspace data without proper validation against the expected snooped cursor size, an invalid size could caus...