Vulnerability Summary for the Week of August 12, 2024 | CISA


2j-slideshow–Slideshow, Image Slider by 2J
  The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘post’ parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2024-08-17 6.1 CVE-2023-4604
security@wordfence.com
security@wordfence.com
  adobe — acrobat
  Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41832
psirt@adobe.com
  adobe — acrobat
  Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41833
psirt@adobe.com
  adobe — acrobat
  Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41834
psirt@adobe.com
  adobe — acrobat
  Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41835
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. 2024-08-14 6.3 CVE-2024-39408
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. 2024-08-14 6.3 CVE-2024-39409
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. 2024-08-14 5.5 CVE-2024-39410
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures to view and edit low-sensitivity information. Exploitation of this issue does not require user interaction. 2024-08-14 5.4 CVE-2024-39418
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39404
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39405
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39407
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39411
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39412
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39413
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39414
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39415
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39416
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39417
psirt@adobe.com
  adobe — commerce
  Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. 2024-08-14 4.3 CVE-2024-39419
psirt@adobe.com
  adobe — illustrator
  Illustrator versions 28.5, 27.9.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to an application denial-of-service condition. An attacker could exploit this vulnerability to render the application unresponsive or terminate its execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-34118
psirt@adobe.com
  adobe — illustrator
  Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-34134
psirt@adobe.com
  adobe — illustrator
  Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-34135
psirt@adobe.com
  adobe — illustrator
  Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-34136
psirt@adobe.com
  adobe — illustrator
  Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-34137
psirt@adobe.com
  adobe — illustrator
  Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-34138
psirt@adobe.com
  adobe — substance_3d_sampler
  Substance3D – Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41860
psirt@adobe.com
  adobe — substance_3d_sampler
  Substance3D – Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41861
psirt@adobe.com
  adobe — substance_3d_sampler
  Substance3D – Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41862
psirt@adobe.com
  adobe — substance_3d_sampler
  Substance3D – Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41863
psirt@adobe.com
  Adobe–Bridge
  Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-39387
psirt@adobe.com
  Adobe–Dimension
  Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-20790
psirt@adobe.com
  Adobe–Dimension
  Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-34125
psirt@adobe.com
  Adobe–Dimension
  Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-34126
psirt@adobe.com
  Adobe–InDesign Desktop
  InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a DoS condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-39395
psirt@adobe.com
  Adobe–InDesign Desktop
  InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41854
psirt@adobe.com
  Adobe–InDesign Desktop
  InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-08-14 5.5 CVE-2024-41866
psirt@adobe.com
  aio-libs–aiohttp
  aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.10.2, static routes which contain files with compressed variants (`.gz` or `.br` extension) are vulnerable to path traversal outside the root directory if those variants are symbolic links. The server protects static routes from path traversal outside the root directory when `follow_symlinks=False` (default). It does this by resolving the requested URL to an absolute path and then checking that path relative to the root. However, these checks are not performed when looking for compressed variants in the `FileResponse` class, and symbolic links are then automatically followed when performing the `Path.stat()` and `Path.open()` to send the file. Version 3.10.2 contains a patch for the issue. 2024-08-12 4.8 CVE-2024-42367
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  airveda — pm2.5_pm10_monitor_firmware
  This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of sensitive information in plain text during AP pairing mode. An attacker in close proximity could exploit this vulnerability by capturing Wi-Fi traffic of Airveda-AP. Successful exploitation of this vulnerability could allow the attacker to cause Evil Twin attack on the targeted system. 2024-08-12 6.5 CVE-2024-7408
vdisclose@cert-in.org.in
  algoritmika–Download Plugins and Themes in ZIP from Dashboard
  The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.7. This is due to missing or incorrect nonce validation on the download_theme() function. This makes it possible for unauthenticated attackers to download arbitrary themes from the website via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. In versions prior to 1.8.6 it was possible to download the entire sites files. 2024-08-16 4.2 CVE-2024-7501
security@wordfence.com
security@wordfence.com
  AMD–AMD EPYC 7001 Processors
  Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service. 2024-08-13 5.2 CVE-2021-46746
psirt@amd.com
  AMD–AMD EPYC 7001 Series Processors
  Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity. 2024-08-13 5.7 CVE-2024-21981
psirt@amd.com
  AMD–AMD EPYC 7003 Series Processors
  Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability. 2024-08-13 6.5 CVE-2023-20591
psirt@amd.com
  AMD–AMD EPYC 7003 Processors
  IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity. 2024-08-13 5.3 CVE-2023-20584
psirt@amd.com
  AMD–AMD EPYC 7003 Processors
  Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity. 2024-08-13 4.4 CVE-2023-31356
psirt@amd.com
  AMD–AMD Radeon RX 6000 Series Graphics Cards
  An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity. 2024-08-13 5.2 CVE-2023-20509
psirt@amd.com
  AMD–AMD Radeon RX 6000 Series Graphics Cards
  Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the “set temperature input selection” command, potentially resulting in a loss of integrity and/or availability. 2024-08-13 5 CVE-2023-31310
psirt@amd.com
  AMD–AMD Radeon RX 6000 Series Graphics Cards
  An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service. 2024-08-13 4.7 CVE-2023-20510
psirt@amd.com
  AMD–AMD Ryzen 5000 Series Desktop Processor with Radeon Graphics
  A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability. 2024-08-13 5.7 CVE-2021-26367
psirt@amd.com
psirt@amd.com
  AMD–Zynq UltraScale+ MPSoC/RFSoC
  Improper input validation in ARM® Trusted Firmware used in AMD’s Zynqâ„¢ UltraScale+â„¢) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service. 2024-08-13 4.8 CVE-2023-31339
psirt@amd.com
  Antoine Hurkmans–Football Pool
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Antoine Hurkmans Football Pool allows Stored XSS.This issue affects Football Pool: from n/a through 2.11.9. 2024-08-12 6.5 CVE-2024-43139
audit@patchstack.com
  Antoine Hurkmans–Football Pool
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Antoine Hurkmans Football Pool allows Stored XSS.This issue affects Football Pool: from n/a through 2.11.10. 2024-08-12 5.9 CVE-2024-43130
audit@patchstack.com
  Averta–Depicter Slider
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.1.2. 2024-08-12 5.9 CVE-2024-43161
audit@patchstack.com
  AxtonYao–MDx
  The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘mdx_list_item’ shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-12 6.4 CVE-2024-6639
security@wordfence.com
security@wordfence.com
security@wordfence.com
  basecamp–trix
  The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. This vulnerability is a bypass of the fix put in place for GHSA-qjqp-xr96-cj99. In pull request 1149, sanitation was added for Trix attachments with a `text/html` content type. However, Trix only checks the content type on the paste event’s `dataTransfer` object. As long as the `dataTransfer` has a content type of `text/html`, Trix parses its contents and creates an `Attachment` with them, even if the attachment itself doesn’t have a `text/html` content type. Trix then uses the attachment content to set the attachment element’s `innerHTML`. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the user’s session, potentially leading to unauthorized actions being performed or sensitive information being disclosed. This vulnerability was fixed in version 2.1.4. 2024-08-14 6.5 CVE-2024-43368
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  bdthemes–Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)
  The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 5.7.2 via the SVG widget and a lack of sufficient file validation in the render_svg function. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. 2024-08-12 6.5 CVE-2024-4359
security@wordfence.com
security@wordfence.com
  bdthemes–Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)
  The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s widgets in all versions up to, and including, 5.7.2 due to insufficient input sanitization and output escaping on user supplied attributes like ‘title_tag’. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-12 6.4 CVE-2024-4360
security@wordfence.com
security@wordfence.com
  bdthemes–Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)
  The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Custom Gallery and Countdown widgets in all versions up to, and including, 5.7.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-13 6.4 CVE-2024-7247
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
  binhnguyenplus–LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing
  The LadiApp plugn for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init_endpoint() function hooked via ‘init’ in versions up to, and including, 4.3. This makes it possible for unauthenticated attackers to modify a variety of settings. An attacker can directly modify the ‘ladipage_key’ which enables them to create new posts on the website and inject malicious web scripts. 2024-08-17 5.3 CVE-2023-4730
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
  Blockspare–Blockspare
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Blockspare allows Stored XSS.This issue affects Blockspare: from n/a through 3.2.0. 2024-08-12 6.5 CVE-2024-43164
audit@patchstack.com
  bPlugins–StreamCast
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in bPlugins StreamCast allows Stored XSS.This issue affects StreamCast: from n/a through 2.2.3. 2024-08-12 5.9 CVE-2024-43148
audit@patchstack.com
  Brainstorm Force–Spectra
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Brainstorm Force Spectra allows Stored XSS.This issue affects Spectra: from n/a through 2.14.1. 2024-08-12 6.5 CVE-2024-7590
audit@patchstack.com
  Brainstorm Force–Ultimate Addons for Beaver Builder Lite
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite allows Stored XSS.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.9. 2024-08-12 6.5 CVE-2024-43151
audit@patchstack.com
  Bricks Builder–Bricks
  The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the ‘reset_settings’ function. This makes it possible for unauthenticated attackers to reset the theme’s settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2024-08-17 5.4 CVE-2023-3409
security@wordfence.com
security@wordfence.com
  Bricks Builder–Bricks
  The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the ‘save_settings’ function. This makes it possible for unauthenticated attackers to modify the theme’s settings, including enabling a setting which allows lower-privileged users such as contributors to perform code execution, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2024-08-17 4.3 CVE-2023-3408
security@wordfence.com
security@wordfence.com
  cilium–cilium
  Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.14.14 and 1.15.8, a race condition in the Cilium agent can cause the agent to ignore labels that should be applied to a node. This could in turn cause CiliumClusterwideNetworkPolicies intended for nodes with the ignored label to not apply, leading to policy bypass. This issue has been patched in Cilium v1.14.14 and v1.15.8 As the underlying issue depends on a race condition, users unable to upgrade can restart the Cilium agent on affected nodes until the affected policies are confirmed to be working as expected. 2024-08-15 6.8 CVE-2024-42488
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  cilium–cilium
  Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium’s GatewayAPI controller, which could lead to Gateway resources being able to access secrets for longer than intended, or to Routes having the ability to forward traffic to backends in other namespaces for longer than intended. This issue has been patched in Cilium v1.15.8 and v1.16.1. As a workaround, any modification of a related Gateway/HTTPRoute/GRPCRoute/TCPRoute CRD (for example, adding any label to any of these resources) will trigger a reconciliation of ReferenceGrants on an affected cluster. 2024-08-16 5.4 CVE-2024-42486
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  cilium–cilium
  Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular, request headers are matched before request methods, when the specification describes that the request methods must be respected before headers are matched. This could result in unexpected behaviour with security This issue is fixed in Cilium v1.15.8 and v1.16.1. There is no workaround for this issue. 2024-08-15 4 CVE-2024-42487
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  codersaiful–Sheet to Table Live Sync for Google Sheet
  The Sheet to Table Live Sync for Google Sheet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s STWT_Sheet_Table shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-14 6.4 CVE-2024-6532
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
  coffee2code–Linkify Text
  The Linkify Text plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.9.1. This is due to the plugin utilizing bootstrap and leaving test files with display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own and requires another vulnerability to be present for damage to an affected website. 2024-08-12 5.3 CVE-2024-7382
security@wordfence.com
security@wordfence.com
  coffee2code–No Update Nag
  The No Update Nag plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.12. This is due to the plugin allowing direct access to the bootstrap.php file which has display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. 2024-08-12 5.3 CVE-2024-7412
security@wordfence.com
security@wordfence.com
  coffee2code–Obfuscate Email
  The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.8.1. This is due to the plugin allowing direct access to the bootstrap.php file which has display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. 2024-08-12 5.3 CVE-2024-7413
security@wordfence.com
security@wordfence.com
  coffee2code–Reveal Template
  The Reveal Template plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.7. This is due to the plugin allowing direct access to the bootstrap.php file which has display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. 2024-08-12 5.3 CVE-2024-7416
security@wordfence.com
security@wordfence.com
  contrid–Newsletters
  The Newsletters plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 4.9.9. This is due the plugin not preventing direct access to the /vendor/mobiledetect/mobiledetectlib/export/exportToJSON.php. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. 2024-08-15 5.3 CVE-2024-7411
security@wordfence.com
security@wordfence.com
security@wordfence.com
  CORDEA–oauth
  In the OAuth library for nim prior to version 0.11, the `state` values generated by the `generateState` function do not have sufficient entropy. These can be successfully guessed by an attacker allowing them to perform a CSRF vs a user, associating the user’s session with the attacker’s protected resources. While `state` isn’t exactly a cryptographic value, it should be generated in a cryptographically secure way. `generateState` should be using a CSPRNG. Version 0.11 modifies the `generateState` function to generate `state` values of at least 128 bits of entropy while using a CSPRNG. 2024-08-15 6.5 CVE-2024-42475
security-advisories@github.com
security-advisories@github.com
  CORDEA–oauth
  In the OAuth library for nim prior to version 0.11, the Authorization Code grant and Implicit grant both rely on the `state` parameter to prevent cross-site request forgery (CSRF) attacks where a resource owner might have their session associated with protected resources belonging to an attacker. When this project is compiled with certain compiler flags set, it is possible that the `state` parameter will not be checked at all, creating a CSRF vulnerability. Version 0.11 checks the `state` parameter using a regular `if` statement or `doAssert` instead of relying on a plain `assert`. `doAssert` will achieve the desired behavior even if `-d:danger` or `–assertions:off` is set. 2024-08-15 6.5 CVE-2024-42476
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  CreativeMindsSolutions–CM Tooltip Glossary
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in CreativeMindsSolutions CM Tooltip Glossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through 4.3.7. 2024-08-12 6.5 CVE-2024-43149
audit@patchstack.com
  Crocoblock–JetBlocks for Elementor
  The JetBlocks for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple placeholder parameters in all versions up to, and including, 1.3.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-16 6.4 CVE-2024-7147
security@wordfence.com
security@wordfence.com
  Crocoblock–JetElements
  The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ and ‘slide_id’ parameters in all versions up to, and including, 2.6.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-16 6.4 CVE-2024-7144
security@wordfence.com
security@wordfence.com
  Crocoblock–JetSearch
  The JetSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-16 6.4 CVE-2024-7136
security@wordfence.com
security@wordfence.com
  cservit–affiliate-toolkit WordPress Affiliate Plugin
  The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.5. This is due display_errors being set to true . This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. 2024-08-12 5.3 CVE-2024-6562
security@wordfence.com
security@wordfence.com
  cyberfoxdigital–Christmasify!
  The Christmasify! plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.5. This is due to missing nonce validation on the ‘options’ function. This makes it possible for unauthenticated attackers to modify the plugin’s settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2024-08-12 6.1 CVE-2024-7574
security@wordfence.com
security@wordfence.com
  D-Link–DI-8100
  A vulnerability was found in D-Link DI-8100 16.07. It has been classified as critical. This affects the function upgrade_filter_asp of the file upgrade_filter.asp. The manipulation of the argument path leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 6.3 CVE-2024-7833
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  David Maucher–Send Users Email
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in David Maucher Send Users Email allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Send Users Email: from n/a through 1.5.1. 2024-08-13 5.3 CVE-2024-38760
audit@patchstack.com
  Dell–Dell Client Platform BIOS
  Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. 2024-08-14 5.8 CVE-2024-38483
security_alert@emc.com
  Devikia–DevikaAI
  A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input. 2024-08-14 6.5 CVE-2024-7790
vulnreport@tenable.com
  Directus–Directus
  Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application injects an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM element. When chained with CVE-2024-6534, it could result in account takeover. 2024-08-15 4.1 CVE-2024-6533
help@fluidattacks.com
help@fluidattacks.com
  Directus–Directus
  Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the ‘POST /presets’ request but not in the PATCH request. When chained with CVE-2024-6533, it could result in account takeover. 2024-08-15 4.1 CVE-2024-6534
help@fluidattacks.com
help@fluidattacks.com
  edgarrojas–PDF Builder for WPForms
  The PDF Builder for WPForms plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.116. This is due to the plugin allowing direct access to the composer-setup.php file which has display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. 2024-08-12 5.3 CVE-2024-7414
security@wordfence.com
security@wordfence.com
security@wordfence.com
  elabftw–elabftw
  eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one might disallow user creation except for by system administrators, administrators and trusted services. If administrators are allowed to create new users (which is the default), the vulnerability allows any user to create new users in teams where they are members. The new users are automatically validated and administrators are not notified. This can allow a user with permanent or temporary access to a user account or API key to maintain persistence in an eLabFTW system. Additionally, it allows the user to create separate account under a different name, and produce misleading revision histories. No additional privileges are granted to the new user. Users should upgrade to version 5.0.0 to receive a patch. As a workaround, disabling both options that allow *administrators* to create users will provide a mitigation. 2024-08-15 5.4 CVE-2024-25633
security-advisories@github.com
  Ericsson–Ericsson RAN Compute Basebands (all BB variants)
  Ericsson RAN Compute and Site Controller 6610 contains a vulnerability in the Control System where Improper Input Validation can lead to arbitrary code execution, for example to obtain a Linux Shell with the same privileges as the attacker. The attacker would require elevated privileges for example a valid OAM user having the system administrator role to exploit the vulnerability. 2024-08-16 6.8 CVE-2024-25008
85b1779b-6ecd-4f52-bcc5-73eac4659dcf
  esthertyler–My Custom CSS PHP & ADS
  The My Custom CSS PHP & ADS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.3. This is due the plugin not preventing direct access to the /my-custom-css/vendor/mobiledetect/mobiledetectlib/export/exportToJSON.php file and and the file displaying/generating the full path. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. 2024-08-12 5.3 CVE-2024-7410
security@wordfence.com
security@wordfence.com
  f1logic–Insert PHP Code Snippet
  The Insert PHP Code Snippet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6. This is due to missing or incorrect nonce validation in the /admin/snippets.php file. This makes it possible for unauthenticated attackers to activate/deactivate and delete code snippets via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2024-08-15 5.8 CVE-2024-7420
security@wordfence.com
security@wordfence.com
security@wordfence.com
  F5–BIG-IP
  When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2024-08-14 5.9 CVE-2024-41164
f5sirt@f5.com
  F5–BIG-IP
  Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2024-08-14 4.3 CVE-2024-41723
f5sirt@f5.com
  F5–BIG-IP Next Central Manager
  BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2024-08-14 5.3 CVE-2024-37028
f5sirt@f5.com
  F5–BIG-IP Next Central Manager
  When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5 iHealth credentials will be logged in the BIG-IP Central Manager logs.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2024-08-14 4.2 CVE-2024-41719
f5sirt@f5.com
  F5–NGINX Open Source
  NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2024-08-14 4.7 CVE-2024-7347
f5sirt@f5.com
  Firewalla–Box Software
  Multiple authenticated operating system (OS) command injection vulnerabilities exist in Firewalla Box Software versions before 1.979. A physically close attacker that is authenticated to the Bluetooth Low-Energy (BTLE) interface can use the network configuration service to inject commands in various configuration parameters including networkConfig.Interface.Phy.Eth0.Extra.PingTestIP, networkConfig.Interface.Phy.Eth0.Extra.DNSTestDomain, and networkConfig.Interface.Phy.Eth0.Gateway6. Additionally, because the configuration can be synced to the Firewalla cloud, the attacker may be able to persist access even after hardware resets and firmware re-flashes. 2024-08-12 6.8 CVE-2024-40893
disclosure@vulncheck.com
  fish-shop–syntax-check
  fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. Improper neutralization of delimiters in the `pattern` input (specifically the command separator `;` and command substitution characters `(` and `)`) mean that arbitrary command injection is possible by modification of the input value used in a workflow. This has the potential for exposure or exfiltration of sensitive information from the workflow runner, such as might be achieved by sending environment variables to an external entity. It is recommended that users update to the patched version `v1.6.12` or the latest release version `v2.0.0`, however remediation may be possible through careful control of workflows and the `pattern` input value used by this action. 2024-08-12 4.8 CVE-2024-42482
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  FIWARE–FIWARE Keyrock
  Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link. 2024-08-12 6.3 CVE-2024-42165
office@cyberdanube.com
  FIWARE–FIWARE Keyrock
  Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link. 2024-08-12 4.3 CVE-2024-42164
office@cyberdanube.com
  Fortinet–FortiDDoS
  A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.4 allows an authenticated attacker to execute shell code as `root` via `execute` CLI commands. 2024-08-13 6.6 CVE-2022-27486
psirt@fortinet.com
  Fortinet–FortiManager
  A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup. 2024-08-13 6.1 CVE-2024-21757
psirt@fortinet.com
  Fortinet–FortiOS
  An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system. 2024-08-13 5.1 CVE-2024-36505
psirt@fortinet.com
  Fortinet–FortiSOAR
  An improper neutralization of input during web page generation (‘cross-site scripting’) in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web script or HTML via the Communications module. 2024-08-13 6.8 CVE-2023-26211
psirt@fortinet.com
  Fortra–GoAnywhere MFT
  An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification. 2024-08-14 6.5 CVE-2024-25157
df4dee71-de3a-4139-9588-11b62fe6c0ff
  freebsd — freebsd
  When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, “https://www.cisa.gov/”. This allows readdir(3) and related functions to return filesystem entries with names containing additional path components. The lack of validation described above gives rise to a confused deputy problem. For example, a program copying files from an NFS mount could be tricked into copying from outside the intended source directory, and/or to a location outside the intended destination directory. 2024-08-12 5.3 CVE-2024-6759
secteam@freebsd.org
  Fujian–mwcms
  A vulnerability was found in Fujian mwcms 1.0.0. It has been declared as critical. Affected by this vulnerability is the function uploadeditor of the file /uploadeditor.html?action=uploadimage of the component Image Upload. The manipulation of the argument upfile leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-08-12 4.7 CVE-2024-7705
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  Fujian–mwcms
  A vulnerability was found in Fujian mwcms 1.0.0. It has been rated as critical. Affected by this issue is the function uploadimage of the file /uploadfile.html. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-08-12 4.7 CVE-2024-7706
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  gfazioli–WP Bannerize Pro
  The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. 2024-08-13 4 CVE-2024-7388
security@wordfence.com
security@wordfence.com
  gilacms — gila_cms
  A vulnerability classified as problematic was found in Gila CMS 1.10.9. This vulnerability affects unknown code of the file /cm/update_rows/page?id=2 of the component HTTP POST Request Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-08-12 5.4 CVE-2024-7657
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  gncchome — gncc_c2_firmware
  Identical Hardcoded Root Password for All Devices in GNCC’s GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices 2024-08-15 6.8 CVE-2024-31798
cve@mitre.org
cve@mitre.org
  gncchome — gncc_c2_firmware
  Authentication Bypass in GNCC’s GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port. 2024-08-15 6.8 CVE-2024-31800
cve@mitre.org
cve@mitre.org
  gncchome — gncc_c2_firmware
  Information Disclosure in GNCC’s GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port. 2024-08-15 4.6 CVE-2024-31799
cve@mitre.org
cve@mitre.org
  gravitymaster97–Custom Field For WP Job Manager
  The Custom Field For WP Job Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2 via the the ‘cm_fieldshow’ shortcode due to missing validation on the ‘job_id’ user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to expose potentially sensitive post metadata. 2024-08-16 4.3 CVE-2023-7049
security@wordfence.com
security@wordfence.com
  HashiCorp–Nomad
  In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.16.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability. 2024-08-15 5.8 CVE-2024-7625
security@hashicorp.com
  humanityco–Cookie Notice & Compliance for GDPR / CCPA
  The Cookie Notice & Compliance for GDPR / CCPA plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cookie_notice_options[refuse_code_head]’ parameter in versions up to, and including, 2.4.17.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrative privileges and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the injected /wp-admin/admin.php?page=cookie-notice page. This only affects multi-site installations and installations where unfiltered_html has been disabled. 2024-08-16 4.4 CVE-2022-3399
security@wordfence.com
security@wordfence.com
  iberezansky–3D FlipBook PDF Flipbook Viewer, Flipbook Image Gallery
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in iberezansky 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery allows Stored XSS.This issue affects 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery: from n/a through 1.15.6. 2024-08-12 5.9 CVE-2024-43152
audit@patchstack.com
  ibm — infosphere_information_server
  IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279. 2024-08-15 6.5 CVE-2024-40705
psirt@us.ibm.com
psirt@us.ibm.com
  ibm — infosphere_information_server
  IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277. 2024-08-15 4.9 CVE-2024-40704
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–Aspera Shares
  IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 260574. 2024-08-12 6.3 CVE-2023-38018
psirt@us.ibm.com
  IBM–Common Licensing
  IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 350348. 2024-08-13 5.5 CVE-2024-41774
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–Db2 for Linux, UNIX and Windows
  IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 292639. 2024-08-14 6.5 CVE-2024-35152
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–Db2 for Linux, UNIX and Windows
  IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID: 294295. 2024-08-14 6.5 CVE-2024-37529
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–Db2 for Linux, UNIX and Windows
  IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287614. 2024-08-14 5.3 CVE-2024-31882
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–Db2 for Linux, UNIX and Windows
  IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 291307. 2024-08-14 5.3 CVE-2024-35136
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–QRadar Network Packet Capture
  IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 289858. 2024-08-15 5.9 CVE-2024-31905
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–QRadar Suite Software
  IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 281430. 2024-08-15 6.2 CVE-2024-25024
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–QRadar Suite Software
  IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly during back-end commands which may result in the unexpected disclosure of this information. IBM X-Force ID: 287173. 2024-08-14 5.6 CVE-2024-28799
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–QRadar Suite Software
  IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another user to obtain sensitive information. IBM X-Force ID: 233672. 2024-08-13 4.7 CVE-2022-38382
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–QRadar Suite Software
  IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the request. This information could be used in further attacks against the system. IBM X-Force ID: 272201. 2024-08-16 4.9 CVE-2023-47728
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–SDK, Java Technology Edition
  The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads. IBM X-Force ID: 284573. 2024-08-14 5.9 CVE-2024-27267
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–WebSphere Application Liberty
  IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713. 2024-08-14 5.3 CVE-2023-50314
psirt@us.ibm.com
psirt@us.ibm.com
  IBM–WebSphere Application Server
  IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274714. 2024-08-14 5.3 CVE-2023-50315
psirt@us.ibm.com
psirt@us.ibm.com
  Igor Beni–Recipe Maker For Your Food Blog from Zip Recipes
  Missing Authorization vulnerability in Igor Benić Recipe Maker For Your Food Blog from Zip Recipes allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Recipe Maker For Your Food Blog from Zip Recipes: from n/a through 8.2.6. 2024-08-13 5.3 CVE-2024-38688
audit@patchstack.com
  Iqonic Design–Graphina
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Iqonic Design Graphina allows Stored XSS.This issue affects Graphina: from n/a through 1.8.10. 2024-08-12 6.5 CVE-2024-43124
audit@patchstack.com
  itsourcecode–Vehicle Management System
  A vulnerability was found in itsourcecode Vehicle Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file mybill.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-14 6.3 CVE-2024-7794
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  Jeroen Sormani–WP Dashboard Notes
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Jeroen Sormani WP Dashboard Notes allows Stored XSS.This issue affects WP Dashboard Notes: from n/a through 1.0.11. 2024-08-12 6.5 CVE-2024-43226
audit@patchstack.com
  JetBrains–TeamCity
  In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page 2024-08-16 4.6 CVE-2024-43807
cve@jetbrains.com
  JetBrains–TeamCity
  In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin 2024-08-16 4.6 CVE-2024-43810
cve@jetbrains.com
  jfarthing84–Theme My Login
  The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7. This is due to missing or incorrect nonce validation on the tml_admin_save_ms_settings() function. This makes it possible for unauthenticated attackers to update the theme’s settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Please note that this only affects multi-site instances. 2024-08-16 4.3 CVE-2024-7422
security@wordfence.com
security@wordfence.com
  kaizencoders–Short URL
  The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8. This is due to missing or incorrect nonce validation on the configuration_page function. This makes it possible for unauthenticated attackers to add and import redirects, including comments containing cross-site scripting as detailed in CVE-2023-1602, granted they can trick a site administrator into performing an action such as clicking on a link. 2024-08-17 4.7 CVE-2023-1604
security@wordfence.com
security@wordfence.com
  krut1–LOGIN AND REGISTRATION ATTEMPTS LIMIT
  The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address from logging in. 2024-08-17 6.5 CVE-2022-4532
security@wordfence.com
security@wordfence.com
  LA-Studio–LA-Studio Element Kit for Elementor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in LA-Studio LA-Studio Element Kit for Elementor allows Stored XSS.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.9.2. 2024-08-12 6.5 CVE-2024-43210
audit@patchstack.com
  Lenovo–Printers
  A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted. 2024-08-16 6.5 CVE-2024-4781
psirt@lenovo.com
  Lenovo–Printers
  A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer’s functionality until a manual system reboot occurs. 2024-08-16 6.5 CVE-2024-4782
psirt@lenovo.com
  Lenovo–Printers
  A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted. 2024-08-16 6.5 CVE-2024-5209
psirt@lenovo.com
  Lenovo–Printers
  A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted. 2024-08-16 6.5 CVE-2024-5210
psirt@lenovo.com
  Lenovo–Printers
  A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted. 2024-08-16 6.5 CVE-2024-6004
psirt@lenovo.com
  linux — linux_kernel
  In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 (“mm: huge_memory: don’t force huge page alignment on 32 bit”) didn’t work for x86_32 [1]. It is because x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT. !CONFIG_64BIT should cover all 32 bit machines. [1] https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c3dhNKNHA@mail.gmail.com/ 2024-08-12 5.5 CVE-2024-42258
416baaa9-dc9f-4396-8d5f-8c081fb06d67
416baaa9-dc9f-4396-8d5f-8c081fb06d67
416baaa9-dc9f-4396-8d5f-8c081fb06d67
416baaa9-dc9f-4396-8d5f-8c081fb06d67
  MagePeople Team–Event Manager for WooCommerce
  Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in MagePeople Team Event Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Event Manager for WooCommerce: from n/a through 4.2.1. 2024-08-13 6.5 CVE-2024-43138
audit@patchstack.com
  mayurik — best_house_rental_management_system
  A Stored Cross Site Scripting (XSS) vulnerability was found in “manage_houses.php” in SourceCodester Best House Rental Management System v1.0. It allows remote attackers to execute arbitrary code via “House_no” and “Description” parameter fields. 2024-08-12 5.4 CVE-2024-40473
cve@mitre.org
cve@mitre.org
  mayurik — best_house_rental_management_system
  A Reflected Cross Site Scripting (XSS) vulnerability was found in “edit-cate.php” in SourceCodester House Rental Management System v1.0. 2024-08-12 5.4 CVE-2024-40474
cve@mitre.org
cve@mitre.org
  MBE Worldwide S.p.A.–MBE eShip
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MBE Worldwide S.P.A. MBE eShip allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MBE eShip: from n/a through 2.1.2. 2024-08-13 5.3 CVE-2024-38742
audit@patchstack.com
  Mediavine–Mediavine Control Panel
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Mediavine Mediavine Control Panel allows Stored XSS.This issue affects Mediavine Control Panel: from n/a through 2.10.4. 2024-08-12 6.5 CVE-2024-43218
audit@patchstack.com
  Merkulove–Selection Lite
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Merkulove Selection Lite allows Stored XSS.This issue affects Selection Lite: from n/a through 1.11. 2024-08-12 6.5 CVE-2024-43147
audit@patchstack.com
  microsoft — .net
  .NET and Visual Studio Information Disclosure Vulnerability 2024-08-13 6.5 CVE-2024-38167
secure@microsoft.com
  microsoft — 365_apps
  Microsoft Outlook Remote Code Execution Vulnerability 2024-08-13 6.7 CVE-2024-38173
secure@microsoft.com
  microsoft — 365_apps
  Microsoft Office Spoofing Vulnerability 2024-08-12 6.5 CVE-2024-38200
secure@microsoft.com
  microsoft — teams
  Microsoft Teams for iOS Spoofing Vulnerability 2024-08-13 6.5 CVE-2024-38197
secure@microsoft.com
  microsoft — windows_10_1507
  Windows Mark of the Web Security Feature Bypass Vulnerability 2024-08-13 6.5 CVE-2024-38213
secure@microsoft.com
  microsoft — windows_10_1507
  Windows Initial Machine Configuration Elevation of Privilege Vulnerability 2024-08-13 6.8 CVE-2024-38223
secure@microsoft.com
  microsoft — windows_10_1507
  Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability 2024-08-13 5.5 CVE-2024-38118
secure@microsoft.com
  microsoft — windows_10_1507
  Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability 2024-08-13 5.5 CVE-2024-38122
secure@microsoft.com
  microsoft — windows_10_1507
  Windows Kernel Information Disclosure Vulnerability 2024-08-13 5.5 CVE-2024-38151
secure@microsoft.com
  microsoft — windows_10_1507
  Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability 2024-08-13 4.2 CVE-2024-38143
secure@microsoft.com
  microsoft — windows_10_1809
  Windows Mobile Broadband Driver Remote Code Execution Vulnerability 2024-08-13 6.8 CVE-2024-38161
secure@microsoft.com
  microsoft — windows_10_1809
  Security Center Broker Information Disclosure Vulnerability 2024-08-13 5.5 CVE-2024-38155
secure@microsoft.com
  microsoft — windows_11_22h2
  Windows Compressed Folder Tampering Vulnerability 2024-08-13 6.5 CVE-2024-38165
secure@microsoft.com
  microsoft — windows_11_24h2
  Windows Bluetooth Driver Information Disclosure Vulnerability 2024-08-13 4.4 CVE-2024-38123
secure@microsoft.com
  microsoft — windows_server_2008
  Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability 2024-08-13 6.5 CVE-2024-38214
secure@microsoft.com
  Microsoft–Microsoft Edge (Chromium-based)
  Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability 2024-08-12 6.5 CVE-2024-38219
secure@microsoft.com
  Microsoft–Microsoft Edge (Chromium-based)
  Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability 2024-08-16 5.8 CVE-2024-43472
secure@microsoft.com
  mongodb — mongodb
  “Hot” backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This issue affects MongoDB Enterprise Server v6.0 versions prior to 6.0.16, MongoDB Enterprise Server v7.0 versions prior to 7.0.11 and MongoDB Enterprise Server v7.3 versions prior to 7.3.3 2024-08-13 5.3 CVE-2024-6384
cna@mongodb.com
  msaari–Relevanssi A Better Search
  The Relevanssi – A Better Search plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.22.2 via the relevanssi_do_query() due to insufficient limitations on the posts that are returned when searching. This makes it possible for unauthenticated attackers to extract potentially sensitive information from password protected posts. 2024-08-16 5.3 CVE-2024-7630
security@wordfence.com
security@wordfence.com
  n/a–3rd Generation Intel(R) Xeon(R) Scalable Processors
  Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. 2024-08-14 6 CVE-2024-25939
secure@intel.com
  n/a–3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors
  Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. 2024-08-14 6.1 CVE-2024-24980
secure@intel.com
  n/a–BMRA software
  Inadequate encryption strength for some BMRA software before version 22.08 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.4 CVE-2024-21787
secure@intel.com
  n/a–EMON software
  Uncontrolled search path in some EMON software before version 11.44 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-28953
secure@intel.com
  n/a–Flexlm License Daemons for Intel(R) FPGA software
  Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-23908
secure@intel.com
  n/a–InnoCMS
  A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue affects some unknown processing of the file /panel/pages/1/edit of the component Backend. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-08-17 4.7 CVE-2024-7899
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  n/a–installation software for Intel(R) Ethernet Adapter Driver Pack
  Uncontrolled search path element in some installation software for Intel(R) Ethernet Adapter Driver Pack before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-22376
secure@intel.com
  n/a–Intel Unite(R) Client Extended Display Plugin software installers
  Incorrect default permissions in some Intel Unite(R) Client Extended Display Plugin software installers before version 1.1.352.157 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-22378
secure@intel.com
  n/a–Intel(R) Advisor software
  Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-26025
secure@intel.com
  n/a–Intel(R) AMT and Intel(R) Standard Manageability
  Improper buffer restrictions in firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable denial of service via network access. 2024-08-14 6.8 CVE-2023-38655
secure@intel.com
  n/a–Intel(R) Arc(TM) & Iris(R) Xe Graphics software
  Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access. 2024-08-14 5 CVE-2024-28050
secure@intel.com
  n/a–Intel(R) CIP software
  Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an authenticated user to potentially enable denial of service via local access. 2024-08-14 5.5 CVE-2023-43489
secure@intel.com
  n/a–Intel(R) Connectivity Performance Suite software installers
  Incorrect default permissions for some Intel(R) Connectivity Performance Suite software installers before version 2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2023-43747
secure@intel.com
  n/a–Intel(R) CSME
  Unchecked return value in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable escalation of privilege via physical access. 2024-08-14 5.7 CVE-2023-40067
secure@intel.com
  n/a–Intel(R) CSME
  Improper input validation in firmware for some Intel(R) CSME may allow a privileged user to potentially enable denial of service via local access. 2024-08-14 4.4 CVE-2023-34424
secure@intel.com
  n/a–Intel(R) CSME
  Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable denial of service via adjacent access. 2024-08-14 4.3 CVE-2024-21844
secure@intel.com
  n/a–Intel(R) Data Center GPU Max Series 1100 and 1550 products
  Improper conditions check in some Intel(R) Data Center GPU Max Series 1100 and 1550 products may allow a privileged user to potentially enable denial of service via local access. 2024-08-14 6.5 CVE-2024-24580
secure@intel.com
  n/a–Intel(R) Distribution for GDB software
  Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-23491
secure@intel.com
  n/a–Intel(R) Distribution for GDB software
  Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-23495
secure@intel.com
  n/a–Intel(R) Distribution for GDB software
  Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access. 2024-08-14 5.8 CVE-2024-25562
secure@intel.com
  n/a–Intel(R) Ethernet Connection I219-LM install software
  Uncontrolled search path in some Intel(R) Ethernet Connection I219-LM install software may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-21769
secure@intel.com
  n/a–Intel(R) Ethernet Network Controllers and Adapters E810 Series
  Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an unauthenticated user to potentially enable denial of service via network access. 2024-08-14 6.5 CVE-2024-23499
secure@intel.com
  n/a–Intel(R) Ethernet Network Controllers and Adapters E810 Series
  Protection mechanism failure in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 4.4 may allow an unauthenticated user to potentially enable denial of service via network access. 2024-08-14 6.5 CVE-2024-24983
secure@intel.com
  n/a–Intel(R) Ethernet Network Controllers and Adapters E810 Series
  Improper conditions check in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an authenticated user to potentially enable denial of service via local access. 2024-08-14 5.5 CVE-2024-21806
secure@intel.com
  n/a–Intel(R) FPGA SDK for OpenCL(TM) software technology
  Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-23909
secure@intel.com
  n/a–Intel(R) GPA software
  Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-28046
secure@intel.com
  n/a–Intel(R) HID Event Filter software installers
  Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-25561
secure@intel.com
  n/a–Intel(R) High Level Synthesis Compiler software
  Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-23907
secure@intel.com
  n/a–Intel(R) IPP Cryptography software
  Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-21784
secure@intel.com
  n/a–Intel(R) IPP software
  Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-28887
secure@intel.com
  n/a–Intel(R) ISH software installers
  Incorrect default permissions in some Intel(R) ISH software installers may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-23974
secure@intel.com
  n/a–Intel(R) License Manager for FLEXlm product software
  Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-24977
secure@intel.com
  n/a–Intel(R) MAS (GUI)
  Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access. 2024-08-14 5.6 CVE-2024-27461
secure@intel.com
  n/a–Intel(R) MPI Library software
  Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-28876
secure@intel.com
  n/a–Intel(R) oneAPI Compiler software
  Uncontrolled search path for some Intel(R) oneAPI Compiler software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-21857
secure@intel.com
  n/a–Intel(R) oneAPI Math Kernel Library software
  Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-21766
secure@intel.com
  n/a–Intel(R) Quartus(R) Prime Pro Edition Design Software
  Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-22184
secure@intel.com
  n/a–Intel(R) Server Platforms
  Out of bounds read in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access. 2024-08-14 6.7 CVE-2023-49144
secure@intel.com
  n/a–Intel(R) Server Platforms
  Uncaught exception in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.14-0, bhs-0.27 may allow an authenticated user to potentially enable denial of service via network access. 2024-08-14 4.3 CVE-2023-35123
secure@intel.com
  n/a–Intel(R) Simics Package Manager software
  Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-26027
secure@intel.com
  n/a–Intel(R) TDX module software
  Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6 CVE-2024-39283
secure@intel.com
  n/a–Intel(R) Trace Analyzer and Collector software
  Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-28172
secure@intel.com
  n/a–Intel(R) VROC software
  Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-23489
secure@intel.com
  n/a–Intel(R) VTune(TM) Profiler software
  Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 2024-08-14 6.7 CVE-2024-29015
secure@intel.com
  n/a–Intel(R) Xeon Processors
  Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access. 2024-08-14 6.5 CVE-2024-22374
secure@intel.com
  n/a–n/a
  Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the lack of file type filtering in the file attachment parameter. 2024-08-15 6.1 CVE-2024-27731
cve@mitre.org
cve@mitre.org
  n/a–n/a
  Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories. 2024-08-12 6.5 CVE-2024-41332
cve@mitre.org
cve@mitre.org
  n/a–n/a
  A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, through R6.4.0.HF1 (R6.4.0.136) could allow an authenticated attacker with administrative privilege to conduct an argument injection attack, due to insufficient parameter sanitization during the boot process. A successful exploit could allow an attacker to execute arbitrary commands within the context of the system. 2024-08-12 6.8 CVE-2024-41710
cve@mitre.org
cve@mitre.org
cve@mitre.org
  n/a–n/a
  A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, through R6.4.0.HF1 (R6.4.0.136) could allow an unauthenticated attacker with physical access to the phone to conduct an argument injection attack, due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the context of the system. 2024-08-13 6.8 CVE-2024-41711
cve@mitre.org
  n/a–n/a
  In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setLedCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. 2024-08-13 6.8 CVE-2024-42740
cve@mitre.org
  n/a–n/a
  An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function. 2024-08-16 6.5 CVE-2024-42849
cve@mitre.org
cve@mitre.org
  n/a–n/a
  Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component. 2024-08-15 5 CVE-2024-42678
cve@mitre.org
  n/a–n/a
  axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs. 2024-08-12 4 CVE-2024-39338
cve@mitre.org
cve@mitre.org
  n/a–OcoMon
  A vulnerability, which was classified as problematic, has been found in OcoMon 4.0RC1/4.0/5.0RC1. This issue affects some unknown processing of the file /includes/common/require_access_recovery.php of the component URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.1 and 5.0 is able to address this issue. It is recommended to upgrade the affected component. 2024-08-13 4.3 CVE-2024-7709
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  nissan-global — blind_spot_detection_sensor_ecu_firmware
  * Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima (2022) allows attackers to trigger denial-of-service (DoS) by unauthorized access to the ECU’s programming session. * No preconditions implemented for ECU management functionality through UDS session in the Blind Spot Detection Sensor ECU in Nissan Altima (2022) allows attackers to disrupt normal ECU operations by triggering a control command without authentication. 2024-08-15 6.5 CVE-2024-6347
cve@asrg.io
  NVIDIA–NVIDIA CV-CUDA
  NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. A successful exploit of this vulnerability may lead to denial of service and data loss. 2024-08-12 6.1 CVE-2024-0115
psirt@nvidia.com
  Olive Themes–Olive One Click Demo Import
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive One Click Demo Import allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Olive One Click Demo Import: from n/a through 1.1.2. 2024-08-13 5.3 CVE-2024-38749
audit@patchstack.com
  open-telemetry–opentelemetry-collector-contrib
  OpenTelemetry, also known as OTel, is a vendor-neutral open source Observability framework for instrumenting, generating, collecting, and exporting telemetry data such as traces, metrics, and logs. The bearertokenauth extension’s server authenticator performs a simple, non-constant time string comparison of the received & configured bearer tokens. This impacts anyone using the `bearertokenauth` server authenticator. Malicious clients with network access to the collector may perform a timing attack against a collector with this authenticator to guess the configured token, by iteratively sending tokens and comparing the response time. This would allow an attacker to introduce fabricated or bad data into the collector’s telemetry pipeline. The observable timing vulnerability was fixed by using constant-time comparison in 0.107.0 2024-08-13 6.5 CVE-2024-42368
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  openhab–openhab-webui
  openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Several endpoints in versions prior to 4.2.1 of the CometVisu add-on of openHAB don’t require authentication. This makes it possible for unauthenticated attackers to modify or to steal sensitive data. This issue may lead to sensitive information disclosure. Users should upgrade to version 4.2.1 of the CometVisu add-on of openHAB to receive a patch. 2024-08-12 6.5 CVE-2024-42470
security-advisories@github.com
security-advisories@github.com
  openhab–openhab-webui
  openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. CometVisuServlet in versions prior to 4.2.1 is susceptible to an unauthenticated path traversal vulnerability. Local files on the server can be requested via HTTP GET on the CometVisuServlet. This issue may lead to information disclosure. Users should upgrade to version 4.2.1 of the CometVisu add-on of openHAB to receive a patch. 2024-08-12 5.3 CVE-2024-42468
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  oretnom23 — car_driving_school_management_system
  A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. This vulnerability affects the function save_package of the file admin/packages/manag_package.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 6.5 CVE-2024-7662
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument contact/address leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 6.1 CVE-2024-7677
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_package. The manipulation of the argument name/description/training_duration leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 6.1 CVE-2024-7678
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 5.3 CVE-2024-7663
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability, which was classified as critical, has been found in SourceCodester Car Driving School Management System 1.0. Affected by this issue is some unknown functionality of the file view_package.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 5.3 CVE-2024-7666
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability, which was classified as critical, was found in SourceCodester Car Driving School Management System 1.0. This affects the function delete_users of the file User.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 5.3 CVE-2024-7667
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability has been found in SourceCodester Car Driving School Management System 1.0 and classified as critical. This vulnerability affects the function delete_package of the file Master.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 5.3 CVE-2024-7668
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability was found in SourceCodester Car Driving School Management System 1.0 and classified as critical. This issue affects the function delete_enrollment of the file Master.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 5.3 CVE-2024-7669
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability was found in Sourcecodester Car Driving School Management System 1.0. It has been classified as critical. Affected is the function save_package of the file /classes/Master.php?f=save_package. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 5.3 CVE-2024-7676
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability classified as critical has been found in SourceCodester Car Driving School Management System 1.0. Affected is an unknown function of the file view_details.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 4.3 CVE-2024-7664
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — car_driving_school_management_system
  A vulnerability classified as critical was found in SourceCodester Car Driving School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_package.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 4.3 CVE-2024-7665
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — clinics_patient_management_system
  A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /update_medicine.php. The manipulation of the argument medicine_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-14 6.1 CVE-2024-7752
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  oretnom23 — clinics_patient_management_system
  A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file users.php of the component User Page. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 5.4 CVE-2024-7645
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  Patrick Posner–Filr Secure document library
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Patrick Posner Filr – Secure document library allows Stored XSS.This issue affects Filr – Secure document library: from n/a through 1.2.4. 2024-08-12 6.5 CVE-2024-43216
audit@patchstack.com
  Pepperl+Fuchs–ICDM-RX/TCP-DB9/RJ45-DIN
  An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device. 2024-08-13 6.1 CVE-2024-38501
info@cert.vde.com
  phpgurukul — old_age_home_management_system
  A Reflected Cross Site Scripting (XSS) vulnerability was found in “/oahms/search.php” in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the “searchdata” parameter. 2024-08-12 6.1 CVE-2024-40484
cve@mitre.org
  phpgurukul — old_age_home_management_system
  A Stored Cross Site Scripting (XSS) vulnerability was found in “/admin/view-enquiry.php” in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page “message” parameter. 2024-08-12 5.4 CVE-2024-40481
cve@mitre.org
  PickPlugins–ComboBlocks
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in PickPlugins ComboBlocks allows Stored XSS.This issue affects ComboBlocks: from n/a through 2.2.86. 2024-08-12 6.5 CVE-2024-43155
audit@patchstack.com
  pickplugins–Gutenberg Blocks, Page Builder ComboBlocks
  The Gutenberg Blocks, Page Builder – ComboBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Accordion block in all versions up to, and including, 2.2.87 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-14 6.4 CVE-2024-7588
security@wordfence.com
security@wordfence.com
  pkp–ojs
  A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login/signOut. The manipulation of the argument source with the input .example.com leads to open redirect. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-08-17 4.3 CVE-2024-7902
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  princeahmed–Radio Player Live Shoutcast, Icecast and Any Audio Stream Player for WordPress
  The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to delete player instances. 2024-08-17 5.3 CVE-2023-4024
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
  princeahmed–Radio Player Live Shoutcast, Icecast and Any Audio Stream Player for WordPress
  The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update player instances. 2024-08-17 5.3 CVE-2023-4025
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
  princeahmed–Radio Player Live Shoutcast, Icecast and Any Audio Stream Player for WordPress
  The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update plugin settings. 2024-08-17 5.3 CVE-2023-4027
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
  projectsend — projectsend
  A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. This issue affects the function get_preview of the file process.php. The manipulation leads to improper control of resource identifiers. The attack may be initiated remotely. Upgrading to version r1720 is able to address this issue. The patch is named eb5a04774927e5855b9d0e5870a2aae5a3dc5a08. It is recommended to upgrade the affected component. 2024-08-12 5.3 CVE-2024-7658
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  PTC–Kepware ThingWorx Kepware Server
  When performing an online tag generation to devices which communicate using the ControlLogix protocol, a machine-in-the-middle, or a device that is not configured correctly, could deliver a response leading to unrestricted or unregulated resource allocation. This could cause a denial-of-service condition and crash the Kepware application. By default, these functions are turned off, yet they remain accessible for users who recognize and require their advantages. 2024-08-16 5.3 CVE-2024-6098
ics-cert@hq.dhs.gov
ics-cert@hq.dhs.gov
  Pylons–webob
  WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python’s urlparse, and joining it to the base URL. `urlparse` however treats a `//` at the start of a string as a URI without a scheme, and then treats the next part as the hostname. `urljoin` will then use that hostname from the second part as the hostname replacing the original one from the request. This vulnerability is patched in WebOb version 1.8.8. 2024-08-14 6.1 CVE-2024-42353
security-advisories@github.com
security-advisories@github.com
  QNAP Systems Inc.–QTS
  A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later 2024-08-12 4.2 CVE-2024-32765
security@qnapsecurity.com.tw
  Rashid87–WPSection
  Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Rashid87 WPSection allows PHP Local File Inclusion.This issue affects WPSection: from n/a through 1.3.8. 2024-08-13 6.5 CVE-2024-43165
audit@patchstack.com
  Red Hat–Red Hat Enterprise Linux 6
  A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound’s config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system. 2024-08-12 4.8 CVE-2024-43168
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
secalert@redhat.com
  Red Hat–Red Hat Satellite 6
  A command injection flaw was found in the “Host Init Config” template in the Foreman application via the “Install Packages” field on the “Register Host” page. This flaw allows an attacker with the necessary privileges to inject arbitrary commands into the configuration, potentially allowing unauthorized command execution during host registration. Although this issue requires user interaction to execute injected commands, it poses a significant risk if an unsuspecting user runs the generated registration script. 2024-08-12 6.5 CVE-2024-7700
secalert@redhat.com
secalert@redhat.com
  rems — accounts_manager_app
  A vulnerability, which was classified as problematic, was found in SourceCodester Accounts Manager App 1.0. Affected is an unknown function of the file /endpoint/add-account.php. The manipulation of the argument account_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-13 5.4 CVE-2024-7749
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  rems — file_manager_app
  A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 6.1 CVE-2024-7660
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  rems — leads_manager_tool
  A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads Handler. The manipulation of the argument leads_name/phone_number leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-12 5.4 CVE-2024-7644
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  reputeinfosystems–ARMember Membership Plugin, Content Restriction, Member Levels, User Profile & User signup
  The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.37 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. 2024-08-17 6.4 CVE-2024-7703
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
  SAP_SE–SAP BusinessObjects Business Intelligence Platform
  SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application. 2024-08-13 4.3 CVE-2024-42375
cna@sap.com
cna@sap.com
  SAP_SE–SAP Commerce
  In SAP Commerce, valid user accounts can be identified during the customer registration and login processes. This allows a potential attacker to learn if a given e-mail is used for an account, but does not grant access to any customer data beyond this knowledge. The attacker must already know the e-mail that they wish to test for. The impact on confidentiality therefore is low and no impact to integrity or availability 2024-08-13 5.3 CVE-2024-41733
cna@sap.com
cna@sap.com
  SAP_SE–SAP Commerce Backoffice
  SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability causing low impact on confidentiality and integrity of the application. 2024-08-13 5.4 CVE-2024-41735
cna@sap.com
cna@sap.com
  SAP_SE–SAP CRM ABAP (Insights Management)
  SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application. 2024-08-13 5 CVE-2024-41737
cna@sap.com
cna@sap.com
  SAP_SE–SAP Document Builder
  SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application. 2024-08-13 4.3 CVE-2024-39591
cna@sap.com
cna@sap.com
  SAP_SE–SAP NetWeaver Application Server (ABAP and Java),SAP Web Dispatcher and SAP Content Server
  Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server can impersonate other users and may perform some unintended actions. This could lead to a low impact on confidentiality and a high impact on the integrity and availability of the applications. 2024-08-13 6.3 CVE-2024-33005
cna@sap.com
cna@sap.com
  SAP_SE–SAP NetWeaver Application Server ABAP
  SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls. Depending on the web applications provided by this server, the attacker might inject CSS code or links into the web application that could allow the attacker to read or modify information. There is no impact on availability of application. 2024-08-13 4.7 CVE-2024-41732
cna@sap.com
cna@sap.com
  SAP_SE–SAP NetWeaver Application Server ABAP and ABAP Platform
  Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability. 2024-08-13 4.3 CVE-2024-41734
cna@sap.com
cna@sap.com
  SAP_SE–SAP Permit to Work
  Under certain conditions SAP Permit to Work allows an authenticated attacker to access information which would otherwise be restricted causing low impact on the confidentiality of the application. 2024-08-13 4.3 CVE-2024-41736
cna@sap.com
cna@sap.com
  SAP_SE–SAP Shared Service Framework
  SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. On successful exploitation, an attacker can cause a high impact on confidentiality of the application. 2024-08-13 6.5 CVE-2024-42376
cna@sap.com
cna@sap.com
  SAP_SE–SAP Shared Service Framework
  SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the application 2024-08-13 4.3 CVE-2024-42377
cna@sap.com
cna@sap.com
  SAP_SE–SAP Student Life Cycle Management (SLcM)
  SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could allow an attacker to delete non-sensitive report variants that are typically restricted, causing minimal impact on the integrity of the application. 2024-08-13 4.3 CVE-2024-42373
cna@sap.com
cna@sap.com
  siemens — location_intelligence
  A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated remote attacker to conduct brute force attacks against legitimate user passwords. 2024-08-13 5.3 CVE-2024-41682
productcert@siemens.com
  siemens — location_intelligence
  A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce a strong user password policy. This could facilitate a brute force attack against legitimate user passwords. 2024-08-13 5.3 CVE-2024-41683
productcert@siemens.com
  siemens — sinec_nms
  A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization. 2024-08-13 4.3 CVE-2024-41941
productcert@siemens.com
  siemens — sinec_traffic_analyzer
  A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege’s to get access to sensitive information. 2024-08-13 6.5 CVE-2024-41905
productcert@siemens.com
  siemens — sinec_traffic_analyzer
  A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache. 2024-08-13 6.5 CVE-2024-41906
productcert@siemens.com
  siemens — sinec_traffic_analyzer
  A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack. 2024-08-13 5.4 CVE-2024-41907
productcert@siemens.com
  Siemens–LOGO! 12/24RCE
  A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions). Affected devices store user passwords in plaintext without proper protection. This could allow a physical attacker to retrieve them from the embedded storage ICs. 2024-08-13 4.6 CVE-2024-39922
productcert@siemens.com
  Siemens–RUGGEDCOM RM1224 LTE(4G) EU
  A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users. 2024-08-13 6.5 CVE-2024-41978
productcert@siemens.com
  smub–Easy Digital Downloads eCommerce Payments and Subscriptions made easy
  The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the currency value in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. 2024-08-12 4.4 CVE-2024-6691
security@wordfence.com
security@wordfence.com
  Soliloquy Team–Slider by Soliloquy
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’), Improper Authentication vulnerability in Soliloquy Team Slider by Soliloquy allows Cross-Site Scripting (XSS).This issue affects Slider by Soliloquy: from n/a through 2.7.6. 2024-08-12 5.9 CVE-2024-35775
audit@patchstack.com
  SourceCodester–Clinics Patient Management System
  A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System 1.0. This vulnerability affects unknown code of the file /pms/ajax/check_user_name.php. The manipulation of the argument user_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 6.3 CVE-2024-7841
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Daily Expenses Monitoring App
  A vulnerability classified as critical has been found in SourceCodester Daily Expenses Monitoring App 1.0. This affects an unknown part of the file /endpoint/delete-expense.php. The manipulation of the argument expense leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 6.3 CVE-2024-7811
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Online Graduate Tracer System
  A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /tracking/admin/view_itprofile.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 6.3 CVE-2024-7810
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Online Graduate Tracer System
  A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /tracking/admin/fetch_it.php. The manipulation of the argument request leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-16 6.3 CVE-2024-7845
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Online Graduate Tracer System
  A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /tracking/nbproject/. The manipulation leads to exposure of information through directory listing. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 5.3 CVE-2024-7809
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Online Graduate Tracer System
  A vulnerability, which was classified as problematic, has been found in SourceCodester Online Graduate Tracer System 1.0. This issue affects some unknown processing of the file /tracking/admin/export_it.php. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 5.3 CVE-2024-7842
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Online Graduate Tracer System
  A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file /tracking/admin/exportcs.php. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 5.3 CVE-2024-7843
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Prison Management System
  A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0. This issue affects some unknown processing of the file /uploadImage/Profile/ of the component Profile Image Handler. The manipulation leads to insufficiently protected credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 5.3 CVE-2024-7813
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Simple Online Bidding System
  A vulnerability classified as critical has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file /simple-online-bidding-system/bidding/admin/ajax.php?action=delete_product. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 6.3 CVE-2024-7800
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Simple Online Bidding System
  A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/bidding/admin/users.php. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2024-08-15 5.3 CVE-2024-7799
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Task Progress Tracker
  A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-14 6.3 CVE-2024-7792
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Yoga Class Registration System
  A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Users.php?f=save of the component Add User Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-08-16 6.3 CVE-2024-7851
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  SourceCodester–Yoga Class Registration System
  A vulnerability was found in SourceCodester Yoga Class Registration System up to 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=categories/view_category. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-16 6.3 CVE-2024-7853
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  sprecher-automation — sprecon-e_cp-2500_firmware
  Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments. 2024-08-12 6.5 CVE-2024-6758
info@cert.vde.com
  steve-community — steve
  SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central server for management of registered charge points. Attackers can inject arbitrary HTML and Javascript code via WebSockets leading to persistent Cross-Site Scripting in the SteVe management interface. 2024-08-12 6.1 CVE-2024-21550
report@snyk.io
report@snyk.io
report@snyk.io
report@snyk.io
  symphony-cms — symphony_cms
  A Cross Site Scripting (XSS) vulnerability in Symphony CMS 2.7.10 allows remote attackers to inject arbitrary web script or HTML by editing note. 2024-08-13 5.4 CVE-2024-41613
cve@mitre.org
  symphony-cms — symphony_cms
  symphonycms <=2.7.10 is vulnerable to Cross Site Scripting (XSS) in the Comment component for articles. 2024-08-13 4.8 CVE-2024-41614
cve@mitre.org
  Techeshta–Card Elements for Elementor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Techeshta Card Elements for Elementor allows Stored XSS.This issue affects Card Elements for Elementor: from n/a through 1.2.2. 2024-08-12 6.5 CVE-2024-43123
audit@patchstack.com
  ThemeLooks–Enter Addons
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in ThemeLooks Enter Addons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.7. 2024-08-12 6.5 CVE-2024-43225
audit@patchstack.com
  ThemeSphere–SmartMag
  Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in ThemeSphere SmartMag allows Excavation, Accessing Functionality Not Properly Constrained by ACLs.This issue affects SmartMag: from n/a through 9.3.0. 2024-08-12 5.3 CVE-2024-37930
audit@patchstack.com
  Themeum–Tutor LMS
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3. 2024-08-12 6.5 CVE-2024-43231
audit@patchstack.com
  Themify–Themify Shortcodes
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Themify Themify Shortcodes allows Stored XSS.This issue affects Themify Shortcodes: from n/a through 2.1.1. 2024-08-12 6.5 CVE-2024-43133
audit@patchstack.com
  ThimPress–LearnPress
  Authorization Bypass Through User-Controlled Key vulnerability in ThimPress LearnPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LearnPress: from n/a through 4.2.6.8.2. 2024-08-13 6.5 CVE-2024-39642
audit@patchstack.com
  Tosei–Online Store Management System 
  A vulnerability was found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cgi-bin/p1_ftpserver.php. The manipulation of the argument adr_txt leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-08-17 6.3 CVE-2024-7896
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  Tosei–Online Store Management System 
  A vulnerability classified as critical has been found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. This affects an unknown part of the file /cgi-bin/tosei_kikai.php. The manipulation of the argument kikaibangou leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-08-17 6.3 CVE-2024-7897
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  typora — typora
  Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the Mermaid component. 2024-08-12 6.1 CVE-2024-41481
cve@mitre.org
  typora — typora
  Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the MathJax component. 2024-08-12 6.1 CVE-2024-41482
cve@mitre.org
  Unknown–Category Posts Widget
  The Category Posts Widget WordPress plugin before 4.9.17, term-and-category-based-posts-widget WordPress plugin before 4.9.13 does not validate and escape some of its “Category Posts” widget settings before outputting them back in a page/post where the Widget is embed, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) 2024-08-12 4.8 CVE-2024-6158
contact@wpscan.com
  Unknown–Generate Images
  The Generate Images WordPress plugin before 5.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) 2024-08-13 4.8 CVE-2024-6724
contact@wpscan.com
  Unknown–wp-cart-for-digital-products
  The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin 2024-08-12 6.5 CVE-2024-6133
contact@wpscan.com
  Unknown–wp-cart-for-digital-products
  The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin 2024-08-12 5.4 CVE-2024-6134
contact@wpscan.com
  Unknown–wp-cart-for-digital-products
  The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks 2024-08-12 5.4 CVE-2024-6136
contact@wpscan.com
  vim–vim
  The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autocommand the buffer that was just opened is closed (including the window where it is shown), this causes the window structure to be freed which contains a reference to the argument list that we are actually modifying. Once the autocommands are completed, the references to the window and argument list are no longer valid and as such cause an use-after-free. Impact is low since the user must either intentionally add some unusual autocommands that wipe a buffer during creation (either manually or by sourcing a malicious plugin), but it will crash Vim. The issue has been fixed as of Vim patch v9.1.0678. 2024-08-16 4.5 CVE-2024-43374
security-advisories@github.com
security-advisories@github.com
  wanglongcn–ltcms
  A vulnerability was found in wanglongcn ltcms 1.0.20 and classified as critical. This issue affects the function downloadFile of the file /api/file/downloadfile of the component API Endpoint. The manipulation of the argument file leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-08-13 5.3 CVE-2024-7741
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  WappPress Team–WappPress
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WappPress Team WappPress allows Stored XSS.This issue affects WappPress: from n/a through 6.0.4. 2024-08-12 5.9 CVE-2024-43137
audit@patchstack.com
  WC Product Table–WooCommerce Product Table Lite
  Improper Control of Generation of Code (‘Code Injection’) vulnerability in WC Product Table WooCommerce Product Table Lite allows Code Injection.This issue affects WooCommerce Product Table Lite: from n/a through 3.5.1. 2024-08-13 6.5 CVE-2024-43128
audit@patchstack.com
  Weaver–e-cology
  A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecology_dev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-08-12 5.3 CVE-2024-7704
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  Weblizar–Coming Soon
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Weblizar Coming Soon allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming Soon: from n/a through 1.6.3. 2024-08-13 5.3 CVE-2024-38756
audit@patchstack.com
  WP Table Builder–WP Table Builder WordPress Table Plugin
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WP Table Builder WP Table Builder – WordPress Table Plugin allows Stored XSS.This issue affects WP Table Builder – WordPress Table Plugin: from n/a through 1.4.15. 2024-08-12 6.5 CVE-2024-43125
audit@patchstack.com
  Wp2speed–WP2Speed Faster
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wp2speed WP2Speed Faster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP2Speed Faster: from n/a through 1.0.1. 2024-08-12 5.3 CVE-2024-37924
audit@patchstack.com
  wp_media–BackWPup WordPress Backup & Restore Plugin
  The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default settings will place an index.php and a .htaccess file into the chosen directory (unless already present) when the first backup job is run that are intended to prevent directory listing and file access. This means that an attacker could set the backup directory to the root of another site in a shared environment and thus disable that site. 2024-08-17 6.8 CVE-2023-5505
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
  WPDeveloper–BetterDocs
  Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in WPDeveloper BetterDocs allows PHP Local File Inclusion.This issue affects BetterDocs: from n/a through 3.5.8. 2024-08-13 6.5 CVE-2024-43129
audit@patchstack.com
  WPDeveloper–BetterDocs
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WPDeveloper BetterDocs allows Stored XSS.This issue affects BetterDocs: from n/a through 3.5.8. 2024-08-12 6.5 CVE-2024-43227
audit@patchstack.com
  wpdevteam–Essential Addons for Elementor Best Elementor Templates, Widgets, Kits & WooCommerce Builders
  The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘no_more_items_text’ parameter in all versions up to, and including, 5.9.27 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-13 6.4 CVE-2024-7092
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
  wpfeedback–Visual Website Collaboration, Feedback & Project Management Atarim
  The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the process_wpfeedback_misc_options() function in all versions up to, and including, 4.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugins settings which can also be leveraged to gain access to the plugin’s settings. 2024-08-12 5.4 CVE-2024-7621
security@wordfence.com
security@wordfence.com
security@wordfence.com
  wpmet–ElementsKit Pro
  The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-15 6.4 CVE-2024-7064
security@wordfence.com
security@wordfence.com
  wpmet–ElementsKit Pro
  The ElementsKit Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.6 via the ‘render_raw’ function. This can allow authenticated attackers, with Contributor-level permissions and above, to extract sensitive data including private, future, and draft posts. 2024-08-15 4.3 CVE-2024-7063
security@wordfence.com
security@wordfence.com
  wpopal–Opal Membership
  The Opal Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via checkout form fields in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-08-12 6.1 CVE-2024-7649
security@wordfence.com
security@wordfence.com
  wpopal–Opal Membership
  The Opal Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the private notes functionality on payments which utilizes WordPress comments. This makes it possible for authenticated attackers, with subscriber-level access and above, to view private notes via recent comments that should be restricted to just administrators. 2024-08-12 4.3 CVE-2024-7648
security@wordfence.com
security@wordfence.com
security@wordfence.com
  Xpro–Xpro Elementor Addons
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through 1.4.4.2. 2024-08-12 6.5 CVE-2024-43150
audit@patchstack.com
  Xyzscripts–Insert PHP Code Snippet
  Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert PHP Code Snippet.This issue affects Insert PHP Code Snippet: from n/a through 1.3.6. 2024-08-15 5.4 CVE-2024-43275
audit@patchstack.com
  yogeshojha–rengine
  reNgine is an automated reconnaissance framework for web applications. Versions 2.1.2 and prior are susceptible to Stored Cross-Site Scripting (XSS) attacks. This vulnerability occurs when scanning a domain, and if the target domain’s DNS record contains an XSS payload, it leads to the execution of malicious scripts in the reNgine’s dashboard view when any user views the scan results. The XSS payload is directly fetched from the DNS record of the remote target domain. Consequently, an attacker can execute the attack without requiring any additional input from the target or the reNgine user. A patch is available and expected to be part of version 2.1.3. 2024-08-16 5 CVE-2024-43381
security-advisories@github.com
security-advisories@github.com
  Yuri Baranov–YaMaps for WordPress
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Yuri Baranov YaMaps for WordPress allows Stored XSS.This issue affects YaMaps for WordPress: from n/a through 0.6.27. 2024-08-12 6.5 CVE-2024-43224
audit@patchstack.com
  yzane–vscode-markdown-pdf
  A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2024-08-13 4.3 CVE-2024-7739
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
  Zabbix–Zabbix
  A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application. 2024-08-12 6.1 CVE-2024-22121
security@zabbix.com
  Zabbix–Zabbix
  User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard. 2024-08-12 4.3 CVE-2024-22114
security@zabbix.com
  zimbra — collaboration
  An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper input validation in the handling of the calendar header. An attacker can exploit this via an email message containing a crafted calendar header with an embedded XSS payload. When a victim views this message in the Zimbra webmail classic interface, the payload is executed in the context of the victim’s session, potentially leading to execution of arbitrary JavaScript code. 2024-08-12 6.1 CVE-2024-27443
cve@mitre.org
cve@mitre.org
  zimbra — collaboration
  An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, issue 1 of 2. A reflected cross-site scripting (XSS) vulnerability has been identified in the Zimbra webmail admin interface. This vulnerability occurs due to inadequate input validation of the packages parameter, allowing an authenticated attacker to inject and execute arbitrary JavaScript code within the context of another user’s browser session. By uploading a malicious JavaScript file and crafting a URL containing its location in the packages parameter, the attacker can exploit this vulnerability. Subsequently, when another user visits the crafted URL, the malicious JavaScript code is executed. 2024-08-12 5.4 CVE-2024-33533
cve@mitre.org
cve@mitre.org
  zimbra — collaboration
  An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability occurs due to inadequate input validation of the res parameter, allowing an authenticated attacker to inject and execute arbitrary JavaScript code within the context of another user’s browser session. By uploading a malicious JavaScript file, accessible externally, and crafting a URL containing its location in the res parameter, the attacker can exploit this vulnerability. Subsequently, when another user visits the crafted URL, the malicious JavaScript code is executed. 2024-08-12 5.4 CVE-2024-33536
cve@mitre.org
cve@mitre.org
  Zoho Campaigns–Zoho Campaigns
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Zoho Campaigns allows Cross-Site Scripting (XSS).This issue affects Zoho Campaigns: from n/a through 2.0.8. 2024-08-13 6.5 CVE-2024-38752
audit@patchstack.com
  ZoneMinder–zoneminder
  ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filter[Id]. This vulnerability is fixed in 1.36.34 and 1.37.61. 2024-08-12 6.1 CVE-2024-43358
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
  Zoom Communications Inc.–Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
  Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. 2024-08-14 6.5 CVE-2024-39822
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
  Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. 2024-08-14 6.5 CVE-2024-42436
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
  Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. 2024-08-14 6.5 CVE-2024-42437
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
  Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. 2024-08-14 6.5 CVE-2024-42438
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
  Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. 2024-08-14 4.9 CVE-2024-39823
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
  Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. 2024-08-14 4.9 CVE-2024-39824
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
  Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. 2024-08-14 4.9 CVE-2024-42434
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
  Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. 2024-08-14 4.9 CVE-2024-42435
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS
  Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access. 2024-08-14 6.5 CVE-2024-42439
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS
  Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access. 2024-08-14 6.2 CVE-2024-42440
security@zoom.us
  Zoom Communications Inc.–Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS
  Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access. 2024-08-14 6.2 CVE-2024-42441
security@zoom.us
  zvijerka–Admission AppManager
  The Admission AppManager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘q’ parameter in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2024-08-17 6.1 CVE-2023-4507
security@wordfence.com
security@wordfence.com
 



Source link
lol

2j-slideshow–Slideshow, Image Slider by 2J  The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘post’ parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute…

Leave a Reply

Your email address will not be published. Required fields are marked *