Design/Logic Flaw

Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function...

Server side request forgery (ssrf)

A vulnerability was found in LangChain langchaincommunity 0.0.26. It has been classified as critical. Affected is the function loadlocal in the library libs/community/langchaincommunity/retrievers/tfidf.py of the component TFIDFRetriever. The manipulation leads to server-side request forgery. It ...

Out-of-bounds

A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/app/servicecrud.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be...

Cross site scripting

A Cross-Site Scripting XSS vulnerability has been found in HelpDeskZ affecting version 2.0.2 and earlier. This vulnerability could allow an attacker to send a specially crafted JavaScript payload within the email field and partially take control of an authenticated user's browser session...

Out-of-bounds

A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/product.php. The manipulation of the argument photo leads to unrestricted upload. The attack can be...

Authentication flaw

Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. A remote low privileged attacker could potentially exploit this vulnerability, leading to impersonation of the server through presenting a fake self-signed certificate and...

Code injection

Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext...

Design/Logic Flaw

Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames they were not permitted to view. With 2.8.2 and newer, Ops and Viewer users do not have audit log permission by...

Design/Logic Flaw

The NextMove Lite – Thank You Page for WooCommerce and Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugins for WordPress are vulnerable to unauthorized access of data due to a missing capability check on the downloadtoolssettings function in all versions up to, and including,...

Default configuration

Initialization of a resource with an insecure default vulnerability in OET-213H-BTS1 sold in Japan by Atsumi Electric Co., Ltd. allows a network-adjacent unauthenticated attacker to configure and control the affected product...

Remote code execution

The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution...

Design/Logic Flaw

Protection mechanism failure issue exists in RevoWorks SCVX prior to scvimage4.10.211013 when using 'VirusChecker' or 'ThreatChecker' feature and RevoWorks Browser prior to 2.2.95 when using 'VirusChecker' or 'ThreatChecker' feature. If data containing malware is saved in a specific file format...

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

Authorization

Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

Open redirect

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Open redirect

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Path traversal

A local attacker can gain administrative privileges by inserting an executable file in the path of the affected product...

Cross site request forgery (csrf)

In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection...

Deserialization of untrusted data

The Slider Responsive Slideshow – Image slider, Gallery slideshow plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.8 via deserialization of untrusted input to the awlsliderresponsiveshortcode function. This makes it possible for authenticated...

Remote code execution

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

Directory traversal

Directory Traversal vulnerability in DICOM® Connectivity Framework by laurelbridge before v.2.7.6b allows a remote attacker to execute arbitrary code via the formatlogfile.pl file...

Remote code execution

Nteract v.0.28.0 was discovered to contain a remote code execution RCE vulnerability via the Markdown link...

Design/Logic Flaw

IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 261115...

Design/Logic Flaw

IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656...

Code injection

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274711...

Cross site scripting

IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

Cross site request forgery (csrf)

IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 251216...

Design/Logic Flaw

IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 273336...

Command injection

IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response Header that could allow an attacker to obtain information of the application environment to conduct further attacks. IBM X-Force ID: 275038...

Stack overflow

Delta Electronics CNCSoft-B versions 1.0.0.4 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

Heap overflow

MicroDicom DICOM Viewer versions 2023.3 Build 9342 and prior are affected by a heap-based buffer overflow vulnerability, which could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. A user must open a malicious DCM file in order to exploit the vulnerability...

Memory corruption

MicroDicom DICOM Viewer versions 2023.3 Build 9342 and prior contain a lack of proper validation of user-supplied data, which could result in memory corruption within the application...

Server side request forgery (ssrf)

Recipes version 1.5.10 allows arbitrary HTTP requests to be made through the server. This is possible because the application is vulnerable to SSRF...

Sql injection

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. Affected is an unknown function of the file /admin/listlocaluser.php. The manipulation of the argument ResId leads to sql injection. It is possible to launch the attack remotely. Th...

Sql injection

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/listipAddressPolicy.php. The manipulation of the argument GroupId leads to sql injection. The attack can ...

Session fixation

Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. This is possible because the application is vulnerable to Local File Read via chat attachments...

Out-of-bounds

dp-golang is a Puppet module for Go installations. Prior to 1.2.7, dp-golang could install files — including the compiler binary — with the wrong ownership when Puppet was run as root and the installed package was On macOS: Go version 1.4.3 through 1.21rc3, inclusive,...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devmspialloc We can't rely on the contents of the devres list during spiunregistercontroller, as the list is already torn down at the time we perform devresfind for devmspireleasecontroller. This caus...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: m68k: mvme147,mvme16x: Don't wipe PCC timer config bits Don't clear the timer 1 configuration bits when clearing the interrupt flag and counter overflow. As Michael reported, "This results in no timer interrupts being delivered...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: soundwire: stream: fix memory leak in stream config error path When stream config is failed, master runtime will release all slave runtime in the slavertlist, but slave runtime is not added to the list at this time. This patch...

Input validation

Improper Link Resolution Before File Access 'Link Following' vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.This issue affects Workforce Access: before 8.7.1...

Code injection

Delta Electronics CNCSoft-B DOPSoft prior to v4.0.0.82 insecurely loads libraries, which may allow an attacker to use DLL hijacking and take over the system where the software is installed...

Information disclosure

A vulnerability was found in Nway Pro 9. It has been rated as problematic. Affected by this issue is the function ajaxloginsubmitform of the file login\index.php of the component Argument Handler. The manipulation of the argument rsargs leads to information exposure through error message. The...

Heap overflow

Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h...

Design/Logic Flaw

An issue in vivotek Network Camera v.FD8166A-VVTK-0204j allows a remote attacker to execute arbitrary code via a crafted payload to the uploadfile.cgi component...

Buffer overflow

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input, and possibly remote code execution...

Null pointer dereference

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub4484A8. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

Null pointer dereference

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub41C488. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

Null pointer dereference

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub4484A8. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

Null pointer dereference

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub4110f4. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...