1395 matches found
GHSA-3FFF-GQW3-VJ86 Directus has an insecure object reference via PATH presets
Impact Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the POST /presets request but not in the PATCH request. When chained with...
UBUNTU-CVE-2024-45193
An issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack of validation criteria does not ensure that S n. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the...
Zip Slip
mobsf is vulnerable to Zip Slip. The vulnerability is caused due to a missing validation while extracting .a extension files. This allows an attacker to extract files to any desired location within the server running MobS...
PT-2024-32852
Name of the Vulnerable Software and Affected Versions: Bluetooth affected versions not specified Description: The issue arises from a missing check in the LL CONNECTION UPDATE IND packet, which leads to a division by zero error. This error occurs due to the lack of proper validation in the packet...
PT-2024-12465 · WordPress · The Bricks
Name of the Vulnerable Software and Affected Versions: The Bricks theme for WordPress versions up to, and including, 1.8.1 Description: The issue is due to missing or incorrect nonce validation on the save settings function, making it possible for unauthenticated attackers to modify the theme's...
Authorization Bypass
directus is vulnerable to Authorization Bypass. The vulnerability is caused due to a missing validation for the user parameter in the PATCH requests for the end point /presets. This allows an authenticated external attacker to modify presets created by the same user to assign them to another user...
PT-2024-38391 · WordPress · Download Plugins/Themes In Zip From Dashboard
Name of the Vulnerable Software and Affected Versions: Download Plugins and Themes in ZIP from Dashboard plugin for WordPress versions prior to 1.8.8 Description: The issue is due to missing or incorrect nonce validation on the download theme function, making it possible for unauthenticated...
PT-2024-27243 · Unknown · Ada Web Server
Name of the Vulnerable Software and Affected Versions: Ada Web Server version 20.0 Description: An issue was discovered in Ada Web Server when configured to use SSL, which is not the default setting. The SSL/TLS used to establish connections to external services is done without proper hostname...
PT-2024-5805 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this issue, where the target mus...
SUSE CVE-2024-7538
oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-5977 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Insecure Direct Object Reference to Authenticated (GiveWP Worker+) Arbitrary Post Actions
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.13.0 via the 'handleRequest' function due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-5080
The wp-eMember WordPress plugin before 10.6.6 does not validate files to be uploaded, which could allow admins to upload arbitrary files such as PHP on the server...
PT-2024-37531 · WordPress · Advanced Ajax Page Loader
Name of the Vulnerable Software and Affected Versions: Advanced AJAX Page Loader plugin for WordPress versions up to, and including, 2.7.7 Description: The issue is due to missing nonce validation in the admin init AAPL function and missing file type validation in the AAPL options validate...
CVE-2024-3593
The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.3. This is due to missing or incorrect nonce validation on the ubermenudeleteallitemsettings and ubermenuresetsettings functions. This makes it possible for unauthenticated...
CVE-2024-5468
The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stmhbdelete function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to...
WordPress plugin Simple Staff List security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
PT-2024-21862 · Samsung · Exynos 1280 +4
Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor Exynos 980 Samsung Mobile Processor Exynos 850 Samsung Mobile Processor Exynos 1280 Samsung Mobile Processor Exynos 1380 Samsung Mobile Processor Exynos 1330 Description: An issue was discovered in the function slsi n...
PT-2024-28510 · WordPress · Wp To Do
Name of the Vulnerable Software and Affected Versions: WP To Do plugin for WordPress versions up to, and including, 1.3.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the wptodo settings function. This allows unauthenticated...
PT-2024-6470 · Unknown · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...
PT-2024-30162 · WordPress · The Tutor Lms
Name of the Vulnerable Software and Affected Versions: The Tutor LMS – eLearning and online course solution plugin for WordPress versions up to, and including, 2.7.0 Description: The issue allows authenticated attackers with Instructor-level permissions and above to delete any course due to missi...