π¨ CVE-2024-30663
An issue was discovered in the default configurations of ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3. This vulnerability allows unauthenticated attackers to gain access using default credentials, posing a serious threat to the integrity and security of the system.
π@cveNotify
An issue was discovered in the default configurations of ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3. This vulnerability allows unauthenticated attackers to gain access using default credentials, posing a serious threat to the integrity and security of the system.
π@cveNotify
π¨ CVE-2024-30665
An OS command injection vulnerability has been discovered in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3. This vulnerability primarily affects the command processing or system call components in ROS, making them susceptible to manipulation by malicious entities. Through this, unauthorized commands can be executed, leading to remote code execution (RCE), data theft, and malicious activities. The affected components include External Command Execution Modules, System Call Handlers, and Interface Scripts.
π@cveNotify
An OS command injection vulnerability has been discovered in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3. This vulnerability primarily affects the command processing or system call components in ROS, making them susceptible to manipulation by malicious entities. Through this, unauthorized commands can be executed, leading to remote code execution (RCE), data theft, and malicious activities. The affected components include External Command Execution Modules, System Call Handlers, and Interface Scripts.
π@cveNotify
GitHub
GitHub - yashpatelphd/CVE-2024-30665: OS Command Injection Vulnerability in ROS Melodic Morenia
OS Command Injection Vulnerability in ROS Melodic Morenia - yashpatelphd/CVE-2024-30665
π¨ CVE-2024-30666
A buffer overflow vulnerability has been discovered in the C++ components of ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code via improper handling of arrays or strings within these components.
π@cveNotify
A buffer overflow vulnerability has been discovered in the C++ components of ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code via improper handling of arrays or strings within these components.
π@cveNotify
GitHub
GitHub - yashpatelphd/CVE-2024-30666: Buffer Overflow Vulnerability in ROS Melodic Morenia
Buffer Overflow Vulnerability in ROS Melodic Morenia - yashpatelphd/CVE-2024-30666
π¨ CVE-2024-30667
Insecure deserialization vulnerability in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code or obtain sensitive information via crafted input to the data handling components.
π@cveNotify
Insecure deserialization vulnerability in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code or obtain sensitive information via crafted input to the data handling components.
π@cveNotify
GitHub
GitHub - yashpatelphd/CVE-2024-30667: Insecure Deserialization Vulnerability in ROS Melodic Morenia
Insecure Deserialization Vulnerability in ROS Melodic Morenia - yashpatelphd/CVE-2024-30667
π¨ CVE-2024-30672
Arbitrary file upload vulnerability in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, cause a denial of service (DoS), and obtain sensitive information via the file upload component.
π@cveNotify
Arbitrary file upload vulnerability in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, cause a denial of service (DoS), and obtain sensitive information via the file upload component.
π@cveNotify
GitHub
GitHub - yashpatelphd/CVE-2024-30672: Arbitrary File Upload Vulnerability in ROS Melodic Morenia
Arbitrary File Upload Vulnerability in ROS Melodic Morenia - yashpatelphd/CVE-2024-30672
π¨ CVE-2024-30674
Unauthorized access vulnerability in ROS2 Iron Irwini in ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3, allows remote attackers to gain control of multiple ROS2 nodes. Unauthorized information access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information.
π@cveNotify
Unauthorized access vulnerability in ROS2 Iron Irwini in ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3, allows remote attackers to gain control of multiple ROS2 nodes. Unauthorized information access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information.
π@cveNotify
GitHub
GitHub - yashpatelphd/CVE-2024-30674: Unauthorized Information Access Vulnerability in ROS2 Iron Irwini
Unauthorized Information Access Vulnerability in ROS2 Iron Irwini - yashpatelphd/CVE-2024-30674
π¨ CVE-2024-30675
Unauthorized node injection vulnerability in ROS2 Iron Irwini in ROS_VERSION 2 and ROS_PYTHON_VERSION 3. This vulnerability could allow a malicious user to escalate privileges by injecting malicious ROS2 nodes into the system remotely.
π@cveNotify
Unauthorized node injection vulnerability in ROS2 Iron Irwini in ROS_VERSION 2 and ROS_PYTHON_VERSION 3. This vulnerability could allow a malicious user to escalate privileges by injecting malicious ROS2 nodes into the system remotely.
π@cveNotify
GitHub
GitHub - yashpatelphd/CVE-2024-30675: Unauthorized Node Injection Vulnerability in ROS2 Iron Irwini
Unauthorized Node Injection Vulnerability in ROS2 Iron Irwini - yashpatelphd/CVE-2024-30675
π¨ CVE-2023-52364
Vulnerability of input parameters being not strictly verified in the RSMC module.
Impact: Successful exploitation of this vulnerability may cause out-of-bounds write.
π@cveNotify
Vulnerability of input parameters being not strictly verified in the RSMC module.
Impact: Successful exploitation of this vulnerability may cause out-of-bounds write.
π@cveNotify
π¨ CVE-2023-52385
Out-of-bounds write vulnerability in the RSMC module.
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
Out-of-bounds write vulnerability in the RSMC module.
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
π¨ CVE-2023-52386
Out-of-bounds write vulnerability in the RSMC module.
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
Out-of-bounds write vulnerability in the RSMC module.
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
π¨ CVE-2024-26811
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate payload size in ipc response
If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc
response to ksmbd kernel server. ksmbd should validate payload size of
ipc response from ksmbd.mountd to avoid memory overrun or
slab-out-of-bounds. This patch validate 3 ipc response that has payload.
π@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate payload size in ipc response
If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc
response to ksmbd kernel server. ksmbd should validate payload size of
ipc response from ksmbd.mountd to avoid memory overrun or
slab-out-of-bounds. This patch validate 3 ipc response that has payload.
π@cveNotify
π¨ CVE-2024-27895
Vulnerability of permission control in the window module. Successful exploitation of this vulnerability may affect confidentiality.
π@cveNotify
Vulnerability of permission control in the window module. Successful exploitation of this vulnerability may affect confidentiality.
π@cveNotify
π¨ CVE-2024-27896
Input verification vulnerability in the log module.
Impact: Successful exploitation of this vulnerability can affect integrity.
π@cveNotify
Input verification vulnerability in the log module.
Impact: Successful exploitation of this vulnerability can affect integrity.
π@cveNotify
π¨ CVE-2024-27897
Input verification vulnerability in the call module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
π@cveNotify
Input verification vulnerability in the call module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
π@cveNotify
π¨ CVE-2024-24746
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE.
Specially crafted GATT operation can cause infinite loop in GATT server leading to denial of service in Bluetooth stack or device.
This issue affects Apache NimBLE: through 1.6.0.
Users are recommended to upgrade to version 1.7.0, which fixes the issue.
π@cveNotify
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE.
Specially crafted GATT operation can cause infinite loop in GATT server leading to denial of service in Bluetooth stack or device.
This issue affects Apache NimBLE: through 1.6.0.
Users are recommended to upgrade to version 1.7.0, which fixes the issue.
π@cveNotify
GitHub
nimble/host: Fix disconnect on host connection timeout Β· apache/mynewt-nimble@d42a0eb
We don't need to have double loop and lock-unlock host lock when
issuing disconnect. ble_gap_terminate_with_conn() can be used
to disconnect and it can be called with already provided conn ...
issuing disconnect. ble_gap_terminate_with_conn() can be used
to disconnect and it can be called with already provided conn ...
π¨ CVE-2022-43216
AbrhilSoft Employee's Portal before v5.6.2 was discovered to contain a SQL injection vulnerability in the login page.
π@cveNotify
AbrhilSoft Employee's Portal before v5.6.2 was discovered to contain a SQL injection vulnerability in the login page.
π@cveNotify
π¨ CVE-2024-26574
Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe
π@cveNotify
Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe
π@cveNotify
Wondershare
[Official] Wondershare Filmora: Edit Video as a Pro
Filmora is an all-in-one video editing software for desktop and mobile. Easily create professional videos with intuitive tools, AI-powered features, and creative effects.
π¨ CVE-2024-3439
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Account/login.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259692.
π@cveNotify
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Account/login.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259692.
π@cveNotify
GitHub
CVE/PrisonManagementSystemSQL2.md at main Β· fubxx/CVE
My CVE exploit repository. Contribute to fubxx/CVE development by creating an account on GitHub.
π¨ CVE-2011-10006
A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.65 is able to address this issue. The identifier of the patch is 6182a5682b12369ced0becd3b505439ce2eb8132. It is recommended to upgrade the affected component. The identifier VDB-259629 was assigned to this vulnerability.
π@cveNotify
A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.65 is able to address this issue. The identifier of the patch is 6182a5682b12369ced0becd3b505439ce2eb8132. It is recommended to upgrade the affected component. The identifier VDB-259629 was assigned to this vulnerability.
π@cveNotify
GitHub
Fixed XSS + Increment version number Β· wp-plugins/wp-postratings@6182a56
git-svn-id: https://plugins.svn.wordpress.org/wp-postratings/trunk@346735 b8457f37-d9ea-0310-8a92-e5e31aec5664
π¨ CVE-2014-125111
A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.9 is able to address this issue. The name of the patch is a07b7b08084b9b85859f3968ce7fde0fd1fcbba3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-259628.
π@cveNotify
A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.9 is able to address this issue. The name of the patch is a07b7b08084b9b85859f3968ce7fde0fd1fcbba3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-259628.
π@cveNotify
GitHub
XSS Exploit Fix. Β· wp-plugins/wp-insert@a07b7b0
git-svn-id: https://plugins.svn.wordpress.org/wp-insert/trunk@831372 b8457f37-d9ea-0310-8a92-e5e31aec5664
π¨ CVE-2024-28066
In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password).
π@cveNotify
In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password).
π@cveNotify
www.syss.de
SySS GmbH - The Pentest Experts
IT Security Anbieter β Schwachstellen erkennen | IT-Sicherheit prΓΌfen | Systeme absichern | Risiken nachhaltig minimieren | Schutz gezielt verbessern | Syss