Vulnerebility Vulnerebility Calendar Top 50 in years Top Vulnerebility List of Attack
| DATE |
NAME |
CATEGORY |
SUB | |
|
27.7.24 |
CVE-2023-46229 |
CVE |
langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via __import__ in Python code, which is not prohibited by pal_chain/base.py. | |
|
27.7.24 |
CVE-2023-44467 |
CVE |
LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. | |
|
26.7.24 |
ConfusedFunction |
CVE |
ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions | |
|
26.7.24 |
CVE-2024-6327 |
CVE |
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. | |
|
26.7.24 |
CVE-2024-41110 |
CVE |
Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins | |
|
25.7.24 |
CVE-2012-4792 |
CVE |
Microsoft Internet Explorer Use-After-Free Vulnerability | |
|
25.7.24 |
CVE-2024-39891 |
CVE |
Twilio Authy Information Disclosure Vulnerability | |
|
24.7.24 |
CVE |
New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273) |
||
|
19.7.24 |
CVE-2024-23471 | VULNEREBILITY | CVE | Solarwinds ARM CreateFile Directory Traversal Remote Code Execution Vulnerability |
|
19.7.24 |
CVE-2024-23470 | VULNEREBILITY | CVE | Solarwinds ARM UserScriptHumster Exposed Dangerous Method Remote Command Execution Vulnerability |
|
19.7.24 |
CVE-2024-23466 | VULNEREBILITY | CVE | Solarwinds ARM Directory Traversal Remote Code Execution Vulnerability |
|
19.7.24 |
CVE-2024-23467 | VULNEREBILITY | CVE | Solarwinds ARM Traversal Remote Code Execution Vulnerability |
|
19.7.24 |
CVE-2024-23475 | VULNEREBILITY | CVE | Solarwinds ARM Traversal and Information Disclosure Vulnerability |
|
19.7.24 |
CVE-2024-23469 | VULNEREBILITY | CVE | Solarwinds ARM Exposed Dangerous Method Remote Code Execution Vulnerability |
|
19.7.24 |
CVE-2024-28074 | VULNEREBILITY | CVE | SolarWinds ARM Internal Deserialization Remote Code Execution Vulnerability |
|
19.7.24 |
CVE-2024-23472 | VULNEREBILITY | CVE | SolarWinds ARM Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
|
18.7.24 |
SAPwned | VULNEREBILITY | AI | SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts |
|
18.7.24 |
CVE-2024-34102 | VULNEREBILITY | CVE | (CVSS score: 9.8) - Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability |
|
18.7.24 |
CVE-2024-28995 | VULNEREBILITY | CVE | (CVSS score: 8.6) - SolarWinds Serv-U Path Traversal Vulnerability |
|
18.7.24 |
CVE-2022-22948 | VULNEREBILITY | CVE | (CVSS score: 6.5) - VMware vCenter Server Incorrect Default File Permissions Vulnerability |
|
17.7.24 |
CVE-2024-27348 | VULNEREBILITY | CVE | RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue. |
|
16.7.24 |
CVE-2024-36401 | VULNEREBILITY | CVE | OSGeo GeoServer GeoTools Eval Injection Vulnerability |
|
12.7.24 | CVE-2024-39929 | VULNEREBILITY | CVE | Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users. |
|
12.7.24 | CVE-2024-3596 | VULNEREBILITY | CVE | This vulnerability allows an attacker performing a meddler-in-the-middle attack between Palo Alto Networks PAN-OS firewall and a RADIUS server to bypass authentication and escalate privileges to ‘superuser’ when RADIUS authentication is in use and either CHAP or PAP is selected in the RADIUS server profile. |
|
12.7.24 | CVE-2024-5910 | VULNEREBILITY | CVE | Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. |
|
11.7.24 | CVE-2024-6385 | VULNEREBILITY | CVE | GitLab Critical Patch Release: 17.1.2, 17.0.4, 16.11.6 |
|
10.7.24 | CVE-2024-38021 | VULNEREBILITY | CVE | Microsoft Office Remote Code Execution Vulnerability |
|
10.7.24 | CVE-2024-38080 | VULNEREBILITY | CVE | Windows Hyper-V Elevation of Privilege Vulnerability |
|
10.7.24 | CVE-2024-38112 | VULNEREBILITY | CVE | Windows MSHTML Platform Spoofing Vulnerability |
|
10.7.24 | CVE-2024-35264 | VULNEREBILITY | CVE | .NET and Visual Studio Remote Code Execution Vulnerability |
|
10.7.24 | CVE-2024-6387 | VULNEREBILITY | CVE | CVE-2024-6409: OpenSSH: Possible remote code execution in privsep child due to a race condition in signal handling |
|
8.7.24 | CVE-2024-39930 | VULNEREBILITY | CVE | The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected. |
|
8.7.24 | CVE-2024-39931 | VULNEREBILITY | CVE | Gogs through 0.13.0 allows deletion of internal files. |
|
8.7.24 | CVE-2024-39932 | VULNEREBILITY | CVE | Gogs through 0.13.0 allows argument injection during the previewing of changes. |
|
8.7.24 | CVE-2024-39933 | VULNEREBILITY | CVE | Gogs through 0.13.0 allows argument injection during the tagging of a new release. |
|
5.7.24 | CVE-2023-2071 | VULNEREBILITY | ICS | PN1645 | FactoryTalk View Machine Edition Vulnerable to Remote Code Execution |
|
5.7.24 | CVE-2023-29464 | VULNEREBILITY | ICS | PN1652 | FactoryTalk® Linx Vulnerable to Denial-of-Service and Information Disclosure |
|
2.7.24 | CVE-2024-20399 | VULNEREBILITY | CVE | Cisco NX-OS Software CLI Command Injection Vulnerability |
|
2.7.24 | CocoaPods | VULNEREBILITY | CVE | Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications |
|
1.7.24 | regreSSHion | VULNEREBILITY | CVE | regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server |
|
1.7.24 | CVE-2024-2973 | VULNEREBILITY | CVE | 2024-06: Out-Of-Cycle Security Bulletin: Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed (CVE-2024-2973) |
| 18.6.24 | CVE-2024-37081 |
CVE |
Multiple VMware vCenter Server Flaws Allow Remote Code Execution | |
| 17.6.24 | CVE-2024-3079 |
CVE |
Certain models of ASUS routers have buffer overflow vulnerabilities, allowing remote attackers with administrative privileges to execute arbitrary commands on the device. | |
| 17.6.24 | CVE-2024-3080 |
CVE |
Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device. | |
| 14.6.24 | CVE-2023-3938 |
CVE |
(CVSS score: 4.6) - An SQL injection flaw when displaying a QR code into the device's camera by passing a specially crafted request containing a quotation mark, thereby allowing an attacker to authenticate as any user in the database | |
| 14.6.24 | CVE-2023-3939 |
CVE |
(CVSS score: 10.0) - A set of command injection flaws that allows for execution of arbitrary OS commands with root privileges | |
| 14.6.24 | CVE-2023-3940 |
CVE |
(CVSS score: 7.5) - A set of arbitrary file read flaws that allows an attacker to bypass security checks and access any file on the system, including sensitive user data and system settings | |
| 14.6.24 | CVE-2023-3941 |
CVE |
(CVSS score: 10.0) - A set of arbitrary file write flaws that allows an attacker to write any file on the system with root privileges, including altering the user database to add rogue users | |
| 14.6.24 | CVE-2023-3942 |
CVE |
(CVSS score: 7.5) - A set of SQL injection flaws that allows an attacker to inject malicious SQL code and perform unauthorized database operations and siphon sensitive data | |
| 14.6.24 | CVE-2023-3943 |
CVE |
(CVSS score: 10.0) - A set of stack-based buffer overflow flaws that allows an attacker to execute arbitrary code | |
| 14.6.24 | CVE-2024-32896 |
CVE |
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |
| 13.6.24 | CVE-2024-26169 |
CVE |
Windows Error Reporting Service Elevation of Privilege Vulnerability | |
| 12.6.24 | CVE-2024-30082 |
CVE |
Win32k Elevation of Privilege Vulnerability | |
| 12.6.24 | CVE-2024-30085 |
CVE |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |
| 12.6.24 | CVE-2024-30086 |
CVE |
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | |
| 12.6.24 | CVE-2024-30078 |
CVE |
Windows Wi-Fi Driver Remote Code Execution Vulnerability | |
| 12.6.24 | CVE-2024-30103 |
CVE |
Microsoft Outlook Remote Code Execution Vulnerability | |
| 12.6.24 | CVE-2024-30080 |
CVE |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability New | |
| 12.6.24 | CVE-2023-50868 |
CVE |
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. | |
| 11.6.24 | CVE-2024-4610 |
CVE |
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0. | |
| 9.6.24 | CVE-2024-4577 |
CVE |
CVE-2024-4577: Proof of Concept Available for PHP-CGI Argument Injection Vulnerability | |
|
5.6.24 |
CVE |
This command injection vulnerability in the CGI program “remote_help-cgi” in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. |
||
|
5.6.24 |
CVE |
This command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some OS commands by sending a crafted HTTP POST request. |
||
|
5.6.24 |
CVE |
This remote code execution vulnerability in the CGI program “file_upload-cgi” in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute arbitrary code by uploading a crafted configuration file to a vulnerable device. |
||
|
5.6.24 |
CVE |
This improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 and NAS542 devices could allow an authenticated local attacker with administrator privileges to execute some system commands as the “root” user on a vulnerable device. |
||
|
5.6.24 |
CVE |
This improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 and NAS542 devices could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device. |
||
|
5.6.24 |
CVE |
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. |
||
|
31.5.24 |
CVE-2024-1086 |
CVE |
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. | |
|
31.5.24 |
CVE-2023-38831 |
CVE |
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. | |
|
30.5.24 |
CVE-2023-6961 |
CVE |
(CVSS score: 7.2) - Unauthenticated Stored Cross-Site Scripting in WP Meta SEO <= 4.5.12 | |
|
30.5.24 |
CVE-2023-40000 |
CVE |
(CVSS score: 8.3) - Unauthenticated Stored Cross-Site Scripting in LiteSpeed Cache <= 5.7 | |
|
30.5.24 |
CVE-2024-2194 |
CVE |
(CVSS score: 7.2) - Unauthenticated Stored Cross-Site Scripting in WP Statistics <= 14.5 | |
|
29.5.24 |
CVE-2024-24919 |
CVE |
Important Security Update – Stay Protected Against VPN Information Disclosure (CVE-2024-24919) | |
|
28.5.24 |
CVE-2024-23109 |
CVE |
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | |
|
28.5.24 |
CVE-2024-23108 |
CVE |
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | |
|
28.5.24 |
Remote Command Execution on TP-Link Archer C5400X |
CVE |
Before the release of our binary zero-day identification feature, we tested and validated it on our firmware corpus to make sure we were providing meaningful analysis results. In the process, we identified numerous vulnerabilities that we reported to vendors. | |
|
28.5.24 |
CVE-2024-5035 |
CVE |
The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. | |
|
25.5.24 |
CVE |
Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group and Brendon Tiszka of Chrome Security on 2024-05-20 |
||
|
25.5.24 |
CVE |
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack |
||
|
24.5.24 |
CVE |
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. |
||
|
23.5.24 |
CVE |
Avalanche 6.4.3.602 - additional security hardening and CVE fixed |
||
|
22.5.24 |
CVE-2024-29852 |
CVE |
(CVSS score: 2.7), which allows a privileged user to read backup session logs | |
|
22.5.24 |
CVE-2024-29851 |
CVE |
(CVSS score: 7.2), which allows a privileged user to steal NTLM hashes of a Veeam Backup Enterprise Manager service account if it's not configured to run as the default Local System account | |
|
22.5.24 |
CVE-2024-29850 |
CVE |
(CVSS score: 8.8), which allows account takeover via NTLM relay | |
|
22.5.24 |
CVE-2024-29849 |
CVE |
(CVSS score: 9.8), the vulnerability could allow an unauthenticated attacker to log in to the Veeam Backup Enterprise Manager web interface as any user. | |
|
22.5.24 |
CVE-2024-27130 |
CVE |
A set of buffer overflow vulnerabilities that could allow authenticated users to execute arbitrary code via a network | |
|
22.5.24 |
CVE-2024-27129 |
CVE |
A set of buffer overflow vulnerabilities that could allow authenticated users to execute arbitrary code via a network | |
|
22.5.24 |
CVE-2024-27128 |
CVE |
A set of buffer overflow vulnerabilities that could allow authenticated users to execute arbitrary code via a network | |
|
22.5.24 |
CVE-2024-27127 |
CVE |
A double free vulnerability that could allow authenticated users to execute arbitrary code via a network | |
|
22.5.24 |
CVE-2024-21902 |
CVE |
An incorrect permission assignment for critical resource vulnerability that could allow authenticated users to read or modify the resource via a network | |
|
22.5.24 |
CVE-2024-4985 |
CVE |
An authentication bypass vulnerability was present in the GitHub Enterprise Server (GHES) when utilizing SAML single sign-on authentication with the optional encrypted assertions feature. | |
|
22.5.24 |
CVE-2024-34359 |
CVE |
llama-cpp-python is the Python bindings for llama.cpp. `llama-cpp-python` depends on class `Llama` in `llama.py` to load `.gguf` llama.cpp or Latency Machine Learning Models. | |
|
21.5.24 |
CVE-2023-43208 |
CVE |
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679. | |
|
21.5.24 |
CVE-2024-4323 |
CVE |
A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution. | |
|
18.5.24 |
CVE-2024-22267 |
CVE |
(CVSS score: 9.3) - A use-after-free vulnerability in the Bluetooth device that could be exploited by a malicious actor with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host | |
|
18.5.24 |
CVE-2024-22268 |
CVE |
(CVSS score: 7.1) - A heap buffer-overflow vulnerability in the Shader functionality that could be exploited by a malicious actor with non-administrative access to a virtual machine with 3D graphics enabled to create a DoS condition | |
|
18.5.24 |
CVE-2024-22269 |
CVE |
(CVSS score: 7.1) - An information disclosure vulnerability in the Bluetooth device that could be exploited by a malicious actor with local administrative privileges on a virtual machine to read privileged information contained in hypervisor memory from a virtual machine | |
|
18.5.24 |
CVE-2024-22270 |
CVE |
(CVSS score: 7.1) - An information disclosure vulnerability in the Host Guest File Sharing (HGFS) functionality that could be exploited by a malicious actor with local administrative privileges on a virtual machine to read privileged information contained in hypervisor memory from a virtual machine | |
|
17.5.24 |
CVE-2014-100005 |
CVE |
A cross-site request forgery (CSRF) vulnerability impacting D-Link DIR-600 routers that allows an attacker to change router configurations by hijacking an existing administrator session | |
|
17.5.24 |
CVE-2021-40655 |
CVE |
An information disclosure vulnerability impacting D-Link DIR-605 routers that allows attackers to obtain a username and password by forging an HTTP POST request to the /getcfg.php page | |
|
16.5.24 |
CVE-2024-4947 |
CVE |
Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
|
15.5.24 |
CVE-2024-4761 |
CVE |
High CVE-2024-4761: Out of bounds write in V8. Reported by Anonymous on 2024-05-09 | |
|
15.5.24 |
CVE-2024-31459 |
CVE |
(CVSS score: N/A) - A file inclusion issue in the "lib/plugin.php" file that could be combined with SQL injection vulnerabilities to result in remote code execution | |
|
15.5.24 |
CVE-2024-31445 |
CVE |
(CVSS score: 8.8) - An SQL injection vulnerability in api_automation.php that allows authenticated users to perform privilege escalation and remote code execution | |
|
15.5.24 |
CVE-2024-29895 |
CVE |
(CVSS score: 10.0) - A command injection vulnerability allows any unauthenticated user to execute arbitrary command on the server when the "register_argc_argv" option of PHP is On | |
|
15.5.24 |
CVE-2024-25641 |
CVE |
(CVSS score: 9.1) - An arbitrary file write vulnerability in the "Package Import" feature that allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server, resulting in remote code execution | |
|
15.5.24 |
CVE-2024-30040 |
CVE |
(CVSS score: 8.8) - Windows MSHTML Platform Security Feature Bypass Vulnerability | |
|
15.5.24 |
CVE-2024-30051 |
CVE |
(CVSS score: 7.8) - Windows Desktop Window Manager (DWM) Core Library Elevation of Privilege Vulnerability | |
|
14.5.24 |
CVE-2023-47610 |
CVE |
(CVSS score: 8.1) - A buffer overflow vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message. | |
|
14.5.24 |
CVE-2023-47611 |
CVE |
(CVSS score: 7.8) - An improper privilege management vulnerability that could allow a local, low-privileged attacker to elevate privileges to manufacturer level on the targeted system. | |
|
14.5.24 |
CVE-2023-47612 |
CVE |
(CVSS score: 6.8) - A files or directories accessible to external parties vulnerability that could allow an attacker with physical access to the target system to obtain read/write access to any files and directories on the targeted system, including hidden files and directories. | |
|
14.5.24 |
CVE-2023-47613 |
CVE |
(CVSS score: 4.4) - A relative path traversal vulnerability that could allow a local, low-privileged attacker to escape from virtual directories and get read/write access to protected files on the targeted system. | |
|
14.5.24 |
CVE-2023-47614 |
CVE |
(CVSS score: 3.3) - An exposure of sensitive information vulnerability that could allow a local, low-privileged attacker to disclose hidden virtual paths and file names on the targeted system. | |
|
14.5.24 |
CVE-2023-47615 |
CVE |
(CVSS score: 3.3) - An exposure of sensitive information through environmental variables vulnerability that could allow a local, low-privileged attacker to obtain unauthorized access to the targeted system. | |
|
14.5.24 |
CVE-2023-47616 |
CVE |
(CVSS score: 2.4) - An exposure of sensitive information vulnerability that could allow an attacker with physical access to the target system to get access to sensitive data on the targeted system. | |
|
10.5.24 |
CVE-2024-4671 |
CVE |
CVE-2024-4671: Use after free in Visuals. Reported by Anonymous on 2024-05-07 | |
|
10.5.24 |
CVE-2021-3129 |
CVE |
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2. | |
|
10.5.24 |
CVE-2024-3661 |
CVE |
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. | |
|
9.5.24 |
CVE-2024-3661 |
CVE |
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. | |
|
9.5.24 |
CVE |
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. |
||
|
9.5.24 |
CVE |
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. |
||
|
9.5.24 |
CVE |
(CVSS score: 7.5) - An OData injection vulnerability that could allow an unauthenticated attacker to execute malicious SQL statements through the BIG-IP NEXT Central Manager API |
||
|
9.5.24 |
CVE |
(CVSS score: 7.5) - An SQL injection vulnerability that could allow an unauthenticated attacker to execute malicious SQL statements through the BIG-IP Next Central Manager API |
||
|
8.5.24 |
CVE |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7. |
||
|
7.5.24 |
CVE |
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. |
||
|
7.5.24 |
CVE |
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. |
||
|
6.5.24 |
CVE |
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability. |
||
|
6.5.24 |
CVE |
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability. |
||
|
3.5.24 |
CVE |
(CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the Local User Authentication Database Accessed via the PAPI Protocol |
||
|
3.5.24 |
CVE |
(CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the Automatic Reporting Service Accessed via the PAPI Protocol |
||
|
3.5.24 |
CVE |
(CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the Utility Daemon Accessed via the PAPI Protocol |
||
|
3.5.24 |
CVE |
(CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the L2/L3 Management Service Accessed via the PAPI Protocol |
||
|
3.5.24 |
Vulnerebility |
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps |
||
| 30.4.24 | CVE-2017-8570 | Vulnerebility | CVE | Microsoft Office Remote Code Execution Vulnerability |
| 30.4.24 | CVE-2024-29021 | Vulnerebility | CVE | (CVSS score: 9.1) - The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server-Side Request Forgery (SSRF). This allows an attacker with sufficient access to the Judge0 API to obtain unsandboxed code execution as root on the target machine. |
| 30.4.24 | CVE-2024-28189 | Vulnerebility | CVE | (CVSS score: 10.0) - A patch bypass for CVE-2024-28185 that stems from the use of the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link (symlink) to a file outside the sandbox, allowing the attacker to run chown on arbitrary files outside of the sandbox. |
| 30.4.24 | CVE-2024-28185 | Vulnerebility | CVE | (CVSS score: 10.0) - The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox |
| 30.4.24 | CVE-2024-27322 | Vulnerebility | CVE | Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user’s system when interacted with. |
| 27.4.24 | CVE-2024-29966 | Vulnerebility | CVE | Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance. |
| 27.4.24 | CVE-2024-29963 | Vulnerebility | CVE | Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries. |
| 27.4.24 | CVE-2024-29961 | Vulnerebility | CVE | A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. It allows a Brocade SANnav service to send ping commands in the background at regular intervals to gridgain.com to check if updates are available for the Component. This could make an unauthenticated, remote attacker aware of the behavior and launch a supply-chain attack against a Brocade SANnav appliance. |
| 27.4.24 | CVE-2024-29960 | Vulnerebility | CVE | In Brocade SANnav server before v2.3.1 and v2.3.0a, the SSH keys inside the OVA image are identical in the VM every time SANnav is installed. Any Brocade SAnnav VM based on the official OVA images is vulnerable to MITM over SSH. An attacker can decrypt and compromise the SSH traffic to the SANnav. |
| 27.4.24 | CVE-2024-2859 | Vulnerebility | CVE | By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account. |
| 27.4.24 | CVE-2024-3400 | Vulnerebility | CVE | A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. |
| 27.4.24 | CVE-2024-27956 | Vulnerebility | CVE | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0. |
| 27.4.24 | CVE-2024-21338 | Vulnerebility | CVE | Windows Kernel Elevation of Privilege Vulnerability |
| 25.4.24 | CVE-2024-20353 | Vulnerebility | CVE | (CVSS score: 8.6) - Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial-of-Service Vulnerability |
| 25.4.24 | CVE-2024-20359 | Vulnerebility | CVE | (CVSS score: 6.0) - Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability |
| 20.4.24 | PAN-OS CVE-2024-3400 | Vulnerebility | CVE | On April 10, 2024 Palo Alto Networks Product Security Incident Response Team (PSIRT) learned of a suspicious exfiltration attempt at a customer site from Volexity's Steven Adair. Our Palo Alto Networks Product Security Research Lead Christopher Ganas and Unit 42's Threat Research Lead Kyle Wilhoit immediately investigated the issue with Volexity's team. |
| 20.4.24 | Updating CrushFTP v11 | Vulnerebility | CVE | CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files. This has been patched in v11.1.0. Customers using a DMZ in front of their main CrushFTP instance are protected with its protocol translation system it utilizes. (CREDIT:Simon Garrelou, of Airbus CERT) |
| 19.4.24 | CVE-2020-3259 | Vulnerebility | CVE | A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. |
| 19.4.24 | CVE-2023-20269 | Vulnerebility | CVE | A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. |
| 18.4.24 | CVE-2024-28847 | Vulnerebility | CVE | (CVSS score: 8.8) - A Spring Expression Language (SpEL) injection vulnerability in PUT /api/v1/events/subscriptions (fixed in version 1.2.4) |
| 18.4.24 | CVE-2024-28848 | Vulnerebility | CVE | (CVSS score: 8.8) - A SpEL injection vulnerability in GET /api/v1/policies/validation/condition/<expr> (fixed in version 1.2.4) |
| 18.4.24 | CVE-2024-28253 | Vulnerebility | CVE | (CVSS score: 8.8) - A SpEL injection vulnerability in PUT /api/v1/policies (fixed in version 1.3.1) |
| 18.4.24 | CVE-2024-28254 | Vulnerebility | CVE | (CVSS score: 8.8) - A SpEL injection vulnerability in GET /api/v1/events/subscriptions/validation/condition/<expr> (fixed in version 1.2.4) |
| 18.4.24 | CVE-2024-28255 | Vulnerebility | CVE | (CVSS score: 9.8) - An authentication bypass vulnerability (fixed in version 1.2.4) |
| 17.4.24 | CVE-2023-1389 | Vulnerebility | CVE | Unauthenticated Command Injection in TP-Link Archer AX21 (AX1800) |
| 17.4.24 | CVE-2023-22518 | Vulnerebility | CVE | All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. |
| 17.4.24 | CVE-2023-48788 | Vulnerebility | CVE | A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. |
| 16.4.24 | CVE-2023-36052 | Vulnerebility | CVE | Azure CLI REST Command Information Disclosure Vulnerability |
| 16.4.24 | LeakyCLI | Vulnerebility | CVE | LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs |
| 16.4.24 | Lighttpd |
CVE |
Important changes | |
| 16.4.24 | CVE-2024-31497 |
CVE |
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. | |
| 12.4.24 | CVE-2024-3400 |
CVE |
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. | |
|
11.4.24 |
CVE |
[FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration |
||
| 10.4.24 | CVE-2024-26234 |
CVE |
(CVSS score: 6.7) - Proxy Driver Spoofing Vulnerability | |
| 10.4.24 | CVE-2024-29988 |
CVE |
(CVSS score: 8.8) - SmartScreen Prompt Security Feature Bypass Vulnerability | |
| 10.4.24 | CVE-2024-21412 |
CVE |
Internet Shortcut Files Security Feature Bypass Vulnerability | |
| 10.4.24 | CVE-2024-29990 |
CVE |
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | |
| 10.4.24 | BatBadBut | Vulnerebility | Vulnerebility | BatBadBut: You can't securely execute commands on Windows |
| 10.4.24 | CVE-2024-24576 |
CVE |
Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. | |
| 9.4.24 | CVE-2023-6320 |
CVE |
vulnerability lets an attacker inject authenticated commands by manipulating the com.webos.service.connectionmanager/tv/setVlanStaticAddress API endpoint. | |
| 9.4.24 | CVE-2023-6319 |
CVE |
A third vulnerability allows operating system command injection by manipulating a library responsible with showing music lyrics. | |
| 9.4.24 | CVE-2023-6318 |
CVE |
Another vulnerability allows attackers to elevate the access they gained in the first step to root and fully take over the device | |
| 9.4.24 | CVE-2023-6317 |
CVE |
vulnerability that lets an attacker bypass the authorization mechanism in WebOS versions 4 through 7. By setting a variable, the attacker can add an extra user to the TV set | |
| 9.4.24 | CVE-2024-3273 |
CVE |
A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. | |
| 9.4.24 | CVE-2024-3272 |
CVE |
A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. | |
| 7.4.24 | CVE-2024-3273 |
CVE |
A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection | |
| 7.4.24 | CVE-2024-20720 |
CVE |
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction. | |
| 5.4.24 | CVE-2024-21893 |
CVE |
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | |
| 5.4.24 | CVE-2024-21887 |
CVE |
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | |
| 5.4.24 | CVE-2023-46805 |
CVE |
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | |
| 4.4.24 | CVE-2024-2758 |
CVE |
Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately. | |
| 4.4.24 | CVE-2024-27983 |
CVE |
||
| 4.4.24 | CVE-2024-28182 |
CVE |
nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. | |
| 4.4.24 | CVE-2023-45288 |
CVE |
||
| 4.4.24 | CVE-2024-30255 |
CVE |
||
| 4.4.24 | CVE-2024-27919 |
CVE |
Envoy is a cloud-native, open-source edge and service proxy. In versions 1.29.0 and 1.29.1, theEnvoy HTTP/2 protocol stack is vulnerable to the flood of CONTINUATION frames. Envoy's HTTP/2 codec does not reset a request when header map limits have been exceeded. | |
| 4.4.24 | CVE-2024-31309 |
CVE |
||
| 4.4.24 | CVE-2024-24549 |
CVE |
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue. | |
| 4.4.24 | CVE-2024-27316 |
CVE |
||
| 4.4.24 | CVE-2024-2653 |
CVE |
amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set END_HEADERS flag, resulting in an OOM crash. | |
| 4.4.24 | CVE-2024-22023 |
CVE |
SA:CVE-2024-21894 (Heap Overflow), CVE-2024-22052 (Null Pointer Dereference), CVE-2024-22053 (Heap Overflow) and CVE-2024-22023 (XML entity expansion or XXE) for Ivanti Connect Secure and Ivanti Policy Secure Gateways | |
| 4.4.24 | CVE-2024-22053 |
CVE |
(CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack or in certain conditions read contents from memory. | |
| 4.4.24 | CVE-2024-22052 |
CVE |
(CVSS score: 7.5) - A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack. | |
| 4.4.24 | CVE-2024-21894 |
CVE |
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code. | |
| 4.4.24 | CVE-2024-29748 |
CVE |
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
| 4.4.24 | CVE-2024-29745 |
CVE |
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level. | |
| 3.4.24 | CVE-2024-2879 |
CVE |
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | |
| 2.4.24 | CVE-2024-3094 |
CVE |
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. | |
| 30.3.24 | CVE-2024-3094 |
CVE |
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code | |
| 30.3.24 | CVE-2024-1086 |
CVE |
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. | |
| 30.3.24 | WallEscape |
CVE |
Unraveling WallEscape: A Linux Vulnerability Exposing User Passwords and Hijacking Clipboards | |
| 30.3.24 | CVE-2024-28085 |
CVE |
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) | |
| 28.3.24 | CVE-2023-29357 |
CVE |
Microsoft SharePoint Server Elevation of Privilege Vulnerability | |
| 28.3.24 | CVE-2023-24955 |
CVE |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |
| 28.3.24 | CVE-2024-21388 |
CVE |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |
| 28.3.24 | CVE-2024-21388 |
CVE |
“CVE-2024-21388”- Microsoft Edge’s Marketing API Exploited for Covert Extension Installation | |
| 28.3.24 | CVE-2023-48022 |
CVE |
Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment | |
| 26.3.24 | CVE-2023-48788 |
CVE |
(CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability | |
| 26.3.24 | CVE-2021-44529 |
CVE |
(CVSS score: 9.8) - Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability | |
| 26.3.24 | CVE-2019-7256 |
CVE |
(CVSS score: 10.0) - Nice Linear eMerge E3-Series OS Command Injection Vulnerability | |
| 22.3.24 | CVE-2023-46747 |
CVE |
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |
| 22.3.24 | CVE-2023-41724 |
CVE |
CVE-2023-41724 (Remote Code Execution) for Ivanti Standalone Sentry | |
| 22.3.24 | CVE-2024-1597 |
CVE |
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. | |
|
20.3.24 |
CVE |
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible |
||
|
18.3.24 |
CVE |
In FileCatalyst Direct 3.8.8 and earlier through 3.8.6, the web server does not properly sanitize illegal characters in a URL which is then displayed on a subsequent error page. A malicious actor could craft a URL which would then execute arbitrary code within an HTML script tag. |
||
|
18.3.24 |
CVE |
Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage. |
||
|
18.3.24 |
CVE |
A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells. |
||
|
18.3.24 |
CVE |
The Malware Scanner plugin and the Web Application Firewall plugin for WordPress (both by MiniOrange) are vulnerable to privilege escalation due to a missing capability check on the mo_wpns_init() function in all versions up to, and including, 4.7.2 (for Malware Scanner) and 2.1.1 (for Web Application Firewall). This makes it possible for unauthenticated attackers to escalate their privileges to that of an administrator. |
||
|
18.3.24 |
CVE |
Microsoft Outlook Elevation of Privilege Vulnerability |
||
| 16.3.24 | GHOSTRACE | Vulnerebility | CPU | GhostRace (CVE-2024-2193) is a new attack combining speculative execution and race conditions, two very challenging class of attacks. |
| 16.3.24 | CVE-2024-2193 |
CVE |
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. | |
| 14.3.24 | CVE-2023-5528 |
CVE |
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes. | |
| 14.3.24 | CVE-2024-0778 |
CVE |
A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort leads to os command injection. The exploit has been disclosed to the public and may be used. | |
| 14.3.24 | CVE-2024-21412 |
CVE |
CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign | |
| 14.3.24 | CVE-2023-48788 |
CVE |
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. | |
| 13.3.24 | CVE-2024-21407 |
CVE |
Windows Hyper-V Remote Code Execution Vulnerability | |
| 13.3.24 | CVE-2024-21408 |
CVE |
Windows Hyper-V Denial of Service Vulnerability | |
| 13.3.24 | CVE-2024-21400 |
CVE |
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | |
| 13.3.24 | CVE-2024-26170 |
CVE |
Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability | |
| 13.3.24 | CVE-2024-21433 |
CVE |
Windows Print Spooler Elevation of Privilege Vulnerability | |
| 13.3.24 | CVE-2024-26198 |
CVE |
Microsoft Exchange Server Remote Code Execution Vulnerability | |
| 13.3.24 | CVE-2024-21334 |
CVE |
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability | |
| 12.3.24 | CVE-2024-1071 |
CVE |
||
| 12.3.24 | CVE-2024-1468 |
CVE |
The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |
| 11.3.24 | CVE-2023-42793 |
CVE |
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |
| 11.3.24 | CVE-2024-27198 |
CVE |
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | |
| 11.3.24 | CVE-2024-1403 |
CVE |
In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. | |
| 8.3.24 | CVE-2024-20338 |
CVE |
A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. | |
| 8.3.24 | CVE-2024-20337 |
CVE |
A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. | |
| 8.3.24 | CVE-2024-20338 |
CVE |
A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. | |
| 8.3.24 | CVE-2024-20337 |
CVE |
A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. | |
| 8.3.24 | CVE-2024-27199 |
CVE |
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible | |
| 8.3.24 | CVE-2024-27198 |
CVE |
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | |
| 6.3.24 | CVE-2024-22255 |
CVE |
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process. | |
| 6.3.24 | CVE-2024-22254 |
CVE |
VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox. | |
| 6.3.24 | CVE-2024-22253 |
CVE |
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | |
| 6.3.24 | CVE-2024-22252 |
CVE |
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | |
| 6.3.24 | CVE-2024-23296 |
CVE |
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. | |
| 6.3.24 | CVE-2024-23225 |
CVE |
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. | |
| 6.3.24 | CVE-2024-1709 |
CVE |
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems. | |
| 6.3.24 | CVE-2024-1708 |
CVE |
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems. | |
| 5.3.24 | CVE-2024-23917 |
CVE |
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | |
| 5.3.24 | CVE-2024-27199 |
CVE |
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible | |
| 5.3.24 | CVE-2024-27198 |
CVE |
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | |
| 2.3.24 | CVE-2019-3568 |
CVE |
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. | |
| 2.3.24 | CVE-2023-46805 |
CVE |
(CVSS score: 8.2) - Authentication bypass vulnerability in web component | |
| 2.3.24 | CVE-2024-21887 |
CVE |
(CVSS score: 9.1) - Command injection vulnerability in web component | |
| 2.3.24 | CVE-2024-21888 |
CVE |
(CVSS score: 8.8) - Privilege escalation vulnerability in web component | |
| 2.3.24 | CVE-2024-21893 |
CVE |
(CVSS score: 8.2) - SSRF vulnerability in the SAML component | |
| 2.3.24 | CVE-2024-22024 |
CVE |
(CVSS score: 8.3) - XXE vulnerability in the SAML component | |
| 2.3.24 | CVE-2024-21338 |
CVE |
Windows Kernel Elevation of Privilege Vulnerability NewRecently updated | |
| 1.3.24 | CVE-2024-21887 |
CVE |
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | |
| 1.3.24 | CVE-2024-21893 |
CVE |
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | |
|
28.2.24 |
CVE |
Microsoft Outlook Elevation of Privilege Vulnerability |
||
|
28.2.24 |
CVE |
4 Million WordPress Sites affected by Stored Cross-Site Scripting Vulnerability in LiteSpeed Cache Plugin |
||
|
28.2.24 |
CVE |
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures. |
||
|
27.2.24 |
CVE |
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. |
||
|
27.2.24 |
CVE |
The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild. |
||
| 23.2.24 | CVE-2024-23204 | Vulnerebility | CVE | The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user. |
| 22.2.24 | CVE-2023-52161 | Vulnerebility | CVE | The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key. |
| 22.2.24 | CVE-2023-52160 | Vulnerebility | CVE | The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. |
| 21.2.24 | CVE-2024-22250 | Vulnerebility | CVE | Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a malicious actor with unprivileged local access to a windows operating system can hijack a privileged EAP session when initiated by a privileged domain user on the same system. |
| 21.2.24 | CVE-2024-22245 | Vulnerebility | CVE | Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in (EAP) could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary Active Directory Service Principal Names (SPNs). |
| 21.2.24 | CVE-2024-25600 | Vulnerebility | CVE | CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6. |
| 17.2.24 | FLATLINED | Vulnerebility | CVE | FLATLINED: ANALYZING PULSE SECURE FIRMWARE AND BYPASSING INTEGRITY CHECKING |
| 17.2.24 | CVE-2024-21412 |
CVE |
Internet Shortcut Files Security Feature Bypass Vulnerability | |
| 17.2.24 | CVE-2024-20684 |
CVE |
(CVSS score: 6.5) - Windows Hyper-V Denial of Service Vulnerability | |
| 17.2.24 | CVE-2024-21357 |
CVE |
(CVSS score: 7.5) - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |
| 17.2.24 | CVE-2024-21380 |
CVE |
(CVSS score: 8.0) - Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability | |
| 17.2.24 | CVE-2024-21410 |
CVE |
(CVSS score: 9.8) - Microsoft Exchange Server Elevation of Privilege Vulnerability | |
| 17.2.24 | CVE-2024-21413 |
CVE |
(CVSS score: 9.8) - Microsoft Outlook Remote Code Execution Vulnerability | |
| 17.2.24 | CVE-2024-21412 |
CVE |
(CVSS score: 8.1) - Internet Shortcut Files Security Feature Bypass Vulnerability | |
| 17.2.24 | CVE-2024-21351 |
CVE |
(CVSS score: 7.6) - Windows SmartScreen Security Feature Bypass Vulnerability | |
| 17.2.24 | CVE-2024-21893 |
CVE |
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | |
| 17.2.24 | CVE-2023-43770 |
CVE |
Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior. | |
|
17.2.24 |
CVE |
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. |
||
|
9.2.24 |
CVE |
FortiOS - Out-of-bound Write in sslvpnd |
||
|
9.2.24 |
CVE |
CVE-2024-22024 (XXE) for Ivanti Connect Secure and Ivanti Policy Secure |
||
|
8.2.24 |
CVE |
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account. |
||
|
8.2.24 |
CVE |
Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information. |
||
|
8.2.24 |
CVE |
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access. |
||
|
8.2.24 |
CVE |
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization. |
||
|
8.2.24 |
CVE |
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system. |
||
|
8.2.24 |
CVE |
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. |
||
|
8.2.24 |
CVE |
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. |
||
|
8.2.24 |
CVE |
A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. |
||
|
8.2.24 |
CVE |
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks that perform arbitrary actions on an affected device. |
||
|
8.2.24 |
CVE |
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks that perform arbitrary actions on an affected device. |
||
|
7.2.24 |
CVE |
(CVSS score: 5.3) - Out-of-bounds read when printing error messages, resulting in a denial-of-service (DoS) condition |
||
|
7.2.24 |
CVE |
(CVSS score: 7.4) - Buffer overflow in shim when compiled for 32-bit processors that can lead to a crash or data integrity issues during the boot phase |
||
|
7.2.24 |
CVE |
(CVSS score: 5.5) - Out-of-bounds read in the authenticode function that could permit an attacker to trigger a DoS by providing a malformed binary |
||
|
7.2.24 |
CVE |
(CVSS score: 5.5) - Out-of-bounds read when validating Secure Boot Advanced Targeting (SBAT) information that could result in information disclosure |
||
|
7.2.24 |
CVE |
(CVSS score: 7.1) - Out-of-bounds read when parsing MZ binaries, leading to a crash or possible exposure of sensitive data |
||
|
7.2.24 |
CVE |
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. |
||
|
7.2.24 |
CVE |
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible |
||
|
6.2.24 |
CVE |
(CVSS score: 7.2) - Azure HDInsight Apache Ambari Java Database Connectivity (JDBC) Injection Elevation of Privilege Vulnerability |
||
|
6.2.24 |
CVE |
(CVSS score: 8.8) - Azure HDInsight Apache Oozie Workflow Scheduler XML External Entity (XXE) Injection Elevation of Privilege Vulnerability |
||
|
6.2.24 |
CVE |
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. |
||
|
6.2.24 |
CVE |
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. |
||
|
5.2.24 |
CVE |
Windows SmartScreen Security Feature Bypass Vulnerability |
||
| 3.2.24 | CVE-2024-23832 | Vulnerebility | CVE | Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. |
|
3.2.24 |
CVE-2023-23397 |
CVE |
Microsoft Outlook Elevation of Privilege Vulnerability | |
|
2.2.24 |
CVE-2024-23222 |
CVE |
A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. | |
|
2.2.24 |
CVE-2022-48618 |
CVE |
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. | |
|
1.2.24 |
CVE-2024-23653 |
CVE |
'Leaky Vessels' Cloud Bugs Allow Container Escapes Globally | |
| 1.2.24 | CVE-2024-23652 |
CVE |
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. | |
|
1.2.24 |
CVE-2024-23651 |
CVE |
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. | |
| 1.2.24 | CVE-2024-21626 |
CVE |
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. | |
|
1.2.24 |
CVE-2024-21893 |
CVE |
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | |
|
1.2.24 |
CVE-2024-21888 |
CVE |
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator. | |
|
1.2.24 |
CVE-2024-21887 |
CVE |
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | |
| 1.2.24 | CVE-2023-46805 |
CVE |
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | |
|
1.2.24 |
CVE-2023-4911 |
CVE |
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. | |
| 1.2.24 | CVE-2023-6780 |
CVE |
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. | |
| 1.2.24 | CVE-2023-6779 |
CVE |
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. | |
|
1.2.24 |
CVE-2023-6246 |
CVE |
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions | |
|
31.1.24 |
CVE-2024-0402 |
CVE |
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace. | |
|
30.1.24 |
CVE-2024-21619 |
CVE |
(CVSS score: 5.3) - A missing authentication vulnerability that could lead to exposure of sensitive configuration information | |
|
30.1.24 |
CVE-2024-21620 |
CVE |
(CVSS score: 8.8) - A cross-site scripting (XSS) vulnerability that could lead to the execution of arbitrary commands with the target's permissions by means of a specially crafted request | |
|
30.1.24 |
CVE-2023-35636 |
CVE |
Microsoft Outlook Information Disclosure Vulnerability | |
|
29.1.24 |
CVE-2024-23897 |
CVE |
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. | |
|
29.1.24 |
CVE-2024-20253 |
CVE |
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | |
|
29.1.24 |
CVE-2024-23222 |
CVE |
A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. | |
|
29.1.24 |
CVE-2023-22527 |
CVE |
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. | |
| 21.1.24 | CVE-2023-20867 |
CVE |
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. | |
| 21.1.24 | CVE-2023-34048 |
CVE |
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. | |
|
19.1.24 |
CVE |
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication. |
||
|
19.1.24 |
CVE |
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. |
||
|
19.1.24 |
CVE-2023-45229 |
CVE |
(CVSS score: 6.5) - Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message | |
|
19.1.24 |
CVE-2023-45230 |
CVE |
(CVSS score: 8.3) - Buffer overflow in the DHCPv6 client
via a long Server ID option CVE-2023-45231 ( |
|
|
19.1.24 |
CVE-2023-45231 |
CVE |
(CVSS score: 6.5) - Out-of-bounds read when handling a ND Redirect message with truncated options | |
|
19.1.24 |
CVE-2023-45232 |
CVE |
(CVSS score: 7.5) - Infinite loop when parsing unknown options in the Destination Options header | |
|
19.1.24 |
CVE-2023-45233 |
CVE |
(CVSS score: 7.5) - Infinite loop when parsing a PadN option in the Destination Options header | |
|
19.1.24 |
CVE-2023-45234 |
CVE |
(CVSS score: 8.3) - Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message | |
|
19.1.24 |
CVE-2023-45235 |
CVE |
(CVSS score: 8.3) - Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message | |
|
19.1.24 |
CVE-2023-45236 |
CVE |
(CVSS score: 5.8) - Predictable TCP Initial Sequence Numbers | |
|
19.1.24 |
CVE-2023-45237 |
CVE |
(CVSS score: 5.3) - Use of a weak pseudorandom number generator | |
|
18.1.24 |
Android-based PAX POS |
CVE |
Banking companies worldwide are finally shifting away from custom-made Point of Sale (POS) devices towards the wildly adopted and battle-tested Android operating system. | |
|
18.1.24 |
CVE-2017-9841 |
CVE |
(PHP Unit Command) | |
|
18.1.24 |
CVE-2021-41773 |
CVE |
(Apache HTTP Server versions), and | |
|
18.1.24 |
CVE-2018-15133 |
CVE |
(Laravel applications) | |
|
18.1.24 |
CVE-2024-0507 |
CVE |
An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. | |
|
18.1.24 |
CVE-2024-0200 |
CVE |
An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. | |
|
17.1.24 |
CVE-2023-22527 |
CVE |
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. | |
|
17.1.24 |
CVE-2023-34063 |
CVE |
VMware Aria Automation (formerly vRealize Automation) updates address a Missing Access Control vulnerability (CVE-2023-34063) | |
|
17.1.24 |
CVE-2023-4966 |
CVE |
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. | |
|
17.1.24 |
CVE-2023-3519 |
CVE |
Unauthenticated remote code execution | |
|
17.1.24 |
CVE-2023-6549 |
CVE |
(CVSS score: 8.2) - Denial-of-service (requires that the appliance be configured as a Gateway or authorization and accounting, or AAA, virtual server) | |
|
17.1.24 |
CVE-2023-6548 |
CVE |
(CVSS score: 5.5) - Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management interface access) |
|
|
17.1.24 |
CVE-2024-0519 |
CVE |
Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. | |
|
17.1.24 |
CVE-2022-22274 |
CVE |
(CVSS score: 9.4) - A stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote, unauthenticated attacker to cause DoS or potentially result in code execution in the firewall. | |
|
17.1.24 |
CVE-2023-0656 |
CVE |
(CVSS score: 7.5) - A stack-based buffer overflow vulnerability in the SonicOS allows a remote, unauthenticated attacker to cause DoS, which could result in a crash. | |
|
16.1.24 |
CVE-2023-36025 |
CVE |
Windows SmartScreen Security Feature Bypass Vulnerability | |
|
15.1.24 |
CVE-2023-49722 |
CVE |
(CVSS score: 8.3), the high-severity vulnerability was addressed by Bosch in November 2023. | |
|
14.1.24 |
CVE-2023-28771 |
CVE |
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. | |
|
13.1.24 |
CVE-2024-21611 |
CVE |
A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). | |
|
13.1.24 |
CVE-2024-21591 |
CVE |
An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. | |
|
12.1.24 |
CVE-2023-24955 |
CVE |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |
|
12.1.24 |
CVE-2023-29357 |
CVE |
Microsoft SharePoint Server Elevation of Privilege Vulnerability | |
|
12.1.24 |
CVE-2023-51467 |
CVE |
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code | |
|
12.1.24 |
CVE-2023-49070 |
CVE |
Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10 | |
|
12.1.24 |
CVE-2023-51467 |
CVE |
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code | |
|
11.1.24 |
CVE-2023-46805 |
CVE |
(CVSS score: 8.2) - An authentication bypass vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | |
|
11.1.24 |
CVE-2024-21887 |
CVE |
(CVSS score: 9.1) - A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | |
|
11.1.24 |
CVE-2024-20287 |
CVE |
A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio Access Point (AP) with Single Point Setup could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | |
|
11.1.24 |
CVE-2024-20272 |
CVE |
This vulnerability is due to a lack of authentication in a specific API and improper validation of user-supplied data. | |
|
10.1.24 |
CVE |
Microsoft Office Remote Code Execution Vulnerability |
||
|
10.1.24 |
CVE |
(CVSS score: 8.7), a security bypass affecting System.Data.SqlClient and Microsoft.Data.SqlClient. |
||
|
10.1.24 |
CVE |
(CVSS score: 7.8), a privilege escalation flaw impacting the Common Log File System (CLFS) driver |
||
|
10.1.24 |
CVE |
(CVSS score: 9.0) - Windows Kerberos Security Feature Bypass Vulnerability |
||
|
10.1.24 |
CVE |
(CVSS score: 7.5) - Windows Hyper-V Remote Code Execution Vulnerability |
||
|
10.1.24 |
CVE |
(CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution. |
||
|
10.1.24 |
CVE |
(CVSS score: 5.3) - Joomla! Improper Access Control Vulnerability |
||
|
10.1.24 |
CVE |
(CVSS score: 9.8) - D-Link DSL-2750B Devices Command Injection Vulnerability |
||
|
10.1.24 |
CVE |
(CVSS score: 7.8) - Apple Multiple Products Code Execution Vulnerability |
||
|
10.1.24 |
CVE |
(CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability |
||
|
10.1.24 |
CVE |
(CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability |
||
|
9.1.24 |
CVE-2023-47559 |
CVE |
A cross-site scripting (XSS) vulnerability in QuMagie that could allow authenticated users to inject malicious code via a network (Addressed in QuMagie 2.2.1 and later) | |
|
9.1.24 |
CVE-2023-47560 |
CVE |
An operating system command injection vulnerability in QuMagie that could allow authenticated users to execute commands via a network (Addressed in QuMagie 2.2.1 and later) | |
|
9.1.24 |
CVE-2023-41287 |
CVE |
An SQL injection vulnerability in Video Station that could allow users to inject malicious code via a network (Addressed in Video Station 5.7.2 and later) | |
|
9.1.24 |
CVE-2023-41288 |
CVE |
An operating system command injection vulnerability in Video Station that could allow users to execute commands via a network (Addressed in Video Station 5.7.2 and later) | |
|
9.1.24 |
CVE-2022-43634 |
CVE |
An unauthenticated remote code execution vulnerability in Netatalk that could allow attackers to execute arbitrary code (Addressed in QTS 5.1.3.2578 build 20231110 and QuTS hero h5.1.3.2578 build 20231110) | |
|
5.1.24 |
CVE-2023-39336 |
CVE |
Win32k Elevation of Privilege Vulnerability | |
|
1.1.24 |
CVE |
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets...Terrapin |