Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-47171 | 2024-01-10 | N/A | N/A | ||
| An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read. | |||||
| CVE-2024-0217 | 2 Packagekit Project, Redhat | 2 Packagekit, Enterprise Linux | 2024-01-10 | N/A | 3.3 LOW |
| A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost. | |||||
| CVE-2023-46742 | 1 Linuxfoundation | 1 Cubefs | 2024-01-10 | N/A | 6.5 MEDIUM |
| CubeFS is an open-source cloud-native file storage system. CubeFS prior to version 3.3.1 was found to leak users secret keys and access keys in the logs in multiple components. When CubeCS creates new users, it leaks the users secret key. This could allow a lower-privileged user with access to the logs to retrieve sensitive information and impersonate other users with higher privileges than themselves. The issue has been patched in v3.3.1. There is no other mitigation than upgrading CubeFS. | |||||
| CVE-2023-46740 | 1 Linuxfoundation | 1 Cubefs | 2024-01-10 | N/A | 9.8 CRITICAL |
| CubeFS is an open-source cloud-native file storage system. Prior to version 3.3.1, CubeFS used an insecure random string generator to generate user-specific, sensitive keys used to authenticate users in a CubeFS deployment. This could allow an attacker to predict and/or guess the generated string and impersonate a user thereby obtaining higher privileges. When CubeFS creates new users, it creates a piece of sensitive information for the user called the “accessKey”. To create the "accesKey", CubeFS uses an insecure string generator which makes it easy to guess and thereby impersonate the created user. An attacker could leverage the predictable random string generator and guess a users access key and impersonate the user to obtain higher privileges. The issue has been fixed in v3.3.1. There is no other mitigation than to upgrade. | |||||
| CVE-2021-36832 | 1 Icegram | 1 Icegram Engage | 2024-01-10 | 3.5 LOW | 5.4 MEDIUM |
| WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram (versions <= 2.0.2) vulnerable at "Headline" (&message_data[16][headline]) input. | |||||
| CVE-2016-10963 | 1 Icegram | 1 Icegram Engage | 2024-01-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| The icegram plugin before 1.9.19 for WordPress has XSS. | |||||
| CVE-2016-10962 | 1 Icegram | 1 Icegram Engage | 2024-01-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter. | |||||
| CVE-2019-15830 | 1 Icegram | 1 Icegram Engage | 2024-01-10 | 3.5 LOW | 5.4 MEDIUM |
| The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. | |||||
| CVE-2023-40610 | 1 Apache | 1 Superset | 2024-01-10 | N/A | 8.8 HIGH |
| Improper authorization check and possible privilege escalation on Apache Superset up to but excluding 2.1.2. Using the default examples database connection that allows access to both the examples schema and Apache Superset's metadata database, an attacker using a specially crafted CTE SQL statement could change data on the metadata database. This weakness could result on tampering with the authentication/authorization data. | |||||
| CVE-2023-46739 | 1 Linuxfoundation | 1 Cubefs | 2024-01-10 | N/A | 5.9 MEDIUM |
| CubeFS is an open-source cloud-native file storage system. A vulnerability was found during in the CubeFS master component in versions prior to 3.3.1 that could allow an untrusted attacker to steal user passwords by carrying out a timing attack. The root case of the vulnerability was that CubeFS used raw string comparison of passwords. The vulnerable part of CubeFS was the UserService of the master component. The UserService gets instantiated when starting the server of the master component. The issue has been patched in v3.3.1. For impacted users, there is no other way to mitigate the issue besides upgrading. | |||||
| CVE-2023-6944 | 2 Linuxfoundation, Redhat | 2 Backstage, Red Hat Developer Hub | 2024-01-10 | N/A | 5.7 MEDIUM |
| A flaw was found in the Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gaining access to this token and depending on permissions, an attacker could push malicious code to repositories, delete resources in Git, revoke or generate new keys, and sign code illegitimately. | |||||
| CVE-2021-40367 | 1 Siemens-healthineers | 1 Syngo Fastview | 2024-01-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing DICOM files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15097) | |||||
| CVE-2021-45465 | 1 Siemens-healthineers | 1 Syngo Fastview | 2024-01-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing BMP files. This could result in a write-what-where condition and an attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15696) | |||||
| CVE-2021-42028 | 1 Siemens-healthineers | 1 Syngo Fastview | 2024-01-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing BMP files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14860) | |||||
| CVE-2023-51970 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. | |||||
| CVE-2023-51969 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function getIptvInfo. | |||||
| CVE-2023-51968 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function getIptvInfo. | |||||
| CVE-2023-51967 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function getIptvInfo. | |||||
| CVE-2023-51962 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo. | |||||
| CVE-2023-45139 | 2024-01-10 | N/A | N/A | ||
| fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection (XXE) vulnerability which allows an attacker to resolve arbitrary entities when a candidate font (OT-SVG fonts), which contains a SVG table, is parsed. This allows attackers to include arbitrary files from the filesystem fontTools is running on or make web requests from the host system. This vulnerability has been patched in version 4.43.0. | |||||
| CVE-2023-41056 | 2024-01-10 | N/A | N/A | ||
| Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4. | |||||
| CVE-2023-6158 | 2024-01-10 | N/A | N/A | ||
| The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the evo_eventpost_update_meta function in all versions up to, and including, 4.5.4 (for Pro) and 2.2.7 (for free). This makes it possible for unauthenticated attackers to update and remove arbitrary post metadata. Note that certain parameters may allow for content injection. | |||||
| CVE-2023-51965 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo. | |||||
| CVE-2023-51964 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo. | |||||
| CVE-2023-51963 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo. | |||||
| CVE-2023-51960 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv. | |||||
| CVE-2023-51959 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv. | |||||
| CVE-2023-51958 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv. | |||||
| CVE-2023-51957 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv. | |||||
| CVE-2023-51956 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv | |||||
| CVE-2023-51955 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv. | |||||
| CVE-2023-51954 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv. | |||||
| CVE-2023-51953 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. | |||||
| CVE-2023-51952 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv. | |||||
| CVE-2024-0389 | 2024-01-10 | N/A | N/A | ||
| A vulnerability, which was classified as critical, was found in SourceCodester Student Attendance System 1.0. Affected is an unknown function of the file attendance_report.php. The manipulation of the argument class_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250230 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-51966 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo. | |||||
| CVE-2023-51961 | 2024-01-10 | N/A | N/A | ||
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv. | |||||
| CVE-2023-45039 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-46738 | 1 Linuxfoundation | 1 Cubefs | 2024-01-10 | N/A | 6.5 MEDIUM |
| CubeFS is an open-source cloud-native file storage system. A security vulnerability was found in CubeFS HandlerNode in versions prior to 3.3.1 that could allow authenticated users to send maliciously-crafted requests that would crash the ObjectNode and deny other users from using it. The root cause was improper handling of incoming HTTP requests that could allow an attacker to control the ammount of memory that the ObjectNode would allocate. A malicious request could make the ObjectNode allocate more memory that the machine had available, and the attacker could exhaust memory by way of a single malicious request. An attacker would need to be authenticated in order to invoke the vulnerable code with their malicious request and have permissions to delete objects. In addition, the attacker would need to know the names of existing buckets of the CubeFS deployment - otherwise the request would be rejected before it reached the vulnerable code. As such, the most likely attacker is an inside user or an attacker that has breached the account of an existing user in the cluster. The issue has been patched in v3.3.1. There is no other mitigation besides upgrading. | |||||
| CVE-2023-52137 | 1 Tj-actions | 1 Verify-changed-files | 2024-01-10 | N/A | 8.8 HIGH |
| The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/verify-changed-files) action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The [`verify-changed-files`](https://github.com/tj-actions/verify-changed-files) workflow returns the list of files changed within a workflow execution. This could potentially allow filenames that contain special characters such as `;` which can be used by an attacker to take over the [GitHub Runner](https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners) if the output value is used in a raw fashion (thus being directly replaced before execution) inside a `run` block. By running custom commands, an attacker may be able to steal secrets such as `GITHUB_TOKEN` if triggered on other events than `pull_request`. This has been patched in versions [17](https://github.com/tj-actions/verify-changed-files/releases/tag/v17) and [17.0.0](https://github.com/tj-actions/verify-changed-files/releases/tag/v17.0.0) by enabling `safe_output` by default and returning filename paths escaping special characters for bash environments. | |||||
| CVE-2023-41289 | 1 Qnap | 1 Qcalagent | 2024-01-10 | N/A | 8.8 HIGH |
| An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QcalAgent 1.1.8 and later | |||||
| CVE-2023-41288 | 1 Qnap | 1 Video Station | 2024-01-10 | N/A | 8.8 HIGH |
| An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later | |||||
| CVE-2023-41287 | 1 Qnap | 1 Video Station | 2024-01-10 | N/A | 8.8 HIGH |
| A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later | |||||
| CVE-2023-45042 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-45041 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-45040 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-45044 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-45043 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-47219 | 1 Qnap | 1 Qumagie | 2024-01-10 | N/A | 8.8 HIGH |
| A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later | |||||
| CVE-2023-6733 | 1 Wp-members Project | 1 Wp-members | 2024-01-10 | N/A | 6.5 MEDIUM |
| The WP-Members Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.8 via the wpmem_field shortcode. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data including user emails, password hashes, usernames, and more. | |||||