๐จ CVE-2024-1962
The CM Download Manager WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack
๐@cveNotify
The CM Download Manager WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack
๐@cveNotify
WPScan
CM Download and File Manager < 2.9.1 - Download Edit via CSRF
See details on CM Download and File Manager < 2.9.1 - Download Edit via CSRF CVE 2024-1962. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2024-25354
RegEx Denial of Service in domain-suffix 1.0.8 allows attackers to crash the application via crafted input to the parse function.
๐@cveNotify
RegEx Denial of Service in domain-suffix 1.0.8 allows attackers to crash the application via crafted input to the parse function.
๐@cveNotify
Gist
Security issue in domain-suffix
Security issue in domain-suffix. GitHub Gist: instantly share code, notes, and snippets.
๐จ CVE-2024-35325
A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function yaml_event_delete of the file /src/libyaml/src/api.c. The manipulation leads to a double-free.
๐@cveNotify
A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function yaml_event_delete of the file /src/libyaml/src/api.c. The manipulation leads to a double-free.
๐@cveNotify
GitHub
pocs/libyaml/CVE-2024-35325.c at main ยท idhyt/pocs
vulnerabilities... Contribute to idhyt/pocs development by creating an account on GitHub.
๐จ CVE-2024-8088
There is a HIGH severity vulnerability affecting the CPython "zipfile"
module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected.
When iterating over names of entries in a zip archive (for example, methods
of "zipfile.Path" like "namelist()", "iterdir()", etc)
the process can be put into an infinite loop with a maliciously crafted
zip archive. This defect applies when reading only metadata or extracting
the contents of the zip archive. Programs that are not handling
user-controlled zip archives are not affected.
๐@cveNotify
There is a HIGH severity vulnerability affecting the CPython "zipfile"
module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected.
When iterating over names of entries in a zip archive (for example, methods
of "zipfile.Path" like "namelist()", "iterdir()", etc)
the process can be put into an infinite loop with a maliciously crafted
zip archive. This defect applies when reading only metadata or extracting
the contents of the zip archive. Programs that are not handling
user-controlled zip archives are not affected.
๐@cveNotify
GitHub
[3.11] gh-122905: Sanitize names in zipfile.Path. (GH-122906) (#122925) ยท python/cpython@795f259
* gh-122905: Sanitize names in zipfile.Path. (#122906)
Ported from zipp 3.19.1; ref jaraco/zipp#119.
(cherry picked from commit 9cd03263100ddb1657826cc4a71470786cab3932)
* [3.11] gh-122905...
Ported from zipp 3.19.1; ref jaraco/zipp#119.
(cherry picked from commit 9cd03263100ddb1657826cc4a71470786cab3932)
* [3.11] gh-122905...
๐1
๐จ CVE-2024-7720
HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries.
๐@cveNotify
HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries.
๐@cveNotify
๐จ CVE-2022-39997
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges
๐@cveNotify
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges
๐@cveNotify
๐จ CVE-2024-45346
The Xiaomi Security Center expresses heartfelt thanks to Ken Gannon and Ilyes Beghdadi of NCC Group working with Trend Micro Zero Day Initiative! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life.
๐@cveNotify
The Xiaomi Security Center expresses heartfelt thanks to Ken Gannon and Ilyes Beghdadi of NCC Group working with Trend Micro Zero Day Initiative! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life.
๐@cveNotify
Mi
Xiaomi Security Center
Xiaomi Product Security Center provides users and partners of Xiaomi with detailed information on the security status of our smartphones and IoT products, including product security advisories and notices, security updates and support information, and securityโฆ
๐จ CVE-2023-26322
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
๐@cveNotify
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
๐@cveNotify
Mi
Xiaomi Security Center
Xiaomi Product Security Center provides users and partners of Xiaomi with detailed information on the security status of our smartphones and IoT products, including product security advisories and notices, security updates and support information, and securityโฆ
๐จ CVE-2023-26324
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
๐@cveNotify
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
๐@cveNotify
๐จ CVE-2024-8195
The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'debug_data', 'debug_query', and 'debug_redirect' functions in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to extract sensitive data including password, title, and content of password-protected posts.
๐@cveNotify
The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'debug_data', 'debug_query', and 'debug_redirect' functions in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to extract sensitive data including password, title, and content of password-protected posts.
๐@cveNotify
๐จ CVE-2023-42890
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.
๐@cveNotify
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.
๐@cveNotify
seclists.org
Full Disclosure: APPLE-SA-12-11-2023-7 tvOS 17.2
๐จ CVE-2023-46455
In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to write arbitrary files through a path traversal attack in the OpenVPN client file upload functionality.
๐@cveNotify
In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to write arbitrary files through a path traversal attack in the OpenVPN client file upload functionality.
๐@cveNotify
๐จ CVE-2023-47579
Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system.
๐@cveNotify
Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system.
๐@cveNotify
๐จ CVE-2024-0035
In onNullBinding of TileLifecycleManager.java, there is a possible way to launch an activity from the background due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
๐@cveNotify
In onNullBinding of TileLifecycleManager.java, there is a possible way to launch an activity from the background due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
๐@cveNotify
๐จ CVE-2024-0021
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way for an app in the work profile to enable notification listener services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
๐@cveNotify
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way for an app in the work profile to enable notification listener services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
๐@cveNotify
๐จ CVE-2024-1670
Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
๐@cveNotify
Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
๐@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 122 to the stable channel for Windows, Mac and Linux. This will roll out ov...
๐จ CVE-2024-26310
Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API information that should only be accessible with extra privileges.
๐@cveNotify
Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API information that should only be accessible with extra privileges.
๐@cveNotify
Archer Technologies LLC | GRC
Archer | Enterprise GRC Leaders
For over two decades, Archerยฎ has been at the forefront of risk and compliance innovation, offering organizations the tools and insights needed to build resilient, high-performing businesses. Archerโs advanced solutions leverage artificial intelligence, riskโฆ
๐จ CVE-2024-27746
SQL Injection vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email address parameter in the index.php component.
๐@cveNotify
SQL Injection vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email address parameter in the index.php component.
๐@cveNotify
GitHub
CVE_POC/CVE-2024-27746.md at main ยท shubham-s-pandey/CVE_POC
Contribute to shubham-s-pandey/CVE_POC development by creating an account on GitHub.
๐จ CVE-2023-49546
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email parameter at /customer_support/ajax.php.
๐@cveNotify
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email parameter at /customer_support/ajax.php.
๐@cveNotify
GitHub
GitHub - geraldoalcantara/CVE-2023-49546: Customer Support System 1.0 - SQL Injection Vulnerability in the "email" Parameter Duringโฆ
Customer Support System 1.0 - SQL Injection Vulnerability in the "email" Parameter During "save_staff" Operation - geraldoalcantara/CVE-2023-49546
๐จ CVE-2024-22188
TYPO3 before 13.0.1 allows an authenticated admin user (with system maintainer privileges) to execute arbitrary shell commands (with the privileges of the web server) via a command injection vulnerability in form fields of the Install Tool. The fixed versions are 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, and 13.0.1.
๐@cveNotify
TYPO3 before 13.0.1 allows an authenticated admin user (with system maintainer privileges) to execute arbitrary shell commands (with the privileges of the web server) via a command injection vulnerability in form fields of the Install Tool. The fixed versions are 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, and 13.0.1.
๐@cveNotify
GitHub
Code Execution in TYPO3 Install Tool
### Problem
Several settings in the Install Tool for configuring the path to system binaries were vulnerable to code execution. Exploiting this vulnerability requires an administrator-level backen...
Several settings in the Install Tool for configuring the path to system binaries were vulnerable to code execution. Exploiting this vulnerability requires an administrator-level backen...
๐จ CVE-2024-2174
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
๐@cveNotify
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
๐@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 122.0.6261.111/.112 for Windows and Mac and 122.0.6261.111 to Linux which will roll out over the co...