π¨ CVE-2024-32910
In handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, there is a possible stack data disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
In handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, there is a possible stack data disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
π¨ CVE-2024-32911
There is a possible escalation of privilege due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
There is a possible escalation of privilege due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
π¨ CVE-2024-32912
there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
π¨ CVE-2024-32913
In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
π@cveNotify
π¨ CVE-2023-23126
Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and used to manipulate users to perform unintended actions. NOTE: the vendor's position is that a Content-Security-Policy HTTP response header is present to block this attack.
π@cveNotify
Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and used to manipulate users to perform unintended actions. NOTE: the vendor's position is that a Content-Security-Policy HTTP response header is present to block this attack.
π@cveNotify
GitHub
GitHub - l00neyhacker/CVE-2023-23126: CVE-2023-23126
CVE-2023-23126. Contribute to l00neyhacker/CVE-2023-23126 development by creating an account on GitHub.
π¨ CVE-2022-45544
Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter. NOTE: this is disputed by the vendor because an admin is intentionally allowed to upload new executable PHP code, such as a theme that was obtained from a trusted source or was developed for their own website. Only an admin can upload such code, not someone else in an "attacker" role.
π@cveNotify
Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter. NOTE: this is disputed by the vendor because an admin is intentionally allowed to upload new executable PHP code, such as a theme that was obtained from a trusted source or was developed for their own website. Only an admin can upload such code, not someone else in an "attacker" role.
π@cveNotify
π¨ CVE-2024-36502
Out-of-bounds read vulnerability in the audio module
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
Out-of-bounds read vulnerability in the audio module
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
π¨ CVE-2024-36503
Memory management vulnerability in the Gralloc module
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
Memory management vulnerability in the Gralloc module
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
π¨ CVE-2024-5464
Vulnerability of insufficient permission verification in the NearLink module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
π@cveNotify
Vulnerability of insufficient permission verification in the NearLink module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
π@cveNotify
π¨ CVE-2024-5465
Function vulnerabilities in the Calendar module
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
Function vulnerabilities in the Calendar module
Impact: Successful exploitation of this vulnerability will affect availability.
π@cveNotify
π¨ CVE-2016-20022
In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the supplier.
π@cveNotify
In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the supplier.
π@cveNotify
GitHub
USB: validate wMaxPacketValue entries in endpoint descriptors Β· torvalds/linux@aed9d65
Erroneous or malicious endpoint descriptors may have non-zero bits in
reserved positions, or out-of-bounds values. This patch helps prevent
these from causing problems by bounds-checking the wMaxP...
reserved positions, or out-of-bounds values. This patch helps prevent
these from causing problems by bounds-checking the wMaxP...
π¨ CVE-2024-37546
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in biplob018 Image Hover Effects - Caption Hover with Carousel allows Stored XSS.This issue affects Image Hover Effects - Caption Hover with Carousel: from n/a through 3.0.2.
π@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in biplob018 Image Hover Effects - Caption Hover with Carousel allows Stored XSS.This issue affects Image Hover Effects - Caption Hover with Carousel: from n/a through 3.0.2.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Image Hover Effects - Caption Hover with Carousel Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2024-6716
A flaw was found in libtiff. This flaw allows an attacker to create a crafted tiff file, forcing libtiff to allocate memory indefinitely. This issue can result in a denial of service of the system consuming libtiff due to memory starvation.
π@cveNotify
A flaw was found in libtiff. This flaw allows an attacker to create a crafted tiff file, forcing libtiff to allocate memory indefinitely. This issue can result in a denial of service of the system consuming libtiff due to memory starvation.
π@cveNotify
π¨ CVE-2022-45449
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
π@cveNotify
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
π@cveNotify
Acronis
Acronis Advisory Database - Acronis
Acronis Advisory Database. Find information about the latest security advisories and updates for Acronis products.
π¨ CVE-2024-32861
Under certain circumstances the Software House CβCURE 9000 Site Server provides insufficient protection of directories containing executables.
π@cveNotify
Under certain circumstances the Software House CβCURE 9000 Site Server provides insufficient protection of directories containing executables.
π@cveNotify
π¨ CVE-2024-6655
A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.
π@cveNotify
A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.
π@cveNotify
π¨ CVE-2017-10955
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection Advisor 6.3.0. Authentication is required to exploit this vulnerability. The specific flaw exists within the EMC DPA Application service, which listens on TCP port 9002 by default. When parsing the preScript parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute arbitrary code under the context of SYSTEM. Was ZDI-CAN-4697. NOTE: Dell EMC disputes that this is a vulnerability
π@cveNotify
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection Advisor 6.3.0. Authentication is required to exploit this vulnerability. The specific flaw exists within the EMC DPA Application service, which listens on TCP port 9002 by default. When parsing the preScript parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute arbitrary code under the context of SYSTEM. Was ZDI-CAN-4697. NOTE: Dell EMC disputes that this is a vulnerability
π@cveNotify
π¨ CVE-2022-44036
In b2evolution 7.2.5, if configured with admins_can_manipulate_sensitive_files, arbitrary file upload is allowed for admins, leading to command execution. NOTE: the vendor's position is that this is "very obviously a feature not an issue and if you don't like that feature it is very obvious how to disable it."
π@cveNotify
In b2evolution 7.2.5, if configured with admins_can_manipulate_sensitive_files, arbitrary file upload is allowed for admins, leading to command execution. NOTE: the vendor's position is that this is "very obviously a feature not an issue and if you don't like that feature it is very obvious how to disable it."
π@cveNotify
GitHub
b2evolution v7.2.5 hava a arbitrary file upload Vulnerability Β· Issue #121 Β· b2evolution/b2evolution
conf/_advanced.php -> $admins_can_manipulate_sensitive_files: set to true After the admin logged in, access URL http://localhost/index.php/a/extended-post, at "Drag & Drop files to uplo...
π¨ CVE-2023-38947
An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file.
π@cveNotify
An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file.
π@cveNotify
Gitee
PwnεΈε
/Pwn: Validation report
π¨ CVE-2024-30219
Active debug code vulnerability exists in MZK-MF300N all firmware versions. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed.
π@cveNotify
Active debug code vulnerability exists in MZK-MF300N all firmware versions. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed.
π@cveNotify
jvn.jp
JVNVU#91975826: Multiple vulnerabilities in PLANEX COMMUNICATIONS wireless LAN routers
Japan Vulnerability Notes