Lucene search
K
CvelistMost viewed

364887 matches found

Cvelist
Cvelist
added 2024/11/12 4:59 p.m.54 views

CVE-2024-49514 Photoshop Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191)

Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

7.8CVSS0.00299EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/27 9:0 p.m.54 views

CVE-2024-10429 WAVLINK WN530H4/WN530HG4/WN572HG3 internet.cgi set_ipv6 command injection

A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function setipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr leads to command injection. It is possible to...

8.6CVSS0.17215EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/10/26 1:58 a.m.54 views

CVE-2024-9933 WatchTowerHQ <= 3.10.1 - Authentication Bypass to Administrator due to Missing Empty Value Check

The WatchTowerHQ plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.10.1. This is due to the 'watchtowerotatoken' default value is empty, and the not empty check is missing in the 'PasswordLessAccess::login' function. This makes it possible for...

9.8CVSS0.01935EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/10/16 12:58 p.m.54 views

CVE-2024-48042 WordPress Contact Form by Supsystic plugin <= 1.7.28 - Remote Code Execution (RCE) vulnerability

Deserialization of Untrusted Data vulnerability in supsystic Contact Form by Supsystic contact-form-by-supsystic allows Command Injection.This issue affects Contact Form by Supsystic: from n/a through = 1.7.28...

9.1CVSS0.01126EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/16 7:55 a.m.54 views

CVE-2024-45219 Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure

Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for attaching them as data disks to their existing instances. Due to missing validation checks for KVM-compatible templates or volumes in CloudStack 4.0.0 through 4.18.2....

8.5CVSS0.01229EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/04 7:54 p.m.54 views

CVE-2024-44976 ata: pata_macio: Fix DMA table overflow

In the Linux kernel, the following vulnerability has been resolved: ata: patamacio: Fix DMA table overflow Kolbjørn and Jonáš reported that their 32-bit PowerMacs were crashing in pata-macio since commit 09fe2bfa6b83 "ata: patamacio: Fix maxsegmentsize with PAGESIZE == 64K". For example: kernel B...

0.00196EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/28 6:28 a.m.54 views

CVE-2021-38120 Remote Code Execution using Bash command Injection in backup scheduling functionality in NetIQ Advance Authentication

A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1...

5.1CVSS0.00518EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/21 12:10 a.m.54 views

CVE-2024-43882 exec: Fix ToCToU between perm check and set-uid/gid usage

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

0.00242EPSS
Exploits1References8
Cvelist
Cvelist
added 2024/08/14 3:7 p.m.54 views

CVE-2024-39383 PoC sample of unknown vulnerability detected by EXPMON system

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...

7.8CVSS0.02762EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/09 12:37 a.m.54 views

CVE-2024-4350 Concrete CMS version 9 below 9.3.3 and below 8.5.18 are vulnerable to Stored XSS in RSS Displayer

Concrete CMS versions 9.0.0 to 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in RSS Displayer when user input is stored and later embedded into responses. A rogue administrator could inject malicious code into fields due to insufficient input validation. The Concrete CMS security team gave...

5.1CVSS0.00464EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/24 5:16 p.m.54 views

CVE-2024-41666 The Argo CD web terminal session does not handle the revocation of user permissions properly.

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD has a Web-based terminal that allows users to get a shell inside a running pod, just as they would with kubectl exec. Starting in version 2.6.0, when the administrator enables this function and grants permission to...

4.7CVSS0.00685EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/07/18 8:33 a.m.54 views

CVE-2024-3242 Brizy – Page Builder <= 2.4.44 - Authenticated (Contributor+) Arbitrary File Upload

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the validateImageContent function called via storeImages in all versions up to, and including, 2.4.43. This makes it possible for authenticated attackers, with...

8.8CVSS0.00963EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/07/16 10:39 p.m.54 views

CVE-2024-21140

...

4.8CVSS0.00879EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/15 7:38 p.m.54 views

CVE-2024-39912 Enumeration of valid usernames in web-auth/webauthn-lib

web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found...

5.3CVSS0.00394EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/12 2:34 p.m.54 views

CVE-2024-39909 SQL Injection in the KubeClarity REST API

KubeClarity is a tool for detection and management of Software Bill Of Materials SBOM and vulnerabilities of container images and filesystems. A time/boolean SQL Injection is present in the following resource /api/applicationResources via the following parameter packageID. As it can be seen in...

6.5CVSS0.00443EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.54 views

CVE-2024-38054 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

...

7.8CVSS0.10419EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/02 8:19 p.m.54 views

CVE-2024-39322 aimeos/ai-admin-jsonadm improper access control vulnerability allows editors to remove required records

aimeos/ai-admin-jsonadm is the Aimeos e-commerce JSON API for administrative tasks. In versions prior to 2020.10.13, 2021.10.6, 2022.10.3, 2023.10.4, and 2024.4.2, improper access control allows editors to remove admin group and locale configuration in the Aimeos backend. Versions 2020.10.13,...

5.5CVSS0.00481EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/07/01 2:36 p.m.54 views

CVE-2024-34696 GeoServer's Server Status shows sensitive environmental variables and Java properties

GeoServer is an open source server that allows users to share and edit geospatial data. Starting in version 2.10.0 and prior to versions 2.24.4 and 2.25.1, GeoServer's Server Status page and REST API lists all environment variables and Java properties to any GeoServer user with administrative...

4.5CVSS0.00397EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/30 8:22 p.m.54 views

CVE-2024-34703 Botan Vulnerable to Denial of Service Due to Overly Large Elliptic Curve Parameters

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameter...

7.5CVSS0.005EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/26 12:0 a.m.54 views

CVE-2024-34581

The W3C XML Signature Syntax and Processing XMLDsig specification, starting with 1.0, was originally published with a "RetrievalMethod is a URI ... that may be used to obtain key and/or certificate information" statement and no accompanying information about SSRF risks, and this may have...

0.00248EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/06/20 11:13 a.m.54 views

CVE-2022-48716 ASoC: codecs: wcd938x: fix incorrect used of portid

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer-reg, which is not same as port id. port id should be derived from chaninfo array. So fix this. Without this, its possible that we cou...

0.00693EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/20 1:51 a.m.54 views

CVE-2024-6178 XSS vulnerability in LG SuperSign CMS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...

4.8CVSS0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/17 2:3 p.m.54 views

CVE-2024-37158 Evmos is missing precompile checks

Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. Preliminary checks on actions computed by the clawback vesting accounts are performed in the ante handler. Evmos core, implements two different ante handlers: one for Cosmos transactions and one for Ethereum transactions. Checks...

3.5CVSS0.0044EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/14 12:6 p.m.54 views

CVE-2024-36459 Cross-Site Scripting Vulnerability in Symantec SiteMinder Web Agent

A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser...

8.4CVSS0.0042EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/14 3:39 a.m.54 views

CVE-2024-27162 DOM-based XSS

Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected products/models/versions, see the...

6.1CVSS0.21218EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/06/13 1:59 p.m.54 views

CVE-2024-37309 Client initialized Session-Renegotiation DoS

CrateDB is a distributed SQL database. A high-risk vulnerability has been identified in versions prior to 5.7.2 where the TLS endpoint port 4200 permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly request renegotiation of security parameter...

5.3CVSS0.00704EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/06/11 9:17 a.m.54 views

CVE-2023-33922 WordPress Elementor plugin <= 3.13.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Elementor Elementor Website Builder.This issue affects Elementor Website Builder: from n/a through 3.13.2...

4.3CVSS0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/09 10:22 p.m.54 views

CVE-2024-5389 Insufficient Access Control in lunary-ai/lunary

In lunary-ai/lunary version 1.2.13, an insufficient granularity of access control vulnerability allows users to create, update, get, and delete prompt variations for datasets not owned by their organization. This issue arises due to the application not properly validating the ownership of dataset...

5.7CVSS0.00431EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/06 5:54 p.m.54 views

CVE-2024-5452 RCE via Property/Class Pollution in lightning-ai/pytorch-lightning

A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...

9.8CVSS0.26488EPSS
Exploits3References2
Cvelist
Cvelist
added 2024/06/04 7:47 p.m.54 views

CVE-2024-28103 Action Pack is missing security headers on non-HTML responses

Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3...

5.4CVSS5.2AI score0.00658EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/26 12:0 a.m.54 views

CVE-2024-5351 anji-plus AJ-Report Javascript getValueFromJs deserialization

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been declared as critical. Affected by this vulnerability is the function getValueFromJs of the component Javascript Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been...

6.5CVSS6.4AI score0.00769EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/05/21 1:42 p.m.54 views

CVE-2024-35218 Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane

Umbraco CMS is an ASP.NET CMS used by more than 730.000 websites. Stored Cross-site scripting XSS enable attackers that have access to backoffice to bring malicious content into a website or application. This vulnerability has been patched in versions 8.18.13, 10.8.4, 12.3.7, 13.1.1 by implementi...

4.2CVSS4.3AI score0.0035EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/05/17 8:28 p.m.54 views

CVE-2023-52424

The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive th...

6.4AI score0.00716EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/16 1:39 p.m.54 views

CVE-2024-31142 x86: Incorrect logic for BTC/SRSO mitigations

Because of a logical error in XSA-407 Branch Type Confusion, the mitigation is not applied properly when it is intended to be used. XSA-434 Speculative Return Stack Overflow uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.org/xsa/advisory-407.html...

6.5AI score0.17444EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 4:57 p.m.54 views

CVE-2024-30042 Microsoft Excel Remote Code Execution Vulnerability

...

7.8CVSS7.9AI score0.02136EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/08 3:6 p.m.54 views

CVE-2024-26579 Apache Inlong JDBC Vulnerability

Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.11.0, the attackers can bypass using malicious parameters. Users are advised to upgrade to Apache InLong's 1.12.0 or cherry-pick 1, 2 to solve it. 1...

6.8AI score0.0113EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/08 1:19 p.m.54 views

CVE-2024-4233 Broken Access Control vulnerability in multiple WordPress plugins by Tyche Softwares

Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce, Tyche Softwares Arconix Shortcodes, Tyche Softwares Arconix FAQ.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.8.1; Arconix Shortcodes: from n/a through...

4.3CVSS5AI score0.00346EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/08 8:57 a.m.54 views

CVE-2024-4436 Etcd: incomplete fix for cve-2022-41723 in openstack platform

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...

7.5CVSS8AI score0.00768EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/03 2:12 a.m.54 views

CVE-2023-41221 D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/23 5:26 p.m.54 views

CVE-2024-31208 Synapse's V2 state resolution weakness allows DoS from remote room members

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/04/17 9:59 a.m.54 views

CVE-2024-32130 WordPress Payment Forms for Paystack plugin <= 3.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paystack Payment Forms for Paystack allows Stored XSS.This issue affects Payment Forms for Paystack: from n/a through 3.4.1...

6.5CVSS6.7AI score0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/24 7:38 p.m.54 views

CVE-2024-29187 WiX based installers are vulnerable to binary hijack when run as SYSTEM

WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to drop and load multiple binaries. Standard users can hijack the binary before it'...

7.3CVSS7.2AI score0.00463EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/03/22 10:12 p.m.54 views

CVE-2024-29190 MobSF SSRF Vulnerability on assetlinks_check(act_name, well_knowns)

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...

7.5CVSS7.6AI score0.00712EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/03/20 11:4 p.m.54 views

CVE-2024-2443 Improper input validation vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring GeoJSON settings. Exploitation of this vulnerability required access to the GitHub...

9.1CVSS9.7AI score0.02086EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/03/18 9:31 p.m.54 views

CVE-2024-28248 Cilium intermittent HTTP policy bypass

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being...

7.2CVSS7.1AI score0.0062EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/03/13 3:27 p.m.54 views

CVE-2023-6825 File Manager And File Manager Pro (Multiple Versions) - Directory Traversal

The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory Traversal in versions up to, and including version 7.2.1 free version and 8.3.4 Pro version via the target parameter in the mkfilefoldermanageractioncallbackshortcode function. This makes it possible for...

9.9CVSS9.1AI score0.06009EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/03/07 4:49 a.m.54 views

CVE-2024-28213

nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization...

8.1AI score0.01199EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/28 8:13 a.m.54 views

CVE-2021-47018 powerpc/64: Fix the definition of the fixmap area

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Fix the definition of the fixmap area At the time being, the fixmap area is defined at the top of the address space or just below KASAN. This definition is not valid for PPC64. For PPC64, use the top of the I/O space...

6.7AI score0.00239EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/02/17 7:36 a.m.54 views

CVE-2024-1512 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.2.5 - Unauthenticated SQL Injection

The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to union based SQL Injection via the 'user' parameter of the /lms/stm-lms/order/items REST route in all versions up to, and including, 3.2.5 due to insufficient escaping on the user supplied...

9.8CVSS9.9AI score0.77729EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/02/10 5:0 a.m.54 views

CVE-2024-21490

This affects versions of the package angular from 1.3.0; versions of the package angularjs from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in...

7.5CVSS7.5AI score0.01891EPSS
Exploits1References5
Total number of security vulnerabilities5000