Code injection

A vulnerability has been found in Magic-Api up to 2.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /resource/file/api/save?auto=1. The manipulation leads to code injection. The attack can be launched remotely. The exploit has been disclosed ...

Sql injection

SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the AdministrationWidget tab after the login portal...

Remote code execution

Google Nest WiFi Pro root code-execution & user-data compromise...

Information disclosure

omniauth-microsoftgraph provides an Omniauth strategy for the Microsoft Graph API. Prior to versions 2.0.0, the implementation did not validate the legitimacy of the email attribute of the user nor did it give/document an option to do so, making it susceptible to nOAuth misconfiguration in cases...

Information disclosure

There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...

Design/Logic Flaw

An issue was discovered in open5gs v2.6.6. SIGPIPE can be used to crash AMF...

Sql injection

A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the 'userid' parameter after the login portal...

Design/Logic Flaw

An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of NudmUECMRegistration response...

Design/Logic Flaw

Rust EVM is an Ethereum Virtual Machine interpreter. In rust-evm, a feature called recordexternaloperation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or...

Sql injection

A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal...

Information disclosure

An indirect Object Reference IDOR in the Order and Invoice pages in Floorsight Customer Portal Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information...

Out-of-bounds

A vulnerability, which was classified as critical, has been found in CodeAstro Internet Banking System up to 1.0. This issue affects some unknown processing of the file pagesaccount.php of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack may be...

Sql injection

OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "Analysis - SonarCloud" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and...

Cross site scripting

PrestaShop is an open-source e-commerce platform. Prior to versions 8.1.3 and 1.7.8.11, some event attributes are not detected by the isCleanHTML method. Some modules using the isCleanHTML method could be vulnerable to cross-site scripting. Versions 8.1.3 and 1.7.8.11 contain a patch for this...

Information disclosure

An issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information...

Design/Logic Flaw

An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework...

Design/Logic Flaw

An issue in A-WORLD OIRASE BEERwaiting Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token...

Code injection

A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack...

Code injection

KernelSU is a Kernel-based root solution for Android devices. In versions 0.7.1 and prior, the logic of get apk path in KernelSU kernel module can be bypassed, which causes any malicious apk named me.weishu.kernelsu get root permission. If a KernelSU module installed device try to install any not...

Cross site scripting

OWASP AntiSamy .NET is a library for performing cleansing of HTML coming from untrusted sources. Prior to version 1.2.0, there is a potential for a mutation cross-site scripting mXSS vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerabilit...

Deserialization of untrusted data

vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Starting in version 0.5.0 and prior to version 0.12.0, an issue in the FamStructWrapper::deserialize implementation provided by the crate for vmmsysutil::fam::FamStructWrapper can lea...

Design/Logic Flaw

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/uploads/. The manipulation leads to file and directory information exposure. It is possible to launch the attack remotely. The exploit...

Out-of-bounds

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file downloadable.php of the component Add Downloadable. The manipulation leads to unrestricted upload. The attack can be...

Buffer overflow

A memory leak problem was found in ctnetlinkcreateconntrack in net/netfilter/nfconntracknetlink.c in the Linux Kernel. This issue may allow a local attacker with CAPNETADMIN privileges to cause a denial of service DoS attack due to a refcount overflow...

Cross site scripting

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file addquiz.php of the component Quiz Handler. The manipulation of the argument Quiz Title/Quiz Description with the input alertx leads to cros...

Code injection

The Priva TopControl Suite contains predictable credentials for the SSH service, based on the Serial number. Which makes it possible for an attacker to calculate the login credentials for the Priva TopControll suite...

Privilege escalation

An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege...

Design/Logic Flaw

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFTCHAIN object or NFTOBJECT object, allowing a local...

Cross site scripting

A vulnerability has been found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file teachermessage.php of the component Create Message Handler. The manipulation of the argument Content with the input alertx leads to cross...

Information disclosure

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region...

Authentication flaw

Rejected reason: Not used...

Cross site scripting

A vulnerability, which was classified as problematic, was found in Acumos Design Studio up to 2.0.7. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.0.8 is able to address this issue. The name of...

Cross site scripting

A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic. Affected by this vulnerability is the function XFormItem.prototype.setError of the file WebRoot/js/ajax/dwt/xforms/XFormItem.js. The manipulation of the argument message leads to cross site scripting. The...

Design/Logic Flaw

A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. This affects an unknown part of the file changepasswordteacher.php. The manipulation leads to weak password requirements. It is possible to initiate the attack remotely. The complexity o...

Cross site scripting

A vulnerability was found in rt-prettyphoto Plugin up to 1.2 on WordPress and classified as problematic. Affected by this issue is the function royalprettyphotopluginlinks of the file rt-prettyphoto.php. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgradin...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ekol Informatics Website Template allows SQL Injection.This issue affects Website Template: through 20231215...

Code injection

Mattermost fails to properly verify the permissions needed for viewing archived public channels, allowing a member of one team to get details about the archived public channels of another team via the GET /api/v4/teams//channels/deleted endpoint...

Design/Logic Flaw

Mattermost fails to update the permissions of the current session for a user who was just demoted to guest, allowing freshly demoted guests to change group names...

Stack overflow

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...

Information disclosure

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to everyone else in the channel...

Design/Logic Flaw

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all resources...

Null pointer dereference

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer...

Null pointer dereference

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer...

Null pointer dereference

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash through modify a released pointer...

Null pointer dereference

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia camera crash through modify a released pointer...

Memory corruption

Memory corruption while running VK synchronization with KASAN enabled...

Design/Logic Flaw

Transient DOS while processing a WMI P2P listen start command 0xD00A sent from host...

Hardcoded credentials

Transient DOS in Data Modem during DTLS handshake...

Cross site request forgery (csrf)

Transient DOS in WLAN Firmware while parsing a BTM request...

Memory corruption

Memory corruption in Graphics Driver when destroying a context with KGSLGPUAUXCOMMANDTIMELINE objects queued...