๐จ CVE-2024-5640
The Prime Slider โ Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the โidโ attribute within the Pacific widget in all versions up to, and including, 3.14.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
The Prime Slider โ Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the โidโ attribute within the Pacific widget in all versions up to, and including, 3.14.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
๐จ CVE-2024-48424
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
๐@cveNotify
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
๐@cveNotify
GitHub
Bug: Heap-based Buffer Overflow in OpenDDLParser::parseStructure ยท Issue #5787 ยท assimp/assimp
Affected Projects assimp v5.4.3 (https://github.com/assimp/assimp) Problem Type CWE-122: Heap-based Buffer Overflow Decription Describe the Bug A heap-buffer-overflow vulnerability has been identif...
๐จ CVE-2024-50438
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Reflected XSS.This issue affects Church Admin: from n/a before 5.0.0.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Reflected XSS.This issue affects Church Admin: from n/a before 5.0.0.
๐@cveNotify
Patchstack
WordPress Church Admin plugin < 5.0.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
๐จ CVE-2024-50439
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through 1.2.14.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through 1.2.14.
๐@cveNotify
Patchstack
WordPress Astra Widgets plugin <= 1.2.14 - Stored Cross Site Scripting (XSS) vulnerability - Patchstack
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
๐จ CVE-2024-50440
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through 1.0.2.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through 1.0.2.
๐@cveNotify
Patchstack
WordPress CodePen Embedded Pens Shortcode plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability - Patchstack
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
๐จ CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.
๐@cveNotify
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.
๐@cveNotify
๐จ CVE-2023-36091
Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
๐จ CVE-2023-4353
Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
๐@cveNotify
Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
๐@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable and Extended stable channels has been updated to 116.0.5845.96 for Mac and Linux and 116.0.5845.96/.97 for Windows , which will...
๐จ CVE-2023-3252
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.
๐@cveNotify
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.
๐@cveNotify
Tenableยฎ
[R1] Nessus Version 10.6.0 Fixes Multiple Vulnerabilities
A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application. - CVE-2023-3251 An arbitrary file write vulnerability exists where an authenticatedโฆ
๐จ CVE-2023-3253
An improper authorization vulnerability exists where an authenticated,
low privileged remote attacker could view a list of all the users
available in the application.
๐@cveNotify
An improper authorization vulnerability exists where an authenticated,
low privileged remote attacker could view a list of all the users
available in the application.
๐@cveNotify
Tenableยฎ
[R1] Nessus Version 10.6.0 Fixes Multiple Vulnerabilities
A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application. - CVE-2023-3251 An arbitrary file write vulnerability exists where an authenticatedโฆ
๐จ CVE-2023-46992
TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are able to reset serveral critical passwords without authentication by visiting specific pages.
๐@cveNotify
TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are able to reset serveral critical passwords without authentication by visiting specific pages.
๐@cveNotify
GitHub
vul_report/TOTOLINK A3300R/readme.md at main ยท AuroraHaaash/vul_report
Vulnerability Reports. Contribute to AuroraHaaash/vul_report development by creating an account on GitHub.
๐จ CVE-2022-48193
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL).
๐@cveNotify
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL).
๐@cveNotify
๐จ CVE-2023-47456
Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.
๐@cveNotify
Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.
๐@cveNotify
GitHub
IOT_VULN/Tenda/AX1806/fromSetWirelessRepeat.md at main ยท Anza2001/IOT_VULN
Records of vulnerability in IOT. Contribute to Anza2001/IOT_VULN development by creating an account on GitHub.
๐จ CVE-2023-35836
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the target's Wi-Fi networks.
๐@cveNotify
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the target's Wi-Fi networks.
๐@cveNotify
๐จ CVE-2022-23093
ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header.
The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes.
The memory safety bugs described above can be triggered by a remote host, causing the ping program to crash.
The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur.
๐@cveNotify
ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header.
The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes.
The memory safety bugs described above can be triggered by a remote host, causing the ping program to crash.
The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur.
๐@cveNotify
๐จ CVE-2024-28640
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.
๐@cveNotify
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.
๐@cveNotify
๐จ CVE-2024-28537
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function.
๐@cveNotify
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function.
๐@cveNotify
๐จ CVE-2024-28394
An issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to execute arbitrary code via the Sales Reports, Statistics, Custom Fields & Export module.
๐@cveNotify
An issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to execute arbitrary code via the Sales Reports, Statistics, Custom Fields & Export module.
๐@cveNotify
Prestashop
Customer Data & Management - PrestaShop Addons
Easily manage your customers! With these modules, manage all your customer groups easily and use segmentation tools to best target your customers in your marketing! โโโโโโโEnhance your PrestaShop store with features for customer data & management.
๐จ CVE-2023-50811
An issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the โcomputerโ POST parameter related to the ID of a specific reception by POST HTTP request interception. Iterating that parameter, it has been possible to access to the application and take control of many other receptions in addition the assigned one.
๐@cveNotify
An issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the โcomputerโ POST parameter related to the ID of a specific reception by POST HTTP request interception. Iterating that parameter, it has been possible to access to the application and take control of many other receptions in addition the assigned one.
๐@cveNotify
www.gruppotim.it
Vulnerability Research & Advisor