๐จ CVE-2024-1669
Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
๐@cveNotify
Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
๐@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 122 to the stable channel for Windows, Mac and Linux. This will roll out ov...
๐จ CVE-2024-26467
A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL.
๐@cveNotify
A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL.
๐@cveNotify
Gist
gist:50463b0e62067ec861b7006cbf46b068
GitHub Gist: instantly share code, notes, and snippets.
๐จ CVE-2024-48218
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.
๐@cveNotify
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.
๐@cveNotify
GitHub
Funadmin v5.0.2 has 1 SQL injection in the/curd/table/list path ยท Issue #21 ยท funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
๐จ CVE-2024-48222
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.
๐@cveNotify
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.
๐@cveNotify
GitHub
Funadmin v5.0.2 has 1 SQL injection in the/curd/table/edit path ยท Issue #22 ยท funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
๐จ CVE-2024-48223
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist.
๐@cveNotify
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist.
๐@cveNotify
GitHub
Funadmin v5.0.2 has 1 SQL injection in the/curd/table/fieldlist path ยท Issue #23 ยท funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
๐จ CVE-2024-48226
Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.
๐@cveNotify
Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.
๐@cveNotify
GitHub
There is an SQL injection in the Curd one click command mode plugin ยท Issue #26 ยท funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
๐จ CVE-2024-48227
Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS).
๐@cveNotify
Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS).
๐@cveNotify
GitHub
The Curd one click command has a logical flaw in the deletion function. ยท Issue #27 ยท funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: Program logic defect Vulnerabili...
๐จ CVE-2024-48229
funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.
๐@cveNotify
funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.
๐@cveNotify
GitHub
There is an SQL injection in the Curd one click command mode plugin ยท Issue #28 ยท funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
๐จ CVE-2024-48230
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php.
๐@cveNotify
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php.
๐@cveNotify
GitHub
auth.Auth#parentField has sql injection vulnerability ยท Issue #30 ยท funadmin/funadmin
Vulnerability product: funadmin Vulnerability version: 5.0.2 Source code link: https://github.com/funadmin/funadmin/archive/refs/tags/v5.0.2.zip Vulnerability type: SQL injection Vulnerability deta...
๐จ CVE-2024-49638
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali Azlan Risk Warning Bar allows Reflected XSS.This issue affects Risk Warning Bar: from n/a through 1.0.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali Azlan Risk Warning Bar allows Reflected XSS.This issue affects Risk Warning Bar: from n/a through 1.0.
๐@cveNotify
Patchstack
WordPress Risk Warning Bar plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
๐จ CVE-2024-49639
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Edward Stoever Monitor.Chat allows Reflected XSS.This issue affects Monitor.Chat: from n/a through 1.1.1.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Edward Stoever Monitor.Chat allows Reflected XSS.This issue affects Monitor.Chat: from n/a through 1.1.1.
๐@cveNotify
Patchstack
WordPress Monitor.chat plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
๐จ CVE-2024-49640
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AmaderCode Lab ACL Floating Cart for WooCommerce allows Reflected XSS.This issue affects ACL Floating Cart for WooCommerce: from n/a through 0.9.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AmaderCode Lab ACL Floating Cart for WooCommerce allows Reflected XSS.This issue affects ACL Floating Cart for WooCommerce: from n/a through 0.9.
๐@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress ACL Floating Cart for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-49641
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tidaweb Tida URL Screenshot allows Reflected XSS.This issue affects Tida URL Screenshot: from n/a through 1.0.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tidaweb Tida URL Screenshot allows Reflected XSS.This issue affects Tida URL Screenshot: from n/a through 1.0.
๐@cveNotify
Patchstack
WordPress Tida URL Screenshot plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
๐จ CVE-2024-7774
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite existing text files, read `.txt` files, and delete files. The vulnerability is exploited through the `setFileContent`, `getParsedFile`, and `mdelete` methods, which do not properly sanitize user input.
๐@cveNotify
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite existing text files, read `.txt` files, and delete files. The vulnerability is exploited through the `setFileContent`, `getParsedFile`, and `mdelete` methods, which do not properly sanitize user input.
๐@cveNotify
GitHub
fix(langchain): Fix local file store traversal issue (#6736) ยท langchain-ai/langchainjs@a0fad77
๐ฆ๐ Build context-aware reasoning applications ๐ฆ๐. Contribute to langchain-ai/langchainjs development by creating an account on GitHub.
๐จ CVE-2024-7783
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT (JSON Web Token) used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of sensitive information poses significant security risks, as an attacker who gains access to the JWT can easily decode it and retrieve the password. The issue is fixed in version 1.0.3.
๐@cveNotify
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT (JSON Web Token) used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of sensitive information poses significant security risks, as an attacker who gains access to the JWT can easily decode it and retrieve the password. The issue is fixed in version 1.0.3.
๐@cveNotify
GitHub
Encryption in JWT for single-user password mode (#2111) ยท Mintplex-Labs/anything-llm@4430ddb
* wip encrypting jwt value
* Encrypt/Decrypt pass in JWT value for verification in single-user password mode
* Encrypt/Decrypt pass in JWT value for verification in single-user password mode
๐จ CVE-2023-35692
In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
๐@cveNotify
In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
๐@cveNotify
๐จ CVE-2023-34669
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.
๐@cveNotify
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.
๐@cveNotify
๐จ CVE-2024-21678
This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center.
This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction.
Data Center
Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
||Affected versions||Fixed versions||
|from 8.7.0 to 8.7.1|8.8.0 recommended or 8.7.2|
|from 8.6.0 to 8.6.1|8.8.0 recommended|
|from 8.5.0 to 8.5.4 LTS|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS|
|from 8.4.0 to 8.4.5|8.8.0 recommended or 8.5.6 LTS|
|from 8.3.0 to 8.3.4|8.8.0 recommended or 8.5.6 LTS|
|from 8.2.0 to 8.2.3|8.8.0 recommended or 8.5.6 LTS|
|from 8.1.0 to 8.1.4|8.8.0 recommended or 8.5.6 LTS|
|from 8.0.0 to 8.0.4|8.8.0 recommended or 8.5.6 LTS|
|from 7.20.0 to 7.20.3|8.8.0 recommended or 8.5.6 LTS|
|from 7.19.0 to 7.19.17 LTS|8.8.0 recommended or 8.5.6 LTS or 7.19.18 LTS or 7.19.19 LTS|
|from 7.18.0 to 7.18.3|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
|from 7.17.0 to 7.17.5|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
|Any earlier versions|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
Server
Atlassian recommends that Confluence Server customers upgrade to the latest 8.5.x LTS version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
||Affected versions||Fixed versions||
|from 8.5.0 to 8.5.4 LTS|8.5.5 LTS or 8.5.6 LTS recommended |
|from 8.4.0 to 8.4.5|8.5.6 LTS recommended|
|from 8.3.0 to 8.3.4|8.5.6 LTS recommended|
|from 8.2.0 to 8.2.3|8.5.6 LTS recommended|
|from 8.1.0 to 8.1.4|8.5.6 LTS recommended|
|from 8.0.0 to 8.0.4|8.5.6 LTS recommended|
|from 7.20.0 to 7.20.3|8.5.6 LTS recommended|
|from 7.19.0 to 7.19.17 LTS|8.5.6 LTS recommended or 7.19.18 LTS or 7.19.19 LTS|
|from 7.18.0 to 7.18.3|8.5.6 LTS recommended or 7.19.19 LTS|
|from 7.17.0 to 7.17.5|8.5.6 LTS recommended or 7.19.19 LTS|
|Any earlier versions|8.5.6 LTS recommended or 7.19.19 LTS|
See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]).
This vulnerability was reported via our Bug Bounty program.
๐@cveNotify
This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center.
This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction.
Data Center
Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
||Affected versions||Fixed versions||
|from 8.7.0 to 8.7.1|8.8.0 recommended or 8.7.2|
|from 8.6.0 to 8.6.1|8.8.0 recommended|
|from 8.5.0 to 8.5.4 LTS|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS|
|from 8.4.0 to 8.4.5|8.8.0 recommended or 8.5.6 LTS|
|from 8.3.0 to 8.3.4|8.8.0 recommended or 8.5.6 LTS|
|from 8.2.0 to 8.2.3|8.8.0 recommended or 8.5.6 LTS|
|from 8.1.0 to 8.1.4|8.8.0 recommended or 8.5.6 LTS|
|from 8.0.0 to 8.0.4|8.8.0 recommended or 8.5.6 LTS|
|from 7.20.0 to 7.20.3|8.8.0 recommended or 8.5.6 LTS|
|from 7.19.0 to 7.19.17 LTS|8.8.0 recommended or 8.5.6 LTS or 7.19.18 LTS or 7.19.19 LTS|
|from 7.18.0 to 7.18.3|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
|from 7.17.0 to 7.17.5|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
|Any earlier versions|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|
Server
Atlassian recommends that Confluence Server customers upgrade to the latest 8.5.x LTS version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
||Affected versions||Fixed versions||
|from 8.5.0 to 8.5.4 LTS|8.5.5 LTS or 8.5.6 LTS recommended |
|from 8.4.0 to 8.4.5|8.5.6 LTS recommended|
|from 8.3.0 to 8.3.4|8.5.6 LTS recommended|
|from 8.2.0 to 8.2.3|8.5.6 LTS recommended|
|from 8.1.0 to 8.1.4|8.5.6 LTS recommended|
|from 8.0.0 to 8.0.4|8.5.6 LTS recommended|
|from 7.20.0 to 7.20.3|8.5.6 LTS recommended|
|from 7.19.0 to 7.19.17 LTS|8.5.6 LTS recommended or 7.19.18 LTS or 7.19.19 LTS|
|from 7.18.0 to 7.18.3|8.5.6 LTS recommended or 7.19.19 LTS|
|from 7.17.0 to 7.17.5|8.5.6 LTS recommended or 7.19.19 LTS|
|Any earlier versions|8.5.6 LTS recommended or 7.19.19 LTS|
See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]).
This vulnerability was reported via our Bug Bounty program.
๐@cveNotify
๐จ CVE-2024-26490
A cross-site scripting (XSS) vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field.
๐@cveNotify
A cross-site scripting (XSS) vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field.
๐@cveNotify
GitHub
cms/2.md at main ยท 2111715623/cms
Contribute to 2111715623/cms development by creating an account on GitHub.
๐จ CVE-2024-26472
KLiK SocialMediaWebsite version 1.0.1 from msaad1999 has a reflected cross-site scripting (XSS) vulnerability which may allow remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' or 'validator' parameters of 'create-new-pwd.php'.
๐@cveNotify
KLiK SocialMediaWebsite version 1.0.1 from msaad1999 has a reflected cross-site scripting (XSS) vulnerability which may allow remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' or 'validator' parameters of 'create-new-pwd.php'.
๐@cveNotify
GitHub
vulnerability-research/CVE-2024-26472 at main ยท dub-flow/vulnerability-research
This repository contains information on the CVEs I found. - dub-flow/vulnerability-research
๐จ CVE-2024-28151
Jenkins HTML Publisher Plugin 1.32 and earlier archives invalid symbolic links in report directories on agents and recreates them on the controller, allowing attackers with Item/Configure permission to determine whether a path on the Jenkins controller file system exists, without being able to access it.
๐@cveNotify
Jenkins HTML Publisher Plugin 1.32 and earlier archives invalid symbolic links in report directories on agents and recreates them on the controller, allowing attackers with Item/Configure permission to determine whether a path on the Jenkins controller file system exists, without being able to access it.
๐@cveNotify