๐จ CVE-2023-25280
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.
๐@cveNotify
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.
๐@cveNotify
GitHub
D_Link_Vuln/cmd Inject in pingV4Msg at main ยท migraine-sudo/D_Link_Vuln
Contribute to migraine-sudo/D_Link_Vuln development by creating an account on GitHub.
๐จ CVE-2024-47126
The goTenna Pro series does not use SecureRandom when generating its cryptographic keys. The random function in use is not suitable for cryptographic use.
๐@cveNotify
The goTenna Pro series does not use SecureRandom when generating its cryptographic keys. The random function in use is not suitable for cryptographic use.
๐@cveNotify
๐จ CVE-2024-47127
In the goTenna Pro there is a vulnerability that makes it possible to inject any custom message with any GID and Callsign using a software defined radio in existing gotenna mesh networks. This vulnerability can be exploited if the device is being used in a unencrypted environment or if the cryptography has already been compromised.
๐@cveNotify
In the goTenna Pro there is a vulnerability that makes it possible to inject any custom message with any GID and Callsign using a software defined radio in existing gotenna mesh networks. This vulnerability can be exploited if the device is being used in a unencrypted environment or if the cryptography has already been compromised.
๐@cveNotify
๐จ CVE-2024-7714
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0. Multiple actions are accessible: 'ays_chatgpt_disconnect', 'ays_chatgpt_connect', and 'ays_chatgpt_save_feedback'
๐@cveNotify
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0. Multiple actions are accessible: 'ays_chatgpt_disconnect', 'ays_chatgpt_connect', and 'ays_chatgpt_save_feedback'
๐@cveNotify
WPScan
AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls
See details on AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls CVE 2024-7714. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2024-46802
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: added NULL check at start of dc_validate_stream
[Why]
prevent invalid memory access
[How]
check if dc and stream are NULL
๐@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: added NULL check at start of dc_validate_stream
[Why]
prevent invalid memory access
[How]
check if dc and stream are NULL
๐@cveNotify
๐จ CVE-2024-46811
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box
[Why]
Coverity reports OVERRUN warning. soc.num_states could
be 40. But array range of bw_params->clk_table.entries is 8.
[How]
Assert if soc.num_states greater than 8.
๐@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box
[Why]
Coverity reports OVERRUN warning. soc.num_states could
be 40. But array range of bw_params->clk_table.entries is 8.
[How]
Assert if soc.num_states greater than 8.
๐@cveNotify
๐จ CVE-2024-44910
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).
๐@cveNotify
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).
๐@cveNotify
GitHub
Out-of-Bounds reads on TM/TC/AOS Frames ยท Issue #268 ยท nasa/CryptoLib
It is possible to get a seg fault by first passing an invalid index to sa_if->sa_get_from_spi(spi, &sa_ptr), then dereferencing the pointer in the // Determine SA Service Type code blocks in...
๐จ CVE-2024-9567
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. This issue affects the function formAdvFirewall of the file /goform/formAdvFirewall. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. This issue affects the function formAdvFirewall of the file /goform/formAdvFirewall. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
IoT-vulnerable/D-Link/DIR-619L/formAdvFirewall.md at main ยท abcdefg-png/IoT-vulnerable
IoT-vulnerable. Contribute to abcdefg-png/IoT-vulnerable development by creating an account on GitHub.
๐จ CVE-2024-44911
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_aos.c).
๐@cveNotify
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_aos.c).
๐@cveNotify
GitHub
Out-of-Bounds reads on TM/TC/AOS Frames ยท Issue #268 ยท nasa/CryptoLib
It is possible to get a seg fault by first passing an invalid index to sa_if->sa_get_from_spi(spi, &sa_ptr), then dereferencing the pointer in the // Determine SA Service Type code blocks in...
๐จ CVE-2024-44912
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem (crypto_tm.c).
๐@cveNotify
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem (crypto_tm.c).
๐@cveNotify
GitHub
Out-of-Bounds reads on TM/TC/AOS Frames ยท Issue #268 ยท nasa/CryptoLib
It is possible to get a seg fault by first passing an invalid index to sa_if->sa_get_from_spi(spi, &sa_ptr), then dereferencing the pointer in the // Determine SA Service Type code blocks in...
๐จ CVE-2024-25412
A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field.
๐@cveNotify
A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field.
๐@cveNotify
๐จ CVE-2024-6889
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
๐@cveNotify
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
๐@cveNotify
WPScan
Secure Copy Content Protection and Content Locking < 4.1.7 - Admin+ Stored XSS
See details on Secure Copy Content Protection and Content Locking < 4.1.7 - Admin+ Stored XSS CVE 2024-6889. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2024-6926
The Viral Signup WordPress plugin through 2.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
๐@cveNotify
The Viral Signup WordPress plugin through 2.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
๐@cveNotify
WPScan
Viral Signup <= 2.1 - Unauthenticated SQLi
See details on Viral Signup <= 2.1 - Unauthenticated SQLi CVE 2024-6926. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2024-34542
Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process.
๐@cveNotify
Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process.
๐@cveNotify
๐จ CVE-2024-37187
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding.
๐@cveNotify
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding.
๐@cveNotify
๐จ CVE-2024-38308
Advantech ADAM 5550's web application includes a "logs" page where all
the HTTP requests received are displayed to the user. The device doesn't
correctly neutralize malicious code when parsing HTTP requests to
generate page output.
๐@cveNotify
Advantech ADAM 5550's web application includes a "logs" page where all
the HTTP requests received are displayed to the user. The device doesn't
correctly neutralize malicious code when parsing HTTP requests to
generate page output.
๐@cveNotify
๐จ CVE-2024-39275
Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a
session is closed. Forging requests with a legitimate cookie, even if
the session was terminated, allows an unauthorized attacker to act with
the same level of privileges of the legitimate user.
๐@cveNotify
Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a
session is closed. Forging requests with a legitimate cookie, even if
the session was terminated, allows an unauthorized attacker to act with
the same level of privileges of the legitimate user.
๐@cveNotify
๐จ CVE-2024-23586
HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information.
๐@cveNotify
HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information.
๐@cveNotify
Hcltechsw
Security Bulletin: An insufficient session timeout vulnerability affects HCL Nomad server on Domino (CVE-2024-23586) - Customerโฆ
HCL Nomad server on Domino is affected by an insufficient session timeout vulnerability in which an attacker
๐จ CVE-2024-41511
A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter.
๐@cveNotify
A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter.
๐@cveNotify
4PACE
CADClickยฎ: 2D- & 3D-Konfiguration basierend auf CAD- & BIM-Modellen | 4PACE
Erwecken Sie Ihr komplexes Produktportfolio mit 2D- & 3D-Visualisierung zum Leben und leiten Sie in Echtzeit erzeugte Modelle aus. โฅ Mehr erfahren
๐จ CVE-2023-6361
A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a long filename argument.
๐@cveNotify
A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a long filename argument.
๐@cveNotify
www.incibe.es
Multiple vulnerabilities in WinHex
INCIBE has coordinated the publication of 2 vulnerabilities affecting WinHex, a universal hexadecimal
๐จ CVE-2023-6362
A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a long filename argument.
๐@cveNotify
A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a long filename argument.
๐@cveNotify
www.incibe.es
Multiple vulnerabilities in WinHex
INCIBE has coordinated the publication of 2 vulnerabilities affecting WinHex, a universal hexadecimal