๐จ CVE-2024-5053
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability check on the verifyRequest function in all versions up to, and including, 5.1.18. This makes it possible for Form Managers with a Subscriber-level access and above to modify the Mailchimp API key used for integration. At the same time, missing Mailchimp API key validation allows the redirect of the integration requests to the attacker-controlled server.
๐@cveNotify
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability check on the verifyRequest function in all versions up to, and including, 5.1.18. This makes it possible for Form Managers with a Subscriber-level access and above to modify the Mailchimp API key used for integration. At the same time, missing Mailchimp API key validation allows the redirect of the integration requests to the attacker-controlled server.
๐@cveNotify
๐จ CVE-2024-45191
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
GitLab
matrix-org / Olm ยท GitLab
Implementation of the olm and megolm cryptographic ratchets
๐จ CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
GitLab
matrix-org / Olm ยท GitLab
Implementation of the olm and megolm cryptographic ratchets
๐จ CVE-2024-45269
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the WordPress site.
๐@cveNotify
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the WordPress site.
๐@cveNotify
GitHub
GitHub - majeedraza1/carousel-slider: Carousel Slider is an AI-powered tool for creating stunning, SEO-friendly carousels. Easilyโฆ
Carousel Slider is an AI-powered tool for creating stunning, SEO-friendly carousels. Easily showcase images, videos, logos, or content to boost engagement. Features include auto-generated sliders p...
๐จ CVE-2024-45270
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the WordPress site.
๐@cveNotify
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the WordPress site.
๐@cveNotify
GitHub
GitHub - majeedraza1/carousel-slider: Carousel Slider is an AI-powered tool for creating stunning, SEO-friendly carousels. Easilyโฆ
Carousel Slider is an AI-powered tool for creating stunning, SEO-friendly carousels. Easily showcase images, videos, logos, or content to boost engagement. Features include auto-generated sliders p...
๐จ CVE-2024-45522
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts.
๐@cveNotify
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts.
๐@cveNotify
GitHub
check for valid host when reseting password ยท Linen-dev/linen.dev@cd37c3e
Lightweight Google-searchable Slack alternative for Communities - check for valid host when reseting password ยท Linen-dev/linen.dev@cd37c3e
๐จ CVE-2024-20084
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944210; Issue ID: MSV-1561.
๐@cveNotify
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944210; Issue ID: MSV-1561.
๐@cveNotify
MediaTek
September 2024
๐จ CVE-2024-20085
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560.
๐@cveNotify
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560.
๐@cveNotify
MediaTek
September 2024
๐จ CVE-2024-20086
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551.
๐@cveNotify
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551.
๐@cveNotify
MediaTek
September 2024
๐จ CVE-2024-20087
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550.
๐@cveNotify
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550.
๐@cveNotify
MediaTek
September 2024
๐จ CVE-2024-20088
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932099; Issue ID: MSV-1543.
๐@cveNotify
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932099; Issue ID: MSV-1543.
๐@cveNotify
MediaTek
September 2024
๐จ CVE-2024-20089
In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.
๐@cveNotify
In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.
๐@cveNotify
MediaTek
September 2024
๐จ CVE-2024-28044
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.
๐@cveNotify
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.
๐@cveNotify
๐จ CVE-2024-38382
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
๐@cveNotify
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
๐@cveNotify
๐จ CVE-2024-38386
in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
๐@cveNotify
in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
๐@cveNotify
๐จ CVE-2024-39612
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
๐@cveNotify
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
๐@cveNotify
๐จ CVE-2024-39775
in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read.
๐@cveNotify
in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read.
๐@cveNotify
๐จ CVE-2024-7354
The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
๐@cveNotify
The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
๐@cveNotify
WPScan
Ninja Forms 3.8.6-3.8.10 - Reflected XSS
See details on Ninja Forms 3.8.6-3.8.10 - Reflected XSS CVE 2024-7354. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2024-7690
The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
๐@cveNotify
The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
๐@cveNotify
WPScan
DN Popup <= 1.2.2 - Settings Update via CSRF
See details on DN Popup <= 1.2.2 - Settings Update via CSRF CVE 2024-7690. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2024-7691
The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against administrators.
๐@cveNotify
The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against administrators.
๐@cveNotify
WPScan
Flaming Forms <= 1.0.1 - Unauthenticated Stored XSS
See details on Flaming Forms <= 1.0.1 - Unauthenticated Stored XSS CVE 2024-7691. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2024-7692
The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
๐@cveNotify
The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
๐@cveNotify
WPScan
Flaming Forms <= 1.0.1 - Reflected XSS
See details on Flaming Forms <= 1.0.1 - Reflected XSS CVE 2024-7692. View the latest Plugin Vulnerabilities on WPScan.