π¨ CVE-2024-37334
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
π@cveNotify
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
π@cveNotify
π¨ CVE-2024-27877
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.
π@cveNotify
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.
π@cveNotify
seclists.org
Full Disclosure: APPLE-SA-07-29-2024-4 macOS Sonoma 14.6
π¨ CVE-2024-41949
biscuit-rust is the Rust implementation of Biscuit, an authentication and authorization token for microservices architectures. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the necessary info to generate a third-party block and to sign it, which includes the public key of the previous block (used in the signature) and the public keys part of the token symbol table (for public key interning in datalog expressions). A third-part block request forged by a malicious user can trick the third-party authority into generating datalog trusting the wrong keypair.
π@cveNotify
biscuit-rust is the Rust implementation of Biscuit, an authentication and authorization token for microservices architectures. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the necessary info to generate a third-party block and to sign it, which includes the public key of the previous block (used in the signature) and the public keys part of the token symbol table (for public key interning in datalog expressions). A third-part block request forged by a malicious user can trick the third-party authority into generating datalog trusting the wrong keypair.
π@cveNotify
GitHub
Public key confusion in third party block
Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a `ThirdPartyBlock` request can be sent, providing only the necessary info to generat...
π¨ CVE-2024-37176
SAP BW/4HANA Transformation and Data Transfer
Process (DTP) allows an authenticated attacker to gain higher access levels
than they should have by exploiting improper authorization checks. This results
in escalation of privileges. It has no impact on the confidentiality of data
but may have low impacts on the integrity and availability of the application.
π@cveNotify
SAP BW/4HANA Transformation and Data Transfer
Process (DTP) allows an authenticated attacker to gain higher access levels
than they should have by exploiting improper authorization checks. This results
in escalation of privileges. It has no impact on the confidentiality of data
but may have low impacts on the integrity and availability of the application.
π@cveNotify
π¨ CVE-2024-32863
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
π@cveNotify
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
π@cveNotify
π¨ CVE-2024-32864
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
π@cveNotify
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
π@cveNotify
π¨ CVE-2024-32758
Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange
π@cveNotify
Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange
π@cveNotify
π¨ CVE-2024-32862
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.
π@cveNotify
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.
π@cveNotify
π¨ CVE-2024-32865
Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.
π@cveNotify
Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.
π@cveNotify
π¨ CVE-2023-7165
The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files.
π@cveNotify
The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files.
π@cveNotify
WPScan
JetBackup < 2.0.9.9 - Directory Listing Exposing Backups
See details on JetBackup < 2.0.9.9 - Directory Listing Exposing Backups CVE 2023-7165. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2024-0719
The Tabs Shortcode and Widget WordPress plugin through 1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
π@cveNotify
The Tabs Shortcode and Widget WordPress plugin through 1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
π@cveNotify
WPScan
Tabs Shortcode and Widget <= 1.17 - Contributor+ Stored Cross-Site Scripting
See details on Tabs Shortcode and Widget <= 1.17 - Contributor+ Stored Cross-Site Scripting CVE 2024-0719. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2024-1307
The Smart Forms WordPress plugin before 2.6.94 does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized actions
π@cveNotify
The Smart Forms WordPress plugin before 2.6.94 does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized actions
π@cveNotify
WPScan
Smart Forms < 2.6.94 - Subscriber+ Edit Entries via Broken Access Control
See details on Smart Forms < 2.6.94 - Subscriber+ Edit Entries via Broken Access Control CVE 2024-1307. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2024-2857
The Simple Buttons Creator WordPress plugin through 1.04 does not have any authorisation as well as CSRF in its add button function, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also allow them to perform Stored Cross-Site Scripting attacks against logged in admins.
π@cveNotify
The Simple Buttons Creator WordPress plugin through 1.04 does not have any authorisation as well as CSRF in its add button function, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also allow them to perform Stored Cross-Site Scripting attacks against logged in admins.
π@cveNotify
WPScan
Simple Buttons Creator <= 1.04 - Unauthenticated Stored XSS
See details on Simple Buttons Creator <= 1.04 - Unauthenticated Stored XSS CVE 2024-2857. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2024-2404
The Better Comments WordPress plugin before 1.5.6 does not sanitise and escape some of its settings, which could allow low privilege users such as Subscribers to perform Stored Cross-Site Scripting attacks.
π@cveNotify
The Better Comments WordPress plugin before 1.5.6 does not sanitise and escape some of its settings, which could allow low privilege users such as Subscribers to perform Stored Cross-Site Scripting attacks.
π@cveNotify
WPScan
Better Comments < 1.5.6 - Subscriber+ Stored XSS
See details on Better Comments < 1.5.6 - Subscriber+ Stored XSS CVE 2024-2404. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2024-0151
Insufficient argument checking in Secure state Entry functions in software using Cortex-M Security Extensions (CMSE), that has been compiled using toolchains that implement 'Arm v8-M Security Extensions Requirements on Development Tools' prior to version 1.4, allows an attacker to pass values to Secure state that are out of range for types smaller than 32-bits. Out of range values might lead to incorrect operations in secure state.
π@cveNotify
Insufficient argument checking in Secure state Entry functions in software using Cortex-M Security Extensions (CMSE), that has been compiled using toolchains that implement 'Arm v8-M Security Extensions Requirements on Development Tools' prior to version 1.4, allows an attacker to pass values to Secure state that are out of range for types smaller than 32-bits. Out of range values might lead to incorrect operations in secure state.
π@cveNotify
π¨ CVE-2024-34683
An authenticated attacker can upload malicious
file to SAP Document Builder service. When the victim accesses this file, the
attacker is allowed to access, modify, or make the related information
unavailable in the victimβs browser.
π@cveNotify
An authenticated attacker can upload malicious
file to SAP Document Builder service. When the victim accesses this file, the
attacker is allowed to access, modify, or make the related information
unavailable in the victimβs browser.
π@cveNotify
π¨ CVE-2024-34688
Due to unrestricted access to the Meta Model
Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks
on the application, which may prevent legitimate users from accessing it. This
can result in no impact on confidentiality and integrity but a high impact on
the availability of the application.
π@cveNotify
Due to unrestricted access to the Meta Model
Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks
on the application, which may prevent legitimate users from accessing it. This
can result in no impact on confidentiality and integrity but a high impact on
the availability of the application.
π@cveNotify
π¨ CVE-2019-16572
Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
π@cveNotify
Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
π@cveNotify
π¨ CVE-2024-1232
The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack
π@cveNotify
The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack
π@cveNotify
WPScan
CM Download Manager < 2.9.0 - Download Deletion via CSRF
See details on CM Download Manager < 2.9.0 - Download Deletion via CSRF CVE 2024-1232. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2023-7201
The Everest Backup WordPress plugin before 2.2.5 does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
π@cveNotify
The Everest Backup WordPress plugin before 2.2.5 does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
π@cveNotify
WPScan
Everest Backup < 2.2.5 - Admin+ Arbitrary File Upload
See details on Everest Backup < 2.2.5 - Admin+ Arbitrary File Upload CVE 2023-7201. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2024-1306
The Smart Forms WordPress plugin before 2.6.94 does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium risk.
π@cveNotify
The Smart Forms WordPress plugin before 2.6.94 does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium risk.
π@cveNotify
WPScan
Smart Forms < 2.6.94 - Edit Entries via CSRF
See details on Smart Forms < 2.6.94 - Edit Entries via CSRF CVE 2024-1306. View the latest Plugin Vulnerabilities on WPScan.