368431 matches found
CVE-2024-56531
CVE-2024-56531 : In the Linux kernel, ALSA: caiaq had a vulnerability where the USB disconnect callback could block USB ioctls due to using snd_card_free() (waiting for all fds to close). The fix replaces snd_card_free() with snd_card_free_when_closed(), enabling asynchronous resource release and...
CVE-2023-38507
CVE-2023-38507 affects Strapi up to version 4.12.0 (prior to 4.12.1) and describes an improper rate-limiting mechanism on the admin login that could be circumvented, enabling brute-force login attempts. Multiple connected documents corroborate that the vulnerability stems from a login-rate-limit ...
CVE-2023-39239
The CVE-2023-39239 entry concerns an authenticated/remote (sources vary on privilege) format string vulnerability in the General function API (apply.cgi) of ASUS RT-AX56U V2. The flaw arises from lack of input validation for a specific value in apply.cgi, enabling remote code execution or disrupt...
CVE-2023-36829
Sentry CORS misconfiguration (CVE-2023-36829): in versions 23.6.0 through
CVE-2023-37266
CasaOS suffers an authentication bypass via crafted JWTs in versions before 0.4.4. Unauthenticated attackers can exploit weak/random JWT handling to access features that require authentication and potentially execute commands as root on affected instances. The underlying issue is tied to inadequa...
CVE-2023-31015
CVE-2023-31015 affects NVIDIA DGX H100 BMC REST service. The root cause is an improper authentication flaw in the REST interface, which may allow a host user to escalate privileges, disclose information, execute code, or cause a denial of service. Affected products/versions are the DGX H100 BMC f...
CVE-2023-32077
Netmaker Vulnerability: Hardcoded DNS secret key allows unauthenticated users to interact with DNS API endpoints. Affects Netmaker builds prior to 0.17.1 and 0.18.6. Remediation per sources: upgrade to v0.17.1 (patched) or v0.18.6+ (fixed). If on 0.17.1, run docker pull gravitl/netmaker:v0.17.1 a...
CVE-2023-23476
CVE-2023-23476 affects IBM Robotic Process Automation versions 21.0.0–21.0.7.latest. The vulnerability stems from insufficient authorization validation on certain API routes, enabling unauthorized data access. Public details confirm impact as data disclosure and outline that upgraded versions 23....
CVE-2023-3077
CVE-2023-3077 affects the MStore API WordPress plugin prior to version 3.9.8. The vulnerability is a Blind SQL injection in which the product_id parameter is not sanitized/escaped before being used in a SQL statement, and it is exploitable by unauthenticated users. Public details indicate exploit...
CVE-2023-42118
CVE-2023-42118 affects Exim libspf2. The vulnerability arises in the SPF macro parser, where unvalidated user-supplied data can trigger an integer underflow before memory write, enabling remote code execution with the service account context. Exploitation appears feasible by network-adjacent atta...
CVE-2023-41321
GLPI (Gestionnaire Libre de Parc Informatique) prior to version 10.0.10 contains an API issue where an API user with read access can enumerate sensitive field values on resources. The vulnerability affects confidentiality (C) but has no impact on integrity/availability according to the provided d...
CVE-2023-4415
Summary: CVE-2023-4415 affects Ruijie RG-EW1200G (version 07161417 r483). The issue resides in the /api/sys/login endpoint, causing improper authentication with remote access risk. Multiple connected sources confirm a login bypass/RCE scenario and public disclosure of the exploit (VDB-237518). Ex...
CVE-2023-20232
Cisco Unified Contact Center Express (Unified CCX) is affected by CVE-2023-20232 due to improper input validation in the Tomcat-based web proxy component exposed via the Finesse Portal. The issue allows an unauthenticated, remote attacker to perform a web cache poisoning attack by sending crafted...
CVE-2023-38491
Summary: CVE-2023-38491 affects Kirby CMS prior to versions 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. The vulnerability arises from Kirby\u2019s MIME type handling in Response::file(), which could fail to determine the correct MIME for uploaded files, causing the browser to treat a file as t...
CVE-2023-37899
CVE-2023-37899 concerns Feathersjs: the socket handler fails to catch invalid string conversion errors (e.g., a crafted toString object), causing Node.js to crash on unexpected Socket.io messages. A fix is available in Feathers versions 5.0.8 and 4.5.18; users should upgrade. There is no known wo...
CVE-2024-5910
CVE-2024-5910 affects Palo Alto Networks Expedition (versions prior to 1.2.92). The issue is missing authentication for a critical function, enabling an attacker with network access to potentially takeover an Expedition admin account and exfiltrate configuration secrets and credentials. Public so...
CVE-2022-22721
CVE-2022-22721 concerns the Apache HTTP Server. On 32-bit systems, if LimitXMLRequestBody is set to allow request bodies larger than 350 MB (default 1 MB), an integer overflow can occur, leading to out-of-bounds writes. Affected product: Apache HTTP Server 2.4.52 and earlier. Impact per sources: ...
CVE-2025-21655
CVE-2025-21655 affects the Linux kernel io_uring/eventfd path. The root cause is that io_eventfd_do_signal() frees an io_ev_fd immediately when the refcount drops to zero, instead of deferring to a subsequent RCU grace period. The fix defers freeing by calling io_eventfd_put() (replacing the inli...
CVE-2023-41324
GLPI (Gestionnaire Libre de Parc Informatique) vulnerability CVE-2023-41324 is evidenced in connected records as a SQL injection flaw in GLPI’s search functionality. Affected are GLPI versions prior to 10.0.13 (per PT Security entries); authenticated users can exploit the flaw to access or extrac...
CVE-2023-32186
CVE-2023-32186 affects SUSE RKE2. A resource allocation without limits/throttling vulnerability allows an unauthenticated attacker with network access to the RKE2 supervisor/ API port to cause a DoS on the cluster. Affected RKE2 versions include 1.24.0–1.24.16, 1.25.0–1.25.12, 1.26.0–1.26.7, 1.27...
CVE-2023-37261
OpenComputers is affected by CVE-2023-37261. The issue affects OpenComputers versions 1.2.0 through 1.8.3 in default configurations where the Internet Card is enabled. The root cause is that metadata-service endpoints used by cloud providers (e.g., AWS, GCP, Azure) are not properly blocked, enabl...
CVE-2023-33371
CVE-2023-33371 affects Control ID IDSecure 4.7.26.0 and earlier. The vulnerability arises from a hardcoded cryptographic key used to sign and verify JWT session tokens, enabling an attacker to forge tokens and bypass authentication. Exploitation details are not provided in these documents, but th...
CVE-2022-46898
CVE-2022-46898 concerns Vocera Report Server/Voice Server v5.x–5.8. A path-traversal flaw in the “restore SQL data” ZIP import workflow lets an attacker craft a ZIP with a SQL file that escapes the restoration directory. The Vocera Report Console’s websocket interface for restoration can process ...
CVE-2023-34047
CVE-2023-34047 affects Spring GraphQL: vulnerable batches occur when registering batch loader functions with a DataLoaderOptions instance in versions 1.1.0–1.1.5 and 1.2.0–1.2.2. Root cause: a batch loader may be exposed to the GraphQL context with values from a different session, including secur...
CVE-2023-20194
Cisco ISE ERS API vulnerability (CVE-2023-20194) allows an authenticated Administrator to read arbitrary OS files due to improper privilege management in the ERS API. Exploitation requires valid admin privileges and a crafted ERS API request; impact is information disclosure and potential privile...
CVE-2023-39438
CLA-assistant’s API suffers from a missing authorization check that allows any authenticated user to perform certain operations, including reading CLA data (and signer details) and updating or deleting CLA configurations for repositories or organizations. Stored GitHub tokens are not exposed in A...
CVE-2023-39966
1Panel CVE-2023-39966 affects v1.4.3; the api/v1/file.go SaveContentthat function accepts user POST JSON without proper parameter filtering, enabling arbitrary file writes and potential full server control. 1.5.0 patches this issue. Related advisories cite an arbitrary file write vulnerability wi...
CVE-2023-38337
CVE-2023-38337 concerns rswag (Ruby gem) before 2.10.1. The issue arises because rswag-api can expose a file that is not the project’s OpenAPI/Swagger specification, enabling directory traversal and allowing remote attackers to read arbitrary JSON and YAML files. Affected software is rswag
CVE-2022-37436
CVE-2022-37436 affects Apache HTTP Server in versions prior to 2.4.55. The issue allows a malicious backend to truncate response headers early, causing some headers to be incorporated into the response body and preventing the later headers from being interpreted by the client. Affected products i...
CVE-2023-41046
CVE-2023-41046 describes a velocity code execution flaw in XWiki Platform where VelocityCode/VelocityWiki properties can run Velocity without script rights. The code executes with the correct context author, but cannot access privileged APIs; however, it may access data/APIs that enable further p...
CVE-2023-40570
Summary: CVE-2023-40570 affects Datasette 1.0 alpha to 1.0a3 with authentication enabled. The /-/api API explorer endpoint could disclose the names of databases and tables to unauthenticated users, without exposing contents. The issue is mitigated in Datasette 1.0a4, which blocks the API explorer...
CVE-2023-43652
CVE-2023-43652 affects JumpServer (open source bastion host). An unauthenticated user can authenticate to the core API using a username and an SSH public key without a password or private key, enabling access to the current user’s information and authorized actions. The vulnerability stems from a...
CVE-2023-5074
CVE-2023-5074 affects D-Link D-View 8, specifically version 2.0.1.28, where a static key protects the JWT used for user authentication. This design enables an authentication bypass risk by forging or manipulating tokens, effectively allowing unauthorized access to D-View 8 systems. The relevant c...
CVE-2023-38888
CVE-2023-38888 is a Cross Site Scripting vulnerability affecting Dolibarr ERP/CRM (v17.0.1 and earlier) exposed via the REST API module. The issue is tied to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject, enabling a remote attacker to obtain sensitive information and execute arb...
CVE-2023-4616
CVE-2023-4616 concerns a path traversal in LG LED Assistant’s /api/thumbnail endpoint. The vulnerability stems from insufficient validation of a user-supplied path before performing file operations, enabling an unauthenticated attacker to read sensitive information in the context of the current u...
CVE-2021-4191
The CVE-2021-4191 issue in GitLab CE/EE (affected versions: 13.0–14.6.5, 14.7–14.7.4, 14.8–14.8.2) enables user enumeration via the GraphQL API for unauthenticated users on privately signed-up instances. Root cause: missing authentication checks in specific GraphQL queries, allowing an attacker t...
CVE-2023-20223
CVE-2023-20223 affects Cisco DNA Center. Affected component: Cisco DNA Center API with insufficient access control, enabling an unauthenticated remote attacker to read/modify data in an internal service repository via crafted API requests. Impact: data exposure and modification on the device; no ...
CVE-2023-36388
CVE-2023-36388 concerns Apache Superset. The issue is an improper REST API permission configuration that allows an authenticated, low-privilege user to initiate network connections, enabling possible SSRF. The vulnerability affects Superset up to version 2.1.0 (and older per disclosures), with th...
CVE-2023-40027
Keystone (Node.js) vulnerability CVE-2023-40027: When ui.isAccessAllowed is undefined, the adminMeta GraphQL query is publicly accessible without a session, potentially exposing admin metadata. Affected users are those relying on a session strategy to restrict access; developers using @keystone-6...
CVE-2023-3300
HashiCorp Nomad and Nomad Enterprise expose a vulnerability (CVE-2023-3300) where the HTTP search API can reveal names of available CSI plugins to unauthenticated users or those without the plugin:read policy. Affected versions are Nomad/Nomad Enterprise 0.11.0 through 1.5.6 and 1.4.1. The issue ...
CVE-2024-56690
CVE-2024-56690 : Linux kernel crypto: pcrypt fix for -EBUSY/-EAGAIN. After commit 8f4f68e7, padata_do_parallel() may return -EAGAIN for pcrypt encrypt/decrypt when CPUs go online/offline, triggering a WARN/panic under panic_on_warn. The remediation is to call the crypto layer directly (no paralle...
CVE-2023-4243
CVE-2023-4243 affects the FULL – Customer WordPress plugin. Root cause: improper authorization in the /install-plugin REST route allows authenticated users with subscriber-level or higher to install plugins from arbitrary remote locations, enabling potential code execution. Affected: FULL – Custo...
CVE-2023-37470
Metabase versions prior to 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4 are affected by a remote code execution vulnerability stemming from the embedded H2 database. The issue allows a user-supplied connection string to contain code that is subsequently execu...
CVE-2023-37916
CVE-2023-37916: KubePi (github.com/KubeOperator/kubepi) had a leak in /kubepi/api/v1/users/search?pageNum=1&&pageSize=10 that exposed password hashes for any user (including admin). The root cause is a leaking endpoint returning password hashes; no workaround is documented. The issue has been fix...
CVE-2023-41301
CVE-2023-41301 describes a vulnerability in the PMS module enabling unauthorized API access, with exploitation potentially causing features to behave abnormally. The NVD entry lists a CVSS v3.1 base score of 7.5 (HIGH), with network attack vector, no privileges required, no user interaction, and ...
CVE-2023-31012
CVE-2023-31012 affects NVIDIA DGX H100 BMC: the REST service suffers from improper input validation in the BMC REST interface, enabling potential privilege escalation and information disclosure. CVSSv3.1 base score 8.8 (HIGH) per NVD; Red Hat, NVD and NVIDIA bulletins corroborate issues tied to t...
CVE-2023-31011
CVE-2023-31011 affects NVIDIA DGX H100 BMC REST service due to improper input validation in the REST interface. The Red Hat advisory and NVIDIA security bulletin confirm the root cause is input validation weaknesses, enabling an attacker to escalate privileges and disclose information. The issue ...
CVE-2023-2848
Movim prior to version 0.22 is affected by a Cross‑Site WebSocket Hijacking vulnerability due to missing header validation. This is documented across multiple sources (NVD entry confirms the issue and impact; connected references point to Movim commits related to the vulnerability). Affected comp...
CVE-2023-3264
CVE-2023-3264 affects CyberPower PowerPanel Enterprise DCIM (and is listed with a CVSS 3.1 vector of 6.7). The vulnerability is described as Use of Hard-coded Credentials, enabling authentication bypass in the CyberPower PowerPanel Enterprise component. The Trellix/TRELLIX blog and related Red Ha...
CVE-2023-38510
Tolgee CVE-2023-38510 affects Tolgee versions 3.14.0 through 3.23.1. The issue is that API-key requests bypass permission scope checks, effectively bypassing authorization for some endpoints. This vulnerability can enable unauthorized access if API keys are exposed on the internet; cases where ke...