π¨ CVE-2024-5081
The wp-eMember WordPress plugin before v10.7.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
π@cveNotify
The wp-eMember WordPress plugin before v10.7.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
π@cveNotify
WPScan
WP eMember <= v10.7.0 - Stored XSS via CSRF
See details on WP eMember <= v10.7.0 - Stored XSS via CSRF CVE 2024-5081. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2024-21459
Information disclosure while handling beacon or probe response frame in STA.
π@cveNotify
Information disclosure while handling beacon or probe response frame in STA.
π@cveNotify
π¨ CVE-2024-21467
Information disclosure while handling beacon probe frame during scan entry generation in client side.
π@cveNotify
Information disclosure while handling beacon probe frame during scan entry generation in client side.
π@cveNotify
π¨ CVE-2024-21481
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.
π@cveNotify
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.
π@cveNotify
π¨ CVE-2024-23350
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
π@cveNotify
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
π@cveNotify
π¨ CVE-2017-6441
The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do not request CVEs for ordinary bugs. CVEs are relevant for security issues only.
π@cveNotify
The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do not request CVEs for ordinary bugs. CVEs are relevant for security issues only.
π@cveNotify
π¨ CVE-2017-7397
BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). This product enables net.ipv4.conf.all.log_martians by default. NOTE: the vendor reports "It has been proved that this vulnerability has no foundation and it is totally fake and based on false assumptions.
π@cveNotify
BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). This product enables net.ipv4.conf.all.log_martians by default. NOTE: the vendor reports "It has been proved that this vulnerability has no foundation and it is totally fake and based on false assumptions.
π@cveNotify
π¨ CVE-2017-7305
Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism via a crafted boot. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for a bootloader password; however, this password is optional to meet different customers' needs
π@cveNotify
Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism via a crafted boot. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for a bootloader password; however, this password is optional to meet different customers' needs
π@cveNotify
seclists.org
Full Disclosure: CVE-2017-5670 : Riverbed RiOS insecure cryptographic storage
π¨ CVE-2017-7306
Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for supporting arbitrary password changes by customers; however, a password change is optional to meet different customers' needs
π@cveNotify
Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for supporting arbitrary password changes by customers; however, a password change is optional to meet different customers' needs
π@cveNotify
seclists.org
Full Disclosure: CVE-2017-5670 : Riverbed RiOS insecure cryptographic storage
π¨ CVE-2017-5969
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
π@cveNotify
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
π@cveNotify
π¨ CVE-2017-6363
In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'
π@cveNotify
In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'
π@cveNotify
GitHub
Invalid read when call gdImageTiffPtr (CVE-2017-6363) Β· Issue #383 Β· libgd/libgd
Description Hi, when I fuzz the libgd, a invalid read occurs within the function tiffWriter of gd_tiff.c, it can be triggered by the gdfile.txt Valgrind tracker β Bin git:(master) β valgrind --leak...
π¨ CVE-2023-49986
A cross-site scripting (XSS) vulnerability in the component /admin/parent of School Fees Management System 1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.
π@cveNotify
A cross-site scripting (XSS) vulnerability in the component /admin/parent of School Fees Management System 1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.
π@cveNotify
GitHub
GitHub - geraldoalcantara/CVE-2023-49986: School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in "name"β¦
School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in "name" parameter on "add_new_parent" - geraldoalcantara/CVE-2023-49986
π¨ CVE-2022-46091
Cross Site Scripting (XSS) vulnerability in the feedback form of Online Flight Booking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the airline parameter.
π@cveNotify
Cross Site Scripting (XSS) vulnerability in the feedback form of Online Flight Booking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the airline parameter.
π@cveNotify
GitHub
CVE-2022-46091/CVE-34 at main Β· ASR511-OO7/CVE-2022-46091
Contribute to ASR511-OO7/CVE-2022-46091 development by creating an account on GitHub.
π¨ CVE-2023-7246
The System Dashboard WordPress plugin before 2.8.10 does not sanitize and escape some parameters, which could allow administrators in multisite WordPress configurations to perform Cross-Site Scripting attacks
π@cveNotify
The System Dashboard WordPress plugin before 2.8.10 does not sanitize and escape some parameters, which could allow administrators in multisite WordPress configurations to perform Cross-Site Scripting attacks
π@cveNotify
WPScan
System Dashboard < 2.8.10 - XSS via Header Injection
See details on System Dashboard < 2.8.10 - XSS via Header Injection CVE 2023-7246. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2023-49982
Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts.
π@cveNotify
Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts.
π@cveNotify
GitHub
GitHub - geraldoalcantara/CVE-2023-49982: School Fees Management System v1.0 - Incorrect Access Control - Privilege Escalation
School Fees Management System v1.0 - Incorrect Access Control - Privilege Escalation - geraldoalcantara/CVE-2023-49982
π¨ CVE-2024-34252
wasm3 v0.5.0 was discovered to contain a global buffer overflow which leads to segmentation fault via the function "PreserveRegisterIfOccupied" in wasm3/source/m3_compile.c.
π@cveNotify
wasm3 v0.5.0 was discovered to contain a global buffer overflow which leads to segmentation fault via the function "PreserveRegisterIfOccupied" in wasm3/source/m3_compile.c.
π@cveNotify
GitHub
[Security] Global Buffer Overflow on "PreserveRegisterIfOccupied" Function Β· Issue #483 Β· wasm3/wasm3
Environment OS : Linux 5.15.146.1-microsoft-standard-WSL2 #1 SMP Thu Jan 11 04:09:03 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux Commit : 139076a98b8321b67f850a844f558b5e91b5ac83 Version : 0.5.0 Clang ...
π¨ CVE-2024-37018
The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discovery packets.
π@cveNotify
The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discovery packets.
π@cveNotify
π¨ CVE-2024-33894
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges.
π@cveNotify
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges.
π@cveNotify
π¨ CVE-2024-2937
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.
π@cveNotify
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.
π@cveNotify
Arm
Arm Product Security Center
Arm is committed to upholding the highest standards of security across its products and the wider Arm ecosystem. To support its partners and the broader community, Arm publishes three types of security-related documentation, Security Bulletins, Security Updatesβ¦