Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6498 | 1 Really-simple-plugins | 1 Complianz | 2024-01-10 | N/A | 4.8 MEDIUM |
| The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 6.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | |||||
| CVE-2023-6986 | 1 Wpdeveloper | 1 Embedpress | 2024-01-10 | N/A | 5.4 MEDIUM |
| The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's embed_oembed_html shortcode in all versions up to 3.9.5 (exclusive) due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2023-29962 | 1 S-cms | 1 S-cms | 2024-01-10 | N/A | 6.5 MEDIUM |
| S-CMS v5.0 was discovered to contain an arbitrary file read vulnerability. | |||||
| CVE-2023-6738 | 1 Pagelayer | 1 Pagelayer | 2024-01-10 | N/A | 5.4 MEDIUM |
| The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pagelayer_header_code', 'pagelayer_body_open_code', and 'pagelayer_footer_code' meta fields in all versions up to, and including, 1.7.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This appears to be a reintroduction of a vulnerability patched in version 1.7.7. | |||||
| CVE-2023-46741 | 1 Linuxfoundation | 1 Cubefs | 2024-01-10 | N/A | 9.8 CRITICAL |
| CubeFS is an open-source cloud-native file storage system. A vulnerability was found in CubeFS prior to version 3.3.1 that could allow users to read sensitive data from the logs which could allow them escalate privileges. CubeFS leaks configuration keys in plaintext format in the logs. These keys could allow anyone to carry out operations on blobs that they otherwise do not have permissions for. For example, an attacker that has succesfully retrieved a secret key from the logs can delete blogs from the blob store. The attacker can either be an internal user with limited privileges to read the log, or they can be an external user who has escalated privileges sufficiently to access the logs. The vulnerability has been patched in v3.3.1. There is no other mitigation than upgrading. | |||||
| CVE-2023-6747 | 1 Fooplugins | 1 Foogallery | 2024-01-10 | N/A | 5.4 MEDIUM |
| The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2023-50082 | 1 Pbootcms | 1 Pbootcms | 2024-01-10 | N/A | 7.5 HIGH |
| Aoyun Technology pbootcms V3.1.2 is vulnerable to Incorrect Access Control, allows remote attackers to gain sensitive information via session leakage allows a user to avoid logging into the backend management platform. | |||||
| CVE-2023-41784 | 1 Zte | 2 Red Magic 8 Pro, Red Magic 8 Pro Firmware | 2024-01-10 | N/A | 5.5 MEDIUM |
| Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro | |||||
| CVE-2023-52322 | 1 Spip | 1 Spip | 2024-01-10 | N/A | 6.1 MEDIUM |
| ecrire/public/assembler.php in SPIP before 4.1.3 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics. | |||||
| CVE-2023-50630 | 1 Teamwork Management System Project | 1 Teamwork Management System | 2024-01-10 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in xiweicheng TMS v.2.28.0 allows a remote attacker to execute arbitrary code via a crafted script to the click here function. | |||||
| CVE-2022-2081 | 1 Hitachienergy | 8 Rtu520, Rtu520 Firmware, Rtu530 and 5 more | 2024-01-10 | N/A | 7.5 HIGH |
| A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function. | |||||
| CVE-2024-21634 | 1 Amazon | 1 Ion | 2024-01-10 | N/A | 7.5 HIGH |
| Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in `ion-java` for applications that use `ion-java` to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the `IonValue` model and then invoke certain `IonValue` methods on that in-memory representation. An actor could craft Ion data that, when loaded by the affected application and/or processed using the `IonValue` model, results in a `StackOverflowError` originating from the `ion-java` library. The patch is included in `ion-java` 1.10.5. As a workaround, do not load data which originated from an untrusted source or that could have been tampered with. | |||||
| CVE-2023-5138 | 1 Silabs | 1 Gecko Software Development Kit | 2024-01-10 | N/A | 6.8 MEDIUM |
| Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B. | |||||
| CVE-2022-3864 | 1 Hitachienergy | 6 Relion 650, Relion 650 Firmware, Relion 670 and 3 more | 2024-01-10 | N/A | 4.5 MEDIUM |
| A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation. An attacker could exploit the vulnerability by first gaining access to the system with security privileges and attempt to update the IED with a malicious update package. Successful exploitation of this vulnerability will cause the IED to restart, causing a temporary Denial of Service. | |||||
| CVE-2023-28388 | 1 Intel | 1 Chipset Device Software | 2024-01-10 | N/A | 7.8 HIGH |
| Uncontrolled search path element in some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-6746 | 1 Github | 1 Enterprise Server | 2024-01-10 | N/A | 5.7 MEDIUM |
| An insertion of sensitive information into log file vulnerability was identified in the log files for a GitHub Enterprise Server back-end service that could permit an `adversary in the middle attack` when combined with other phishing techniques. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | |||||
| CVE-2024-20802 | 1 Samsung | 1 Dex | 2024-01-10 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment. | |||||
| CVE-2023-6918 | 3 Fedoraproject, Libssh, Redhat | 3 Fedora, Libssh, Enterprise Linux | 2024-01-10 | N/A | 5.3 MEDIUM |
| A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection. | |||||
| CVE-2023-7044 | 1 Wpdeveloper | 1 Essential Addons For Elementor | 2024-01-10 | N/A | 5.4 MEDIUM |
| The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom ID in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access and higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2024-20803 | 1 Samsung | 1 Android | 2024-01-10 | N/A | 6.5 MEDIUM |
| Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction. | |||||
| CVE-2024-20804 | 1 Samsung | 2 Android, Myfiles | 2024-01-10 | N/A | 5.5 MEDIUM |
| Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file. | |||||
| CVE-2024-20806 | 1 Samsung | 1 Android | 2024-01-10 | N/A | 5.5 MEDIUM |
| Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data. | |||||
| CVE-2023-6270 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-01-10 | N/A | 7.0 HIGH |
| A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. | |||||
| CVE-2023-51154 | 1 Jizhicms | 1 Jizhicms | 2024-01-10 | N/A | 9.8 CRITICAL |
| Jizhicms v2.5 was discovered to contain an arbitrary file download vulnerability via the component /admin/c/PluginsController.php. | |||||
| CVE-2023-51812 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-01-10 | N/A | 9.8 CRITICAL |
| Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList. | |||||
| CVE-2024-21636 | 1 Viewcomponent | 1 View Component | 2024-01-10 | N/A | 6.1 MEDIUM |
| view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. Versions prior to 3.9.0 and 2.83.0 have a cross-site scripting vulnerability that has the potential to impact anyone rendering a component directly from a controller with the view_component gem. Note that only components that define a `#call` method (i.e. instead of using a sidecar template) are affected. The return value of the `#call` method is not sanitized and can include user-defined content. In addition, the return value of the `#output_postamble` methodis not sanitized, which can also lead to cross-site scripting issues. Versions 3.9.0 and 2.83.0 have been released and fully mitigate both the `#call` and the `#output_postamble` vulnerabilities. As a workaround, sanitize the return value of `#call`. | |||||
| CVE-2024-20805 | 1 Samsung | 2 Android, Myfiles | 2024-01-10 | N/A | 5.5 MEDIUM |
| Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file. | |||||
| CVE-2024-20807 | 1 Samsung | 1 Email | 2024-01-10 | N/A | 3.3 LOW |
| Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows attacker to get sensitive information. | |||||
| CVE-2023-5455 | 2024-01-10 | N/A | N/A | ||
| A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt. | |||||
| CVE-2023-49619 | 2024-01-10 | N/A | N/A | ||
| Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarked once. However, repeat submissions through the script can increase the number of collection of the question many times. Users are recommended to upgrade to version [1.2.1], which fixes the issue. | |||||
| CVE-2024-22368 | 2024-01-10 | N/A | N/A | ||
| The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells. | |||||
| CVE-2023-5367 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Enterprise Linux and 2 more | 2024-01-10 | N/A | 7.8 HIGH |
| A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. | |||||
| CVE-2023-5633 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-01-10 | N/A | 7.8 HIGH |
| The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. | |||||
| CVE-2023-3019 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2024-01-10 | N/A | 6.5 MEDIUM |
| A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. | |||||
| CVE-2024-0241 | 1 Diaconou | 1 Encodedid\ | 2024-01-10 | N/A | 7.5 HIGH |
| encoded_id-rails versions before 1.0.0.beta2 are affected by an uncontrolled resource consumption vulnerability. A remote and unauthenticated attacker might cause a denial of service condition by sending an HTTP request with an extremely long "id" parameter. | |||||
| CVE-2023-6493 | 1 Averta | 1 Depicter Slider | 2024-01-10 | N/A | 4.3 MEDIUM |
| The Depicter Slider – Responsive Image Slider, Video Slider & Post Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the 'save' function. This makes it possible for unauthenticated attackers to modify the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVE-2023-51491 appears to be a duplicate of this issue. | |||||
| CVE-2024-22050 | 1 Boazsegev | 1 Iodine | 2024-01-10 | N/A | 7.5 HIGH |
| Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs. | |||||
| CVE-2024-22075 | 1 Firefly-iii | 1 Firefly Iii | 2024-01-10 | N/A | 6.1 MEDIUM |
| Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection. | |||||
| CVE-2024-20808 | 1 Samsung | 1 Nearby Device Scanning | 2024-01-10 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Nearby device scanning prior version 11.1.14.7 allows local attacker to access data. | |||||
| CVE-2023-45559 | 1 Linecorp | 1 Line | 2024-01-10 | N/A | 8.2 HIGH |
| An issue in Tamaki_hamanoki Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token. | |||||
| CVE-2024-20809 | 1 Samsung | 1 Nearby Device Scanning | 2024-01-10 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Nearby device scanning prior version 11.1.14.7 allows local attacker to access data. | |||||
| CVE-2023-50921 | 1 Gl-inet | 24 Gl-a1300, Gl-a1300 Firmware, Gl-ar300m and 21 more | 2024-01-10 | N/A | 9.8 CRITICAL |
| An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the add_user interface in the system module to gain root privileges. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7. | |||||
| CVE-2024-0395 | 2024-01-10 | N/A | N/A | ||
| Rejected reason: NON Security Issue. | |||||
| CVE-2023-31606 | 1 Promptworks | 1 Redcloth | 2024-01-10 | N/A | 7.5 HIGH |
| A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. | |||||
| CVE-2024-0211 | 1 Wireshark | 1 Wireshark | 2024-01-10 | N/A | 7.5 HIGH |
| DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2024-0210 | 1 Wireshark | 1 Wireshark | 2024-01-10 | N/A | 7.5 HIGH |
| Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2024-0209 | 1 Wireshark | 1 Wireshark | 2024-01-10 | N/A | 7.5 HIGH |
| IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2024-20715 | 2024-01-10 | N/A | 5.5 MEDIUM | ||
| Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-20714 | 2024-01-10 | N/A | 5.5 MEDIUM | ||
| Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-48266 | 2024-01-10 | N/A | N/A | ||
| The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request. | |||||