π¨ CVE-2024-28640
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.
π@cveNotify
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.
π@cveNotify
π¨ CVE-2024-28537
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function.
π@cveNotify
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function.
π@cveNotify
π¨ CVE-2024-28394
An issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to execute arbitrary code via the Sales Reports, Statistics, Custom Fields & Export module.
π@cveNotify
An issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to execute arbitrary code via the Sales Reports, Statistics, Custom Fields & Export module.
π@cveNotify
Prestashop
Customer Data & Management - PrestaShop Addons
Easily manage your customers! With these modules, manage all your customer groups easily and use segmentation tools to best target your customers in your marketing! βββββββEnhance your PrestaShop store with features for customer data & management.
π¨ CVE-2023-50811
An issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the βcomputerβ POST parameter related to the ID of a specific reception by POST HTTP request interception. Iterating that parameter, it has been possible to access to the application and take control of many other receptions in addition the assigned one.
π@cveNotify
An issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the βcomputerβ POST parameter related to the ID of a specific reception by POST HTTP request interception. Iterating that parameter, it has been possible to access to the application and take control of many other receptions in addition the assigned one.
π@cveNotify
www.gruppotim.it
Vulnerability Research & Advisor
π¨ CVE-2022-26580
PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. The attacker must have physical USB access to the device in order to exploit this vulnerability.
π@cveNotify
PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. The attacker must have physical USB access to the device in order to exploit this vulnerability.
π@cveNotify
π¨ CVE-2023-26130
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors.**Note:** This issue is present due to an incomplete fix for [CVE-2020-11709](https://security.snyk.io/vuln/SNYK-UNMANAGED-YHIROSECPPHTTPLIB-2366507).
π@cveNotify
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors.**Note:** This issue is present due to an incomplete fix for [CVE-2020-11709](https://security.snyk.io/vuln/SNYK-UNMANAGED-YHIROSECPPHTTPLIB-2366507).
π@cveNotify
Gist
CRLF Injection in cpp-httplib@v0.12.3
CRLF Injection in cpp-httplib@v0.12.3. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2022-4920
Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
π@cveNotify
Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 101 to the stable channel for Windows, Mac and Linux. This will roll out ov...
π¨ CVE-2023-40315
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYSTEM_EDITOR can easily escalate their privileges to ROLE_ADMIN or any other role. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue.
π@cveNotify
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYSTEM_EDITOR can easily escalate their privileges to ROLE_ADMIN or any other role. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue.
π@cveNotify
π¨ CVE-2023-47455
Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.
π@cveNotify
Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.
π@cveNotify
GitHub
IOT_VULN/Tenda/AX1806/setSchedWifi.md at main Β· Anza2001/IOT_VULN
Records of vulnerability in IOT. Contribute to Anza2001/IOT_VULN development by creating an account on GitHub.
π¨ CVE-2022-23091
A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause.
An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel.
π@cveNotify
A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause.
An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel.
π@cveNotify
π¨ CVE-2024-30106
HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entitled to due to the improper handling of request data.
π@cveNotify
HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entitled to due to the improper handling of request data.
π@cveNotify
Hcl-Software
Security Bulletin: HCL Connections Security Update for Internal Application Server Information Disclosure Vulnerability - Customerβ¦
HCL Connections is vulnerable to information disclosure due to an IBM WebSphere Application Server error,
π¨ CVE-2024-44145
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen.
π@cveNotify
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen.
π@cveNotify
Apple Support
About the security content of macOS Sequoia 15 - Apple Support
This document describes the security content of macOS Sequoia 15.
π¨ CVE-2024-44216
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access user-sensitive data.
π@cveNotify
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access user-sensitive data.
π@cveNotify
Apple Support
About the security content of macOS Ventura 13.7.1 - Apple Support
This document describes the security content of macOS Ventura 13.7.1.
π¨ CVE-2024-44217
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in iOS 18 and iPadOS 18. Password autofill may fill in passwords after failing authentication.
π@cveNotify
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in iOS 18 and iPadOS 18. Password autofill may fill in passwords after failing authentication.
π@cveNotify
Apple Support
About the security content of iOS 18 and iPadOS 18 - Apple Support
This document describes the security content of iOS 18 and iPadOS 18
π¨ CVE-2024-44237
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination.
π@cveNotify
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination.
π@cveNotify
Apple Support
About the security content of macOS Ventura 13.7.1 - Apple Support
This document describes the security content of macOS Ventura 13.7.1.
π¨ CVE-2024-44240
The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory.
π@cveNotify
The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory.
π@cveNotify
Apple Support
About the security content of iOS 18.1 and iPadOS 18.1 - Apple Support
This document describes the security content of iOS 18.1 and iPadOS 18.1.
π¨ CVE-2024-51506
Tiki through 27.0 allows users who have certain permissions to insert a "Create a Wiki Pages" stored XSS payload in the description.
π@cveNotify
Tiki through 27.0 allows users who have certain permissions to insert a "Create a Wiki Pages" stored XSS payload in the description.
π@cveNotify
GitHub
Stored XSS on "Create a Wiki Pages" in Tikiwiki version 27.0 Β· Issue #8 Β· r0ck3t1973/xss_payload
Hi, Download and install CMS TikiWiki version 27.0 https://sourceforge.net/projects/tikiwiki/ Login into panel click a 'Wiki' -> 'Create a Wiki Pages' insert payload in descripti...
π¨ CVE-2024-51507
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name.
π@cveNotify
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name.
π@cveNotify
GitHub
Stored XSS on 'Create/Edit External Wiki' in TikiWiki version 27.0 Β· Issue #9 Β· r0ck3t1973/xss_payload
Hi, Download and install cms TikiWiki version 27.0 Login into panel click a Settings -> External Wikis (/tiki-27.0/tiki-admin_external_wikis.php) insert payload in description: Name and Index &l...
π¨ CVE-2024-51508
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index.
π@cveNotify
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index.
π@cveNotify
GitHub
Stored XSS on 'Create/Edit External Wiki' in TikiWiki version 27.0 Β· Issue #9 Β· r0ck3t1973/xss_payload
Hi, Download and install cms TikiWiki version 27.0 Login into panel click a Settings -> External Wikis (/tiki-27.0/tiki-admin_external_wikis.php) insert payload in description: Name and Index &l...
π¨ CVE-2024-51509
Tiki through 27.0 allows users who have certain permissions to insert a "Modules" (aka tiki-admin_modules.php) stored XSS payload in the Name.
π@cveNotify
Tiki through 27.0 allows users who have certain permissions to insert a "Modules" (aka tiki-admin_modules.php) stored XSS payload in the Name.
π@cveNotify
GitHub
Stored XSS on "Modules" in TikiWiki version 27.0 Β· Issue #10 Β· r0ck3t1973/xss_payload
Hi, Download and install cms TikiWiki version 27.0 Login into panel click a Settings -> Modules (/ttiki-27.0/tiki-admin_modules.php) insert payload in description: Name of Module <a href=&quo...
π¨ CVE-2024-10419
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /bloodrequest.php. The manipulation of the argument msg leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /bloodrequest.php. The manipulation of the argument msg leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify