π¨ CVE-2024-20347
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a CSRF attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected system. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user, such as deleting users from the device.
π@cveNotify
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a CSRF attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected system. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user, such as deleting users from the device.
π@cveNotify
Cisco
Cisco Security Advisory: Cisco Emergency Responder Cross-Site Request Forgery and Directory Traversal Vulnerabilities
Multiple vulnerabilities in Cisco Emergency Responder could allow an attacker to conduct a cross-site request forgery (CSRF) or directory traversal attack, which could allow the attacker to perform arbitrary actions on an affected device.
For more informationβ¦
For more informationβ¦
π¨ CVE-2023-38405
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.
π@cveNotify
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.
π@cveNotify
π¨ CVE-2024-0016
In multiple locations, there is a possible out of bounds read due to a missing bounds check. This could lead to paired device information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
In multiple locations, there is a possible out of bounds read due to a missing bounds check. This could lead to paired device information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
π¨ CVE-2024-1669
Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
π@cveNotify
Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 122 to the stable channel for Windows, Mac and Linux. This will roll out ov...
π¨ CVE-2024-26467
A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL.
π@cveNotify
A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL.
π@cveNotify
Gist
gist:50463b0e62067ec861b7006cbf46b068
GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2024-48218
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.
π@cveNotify
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.
π@cveNotify
GitHub
Funadmin v5.0.2 has 1 SQL injection in the/curd/table/list path Β· Issue #21 Β· funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
π¨ CVE-2024-48222
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.
π@cveNotify
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.
π@cveNotify
GitHub
Funadmin v5.0.2 has 1 SQL injection in the/curd/table/edit path Β· Issue #22 Β· funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
π¨ CVE-2024-48223
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist.
π@cveNotify
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist.
π@cveNotify
GitHub
Funadmin v5.0.2 has 1 SQL injection in the/curd/table/fieldlist path Β· Issue #23 Β· funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
π¨ CVE-2024-48226
Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.
π@cveNotify
Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.
π@cveNotify
GitHub
There is an SQL injection in the Curd one click command mode plugin Β· Issue #26 Β· funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
π¨ CVE-2024-48227
Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS).
π@cveNotify
Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS).
π@cveNotify
GitHub
The Curd one click command has a logical flaw in the deletion function. Β· Issue #27 Β· funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: Program logic defect Vulnerabili...
π¨ CVE-2024-48229
funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.
π@cveNotify
funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.
π@cveNotify
GitHub
There is an SQL injection in the Curd one click command mode plugin Β· Issue #28 Β· funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
π¨ CVE-2024-48230
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php.
π@cveNotify
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php.
π@cveNotify
GitHub
auth.Auth#parentField has sql injection vulnerability Β· Issue #30 Β· funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
π¨ CVE-2024-49638
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali Azlan Risk Warning Bar allows Reflected XSS.This issue affects Risk Warning Bar: from n/a through 1.0.
π@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali Azlan Risk Warning Bar allows Reflected XSS.This issue affects Risk Warning Bar: from n/a through 1.0.
π@cveNotify
Patchstack
WordPress Risk Warning Bar plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
π¨ CVE-2024-49639
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Edward Stoever Monitor.Chat allows Reflected XSS.This issue affects Monitor.Chat: from n/a through 1.1.1.
π@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Edward Stoever Monitor.Chat allows Reflected XSS.This issue affects Monitor.Chat: from n/a through 1.1.1.
π@cveNotify
Patchstack
WordPress Monitor.chat plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
π¨ CVE-2024-49640
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AmaderCode Lab ACL Floating Cart for WooCommerce allows Reflected XSS.This issue affects ACL Floating Cart for WooCommerce: from n/a through 0.9.
π@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AmaderCode Lab ACL Floating Cart for WooCommerce allows Reflected XSS.This issue affects ACL Floating Cart for WooCommerce: from n/a through 0.9.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress ACL Floating Cart for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2024-49641
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tidaweb Tida URL Screenshot allows Reflected XSS.This issue affects Tida URL Screenshot: from n/a through 1.0.
π@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tidaweb Tida URL Screenshot allows Reflected XSS.This issue affects Tida URL Screenshot: from n/a through 1.0.
π@cveNotify
Patchstack
WordPress Tida URL Screenshot plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
π¨ CVE-2024-7774
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite existing text files, read `.txt` files, and delete files. The vulnerability is exploited through the `setFileContent`, `getParsedFile`, and `mdelete` methods, which do not properly sanitize user input.
π@cveNotify
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite existing text files, read `.txt` files, and delete files. The vulnerability is exploited through the `setFileContent`, `getParsedFile`, and `mdelete` methods, which do not properly sanitize user input.
π@cveNotify
GitHub
fix(langchain): Fix local file store traversal issue (#6736) Β· langchain-ai/langchainjs@a0fad77
π¦π Build context-aware reasoning applications π¦π. Contribute to langchain-ai/langchainjs development by creating an account on GitHub.
π¨ CVE-2024-7783
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT (JSON Web Token) used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of sensitive information poses significant security risks, as an attacker who gains access to the JWT can easily decode it and retrieve the password. The issue is fixed in version 1.0.3.
π@cveNotify
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT (JSON Web Token) used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of sensitive information poses significant security risks, as an attacker who gains access to the JWT can easily decode it and retrieve the password. The issue is fixed in version 1.0.3.
π@cveNotify
GitHub
Encryption in JWT for single-user password mode (#2111) Β· Mintplex-Labs/anything-llm@4430ddb
* wip encrypting jwt value
* Encrypt/Decrypt pass in JWT value for verification in single-user password mode
* Encrypt/Decrypt pass in JWT value for verification in single-user password mode
π¨ CVE-2023-35692
In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
π¨ CVE-2023-34669
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.
π@cveNotify
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.
π@cveNotify
π¨ CVE-2024-21678
This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center.
This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction.
Data Center
Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
||Affected versions||Fixed versions||
|from 8.7.0 to 8.7.1|8.8.0 recommended or 8.7.2|
|from 8.6.0 to 8.6.1|8.8.0 recommended|
|from 8.5.0 to 8.5.4 LTS|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS|
|from 8.4.0 to 8.4.5|8.8.0 recommended or 8.5.6 LTS|
|from 8.3.0 to 8.3.4|8.8.0 recommended or 8.5.6 LTS|
|from 8.2.0 to 8.2.3|8.8.0 recommended or 8.5.6 LTS|
|from 8.1.0 to 8.1.4|8.8.0 recommended or 8.5.6 LTS|
|from 8.0.0 to 8.0.4|8.8.0 recommended or 8.5.6 LTS|
|from 7.20.0 to 7.20.3|8.8.0 recommended or 8.5.6 LTS|
|from 7.19.0 to 7.19.17 LTS|8.8.0 recommended or 8.5.6 LTS or 7.19.18 LTS or 7.19.19 LTS|
|from 7.18.0 to 7.18.3|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
|from 7.17.0 to 7.17.5|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
|Any earlier versions|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
Server
Atlassian recommends that Confluence Server customers upgrade to the latest 8.5.x LTS version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
||Affected versions||Fixed versions||
|from 8.5.0 to 8.5.4 LTS|8.5.5 LTS or 8.5.6 LTS recommended |
|from 8.4.0 to 8.4.5|8.5.6 LTS recommended|
|from 8.3.0 to 8.3.4|8.5.6 LTS recommended|
|from 8.2.0 to 8.2.3|8.5.6 LTS recommended|
|from 8.1.0 to 8.1.4|8.5.6 LTS recommended|
|from 8.0.0 to 8.0.4|8.5.6 LTS recommended|
|from 7.20.0 to 7.20.3|8.5.6 LTS recommended|
|from 7.19.0 to 7.19.17 LTS|8.5.6 LTS recommended or 7.19.18 LTS or 7.19.19 LTS|
|from 7.18.0 to 7.18.3|8.5.6 LTS recommended or 7.19.19 LTS|
|from 7.17.0 to 7.17.5|8.5.6 LTS recommended or 7.19.19 LTS|
|Any earlier versions|8.5.6 LTS recommended or 7.19.19 LTS|
See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]).
This vulnerability was reported via our Bug Bounty program.
π@cveNotify
This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center.
This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction.
Data Center
Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
||Affected versions||Fixed versions||
|from 8.7.0 to 8.7.1|8.8.0 recommended or 8.7.2|
|from 8.6.0 to 8.6.1|8.8.0 recommended|
|from 8.5.0 to 8.5.4 LTS|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS|
|from 8.4.0 to 8.4.5|8.8.0 recommended or 8.5.6 LTS|
|from 8.3.0 to 8.3.4|8.8.0 recommended or 8.5.6 LTS|
|from 8.2.0 to 8.2.3|8.8.0 recommended or 8.5.6 LTS|
|from 8.1.0 to 8.1.4|8.8.0 recommended or 8.5.6 LTS|
|from 8.0.0 to 8.0.4|8.8.0 recommended or 8.5.6 LTS|
|from 7.20.0 to 7.20.3|8.8.0 recommended or 8.5.6 LTS|
|from 7.19.0 to 7.19.17 LTS|8.8.0 recommended or 8.5.6 LTS or 7.19.18 LTS or 7.19.19 LTS|
|from 7.18.0 to 7.18.3|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
|from 7.17.0 to 7.17.5|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
|Any earlier versions|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
Server
Atlassian recommends that Confluence Server customers upgrade to the latest 8.5.x LTS version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
||Affected versions||Fixed versions||
|from 8.5.0 to 8.5.4 LTS|8.5.5 LTS or 8.5.6 LTS recommended |
|from 8.4.0 to 8.4.5|8.5.6 LTS recommended|
|from 8.3.0 to 8.3.4|8.5.6 LTS recommended|
|from 8.2.0 to 8.2.3|8.5.6 LTS recommended|
|from 8.1.0 to 8.1.4|8.5.6 LTS recommended|
|from 8.0.0 to 8.0.4|8.5.6 LTS recommended|
|from 7.20.0 to 7.20.3|8.5.6 LTS recommended|
|from 7.19.0 to 7.19.17 LTS|8.5.6 LTS recommended or 7.19.18 LTS or 7.19.19 LTS|
|from 7.18.0 to 7.18.3|8.5.6 LTS recommended or 7.19.19 LTS|
|from 7.17.0 to 7.17.5|8.5.6 LTS recommended or 7.19.19 LTS|
|Any earlier versions|8.5.6 LTS recommended or 7.19.19 LTS|
See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]).
This vulnerability was reported via our Bug Bounty program.
π@cveNotify