Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting XSS.This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1...

Design/Logic Flaw

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

Command injection

Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAXINT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerability has been addressed in commit 73b2d379 which...

Authorization

Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access...

Privilege escalation

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability...

Input validation

Insufficient validation of SPI flash addresses in the ASP AMD Secure Processor bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity...

Information disclosure

Sequence of processor instructions leads to unexpected behavior for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access...

Design/Logic Flaw

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possible to free a...

Input validation

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...

Default credentials

An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2...

Design/Logic Flaw

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, SessionStrategyListener does not migrate the session after every successful login. It does so only in case the logged in...

Path traversal

In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023...

Code injection

Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter...

Design/Logic Flaw

Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug...

Out-of-bounds

In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed...

Cross site request forgery (csrf)

An issue in TP-Link Tapo C100 v1.1.15 Build 211130 Rel.15378n4555 and before allows attackers to cause a Denial of Service DoS via supplying a crafted web request...

Design/Logic Flaw

Sielco PolyEco1000 is vulnerable to an improper access control vulnerability when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages...

Design/Logic Flaw

An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to...

Heap overflow

A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's siblinglist is smaller than its child's siblinglist, it can increment or write to memor...

Command injection

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. The supported version that is affected is 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

Buffer overflow

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition:...

Cross site scripting

The User Activity Log Pro WordPress plugin before 2.3.4 does not properly escape recorded User-Agents in the user activity logs dashboard, which may allow visitors to conduct Stored Cross-Site Scripting attacks...

Buffer overflow

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

Input validation

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read by an admin-privilege authenticated attacker. Exploitation of this issue do...

Heap overflow

Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: Medium...

Heap overflow

Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...

Remote code execution

Windows MSHTML Platform Remote Code Execution Vulnerability...

Remote code execution

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability...

Privilege escalation

Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability...

Design/Logic Flaw

A vulnerability was found in XINJE XD5E-30R-E 3.5.3b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Modbus Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The...

Design/Logic Flaw

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a mutation XSS mXSS vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin = 1.3.54 versions...

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18...

Design/Logic Flaw

When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro...

Default configuration

TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity...

Input validation

A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant...

Design/Logic Flaw

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. A user with write access to another user can make requests to change the latter's password and then take...

Design/Logic Flaw

Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for...

Design/Logic Flaw

NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information...

Buffer overflow

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.10, FreeSWITCH allows authorized users to cause a denial of service attack by sending...

Deserialization of untrusted data

A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service...

Open redirect

Rejected reason: This candidate is unused by its CNA...

Cross site scripting

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated...

Remote code execution

.NET Framework Remote Code Execution Vulnerability...

Null pointer dereference

Null pointer dereference when composing from a specially crafted draft message in Mutt 1.5.2 2.2.12...

Input validation

Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting...

Code injection

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM...

Design/Logic Flaw

Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...