π¨ CVE-2024-29301
SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?admin_id=
π@cveNotify
SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?admin_id=
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2023-40284
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.
π@cveNotify
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.
π@cveNotify
π¨ CVE-2023-40287
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.
π@cveNotify
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.
π@cveNotify
π¨ CVE-2023-40288
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.
π@cveNotify
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.
π@cveNotify
π¨ CVE-2023-43768
An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands.
π@cveNotify
An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands.
π@cveNotify
Couchbase
Release Notes for Couchbase Server 8.0 | Couchbase Docs
Couchbase Server 8.0.0 introduces many fixes, as well as some deprecations and removals.
π¨ CVE-2024-6162
A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processed. As a result, the server may attempt to access the wrong path, causing errors such as "404 Not Found" or other application failures. This flaw can potentially lead to a denial of service, as legitimate resources become inaccessible due to the path mix-up.
π@cveNotify
A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processed. As a result, the server may attempt to access the wrong path, causing errors such as "404 Not Found" or other application failures. This flaw can potentially lead to a denial of service, as legitimate resources become inaccessible due to the path mix-up.
π@cveNotify
π1
π¨ CVE-2024-3219
There is a MEDIUM severity vulnerability affecting CPython.
The
βsocketβ module provides a pure-Python fallback to the
socket.socketpair() function for platforms that donβt support AF_UNIX,
such as Windows. This pure-Python implementation uses AF_INET or
AF_INET6 to create a local connected pair of sockets. The connection
between the two sockets was not verified before passing the two sockets
back to the user, which leaves the server socket vulnerable to a
connection race from a malicious local peer.
Platforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.
π@cveNotify
There is a MEDIUM severity vulnerability affecting CPython.
The
βsocketβ module provides a pure-Python fallback to the
socket.socketpair() function for platforms that donβt support AF_UNIX,
such as Windows. This pure-Python implementation uses AF_INET or
AF_INET6 to create a local connected pair of sockets. The connection
between the two sockets was not verified before passing the two sockets
back to the user, which leaves the server socket vulnerable to a
connection race from a malicious local peer.
Platforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.
π@cveNotify
π¨ CVE-2024-7439
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273524. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life.
π@cveNotify
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273524. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life.
π@cveNotify
π¨ CVE-2024-7442
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been rated as critical. This issue affects the function getenv of the file upload_file.cgi. The manipulation of the argument QUERY_STRING leads to command injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-273527. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life.
π@cveNotify
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been rated as critical. This issue affects the function getenv of the file upload_file.cgi. The manipulation of the argument QUERY_STRING leads to command injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-273527. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life.
π@cveNotify
π¨ CVE-2024-5081
The wp-eMember WordPress plugin before v10.7.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
π@cveNotify
The wp-eMember WordPress plugin before v10.7.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
π@cveNotify
WPScan
WP eMember <= v10.7.0 - Stored XSS via CSRF
See details on WP eMember <= v10.7.0 - Stored XSS via CSRF CVE 2024-5081. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2024-21459
Information disclosure while handling beacon or probe response frame in STA.
π@cveNotify
Information disclosure while handling beacon or probe response frame in STA.
π@cveNotify
π¨ CVE-2024-21467
Information disclosure while handling beacon probe frame during scan entry generation in client side.
π@cveNotify
Information disclosure while handling beacon probe frame during scan entry generation in client side.
π@cveNotify
π¨ CVE-2024-21481
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.
π@cveNotify
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.
π@cveNotify
π¨ CVE-2024-23350
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
π@cveNotify
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
π@cveNotify
π¨ CVE-2017-6441
The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do not request CVEs for ordinary bugs. CVEs are relevant for security issues only.
π@cveNotify
The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do not request CVEs for ordinary bugs. CVEs are relevant for security issues only.
π@cveNotify
π¨ CVE-2017-7397
BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). This product enables net.ipv4.conf.all.log_martians by default. NOTE: the vendor reports "It has been proved that this vulnerability has no foundation and it is totally fake and based on false assumptions.
π@cveNotify
BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). This product enables net.ipv4.conf.all.log_martians by default. NOTE: the vendor reports "It has been proved that this vulnerability has no foundation and it is totally fake and based on false assumptions.
π@cveNotify
π¨ CVE-2017-7305
Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism via a crafted boot. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for a bootloader password; however, this password is optional to meet different customers' needs
π@cveNotify
Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism via a crafted boot. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for a bootloader password; however, this password is optional to meet different customers' needs
π@cveNotify
seclists.org
Full Disclosure: CVE-2017-5670 : Riverbed RiOS insecure cryptographic storage
π¨ CVE-2017-7306
Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for supporting arbitrary password changes by customers; however, a password change is optional to meet different customers' needs
π@cveNotify
Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for supporting arbitrary password changes by customers; however, a password change is optional to meet different customers' needs
π@cveNotify
seclists.org
Full Disclosure: CVE-2017-5670 : Riverbed RiOS insecure cryptographic storage
π¨ CVE-2017-5969
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
π@cveNotify
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
π@cveNotify
π¨ CVE-2017-6363
In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'
π@cveNotify
In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'
π@cveNotify
GitHub
Invalid read when call gdImageTiffPtr (CVE-2017-6363) Β· Issue #383 Β· libgd/libgd
Description Hi, when I fuzz the libgd, a invalid read occurs within the function tiffWriter of gd_tiff.c, it can be triggered by the gdfile.txt Valgrind tracker β Bin git:(master) β valgrind --leak...