π¨ CVE-2023-6813
The Login by Auth0 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the βwleβ parameter in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
π@cveNotify
The Login by Auth0 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the βwleβ parameter in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
π@cveNotify
π¨ CVE-2024-26279
The wrapper extensions do not correctly validate inputs, leading to XSS vectors.
π@cveNotify
The wrapper extensions do not correctly validate inputs, leading to XSS vectors.
π@cveNotify
Joomla! Developer Networkβ’
Joomla! Developer Network
The Flexible Platform Empowering Website Creators
π¨ CVE-2024-6556
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website.
π@cveNotify
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website.
π@cveNotify
π¨ CVE-2024-3798
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which β when visited by a user β will send malicious requests to multiple hosts on the local network. If such a request reaches the server, it will cause one of the following (depending on the chosen payload): shell command execution, reflected XSS or cross-site request forgery.
This issue affects Phoniebox in all releases through 2.7. Newer releases were not tested, but they might also be vulnerable.
π@cveNotify
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which β when visited by a user β will send malicious requests to multiple hosts on the local network. If such a request reaches the server, it will cause one of the following (depending on the chosen payload): shell command execution, reflected XSS or cross-site request forgery.
This issue affects Phoniebox in all releases through 2.7. Newer releases were not tested, but they might also be vulnerable.
π@cveNotify
cert.pl
Vulnerabilities in Phoniebox open-source project
During its own research, CERT Polska has found 2 vulnerabilities (CVE-2024-3798 and CVE-2024-3799) in Phoniebox open-source project.
π¨ CVE-2024-3799
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which β when visited by a user β will send malicious requests to multiple hosts on the local network. If such a request reaches the server, it will cause a shell command execution.
This issue affects Phoniebox in all releases through 2.7. Newer releases were not tested, but they might also be vulnerable.
π@cveNotify
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which β when visited by a user β will send malicious requests to multiple hosts on the local network. If such a request reaches the server, it will cause a shell command execution.
This issue affects Phoniebox in all releases through 2.7. Newer releases were not tested, but they might also be vulnerable.
π@cveNotify
cert.pl
Vulnerabilities in Phoniebox open-source project
During its own research, CERT Polska has found 2 vulnerabilities (CVE-2024-3798 and CVE-2024-3799) in Phoniebox open-source project.
π¨ CVE-2024-23692
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
π@cveNotify
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
π@cveNotify
π¨ CVE-2016-7537
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
π@cveNotify
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
π@cveNotify
π¨ CVE-2016-7534
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
π@cveNotify
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
π@cveNotify
π¨ CVE-2016-7535
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
π@cveNotify
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
π@cveNotify
π¨ CVE-2016-7536
magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.
π@cveNotify
magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.
π@cveNotify
π¨ CVE-2023-1729
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
π@cveNotify
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
π@cveNotify
π¨ CVE-2020-22628
Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp.
π@cveNotify
Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp.
π@cveNotify
GitHub
"LibRaw::stretch()" Out-of-bounds read vulnerability Β· Issue #269 Β· LibRaw/LibRaw
Description An out-of-bounds read vulnerability exists within the "LibRaw::stretch()" function (libraw\src\postprocessing\aspect_ratio.cpp) when parsing a crafted CRW file. Steps to Repro...
π¨ CVE-2024-40331
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/dbBakMySQL_deal.php?mudi=backup
π@cveNotify
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/dbBakMySQL_deal.php?mudi=backup
π@cveNotify
GitHub
cms/66/csrf.md at main Β· Tank992/cms
Contribute to Tank992/cms development by creating an account on GitHub.
π¨ CVE-2024-40332
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord
π@cveNotify
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord
π@cveNotify
GitHub
cms/65/csrf.md at main Β· Tank992/cms
Contribute to Tank992/cms development by creating an account on GitHub.
π¨ CVE-2024-40336
idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.'
π@cveNotify
idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.'
π@cveNotify
GitHub
cms/73/readme.md at main Β· Tank992/cms
Contribute to Tank992/cms development by creating an account on GitHub.
π¨ CVE-2014-0069
The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.
π@cveNotify
The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.
π@cveNotify
π¨ CVE-2023-45919
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.
π@cveNotify
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.
π@cveNotify
seclists.org
Full Disclosure: Buffer Overflow in glXQueryServerString() of mesa
π¨ CVE-2024-23562
This vulnerability is being re-assessed. Vulnerability details will be updated.
The security bulletin will be republished when further details are available.
π@cveNotify
This vulnerability is being re-assessed. Vulnerability details will be updated.
The security bulletin will be republished when further details are available.
π@cveNotify
π¨ CVE-2023-46049
LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and because a crash of the llvm-lto application should be categorized as a usability problem.
π@cveNotify
LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and because a crash of the llvm-lto application should be categorized as a usability problem.
π@cveNotify
seclists.org
Full Disclosure: null pointer deference in LLVM