Search Results (366574 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-1883 4 Apple, Linux, Microsoft and 1 more 5 Macos, Linux Kernel, Windows and 2 more 2025-01-23 6.3 Medium
This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it could potentially lead to limited loss of confidentiality, integrity or availability.
CVE-2023-32073 1 Wwbn 1 Avideo 2025-01-23 8.8 High
WWBN AVideo is an open source video platform. In versions 12.4 and prior, a command injection vulnerability exists at `plugin/CloneSite/cloneClient.json.php` which allows Remote Code Execution if you CloneSite Plugin. This is a bypass to the fix for CVE-2023-30854, which affects WWBN AVideo up to version 12.3. This issue is patched in commit 1df4af01f80d56ff2c4c43b89d0bac151e7fb6e3.
CVE-2023-32081 1 Eclipse 1 Vert.x Stomp 2025-01-23 6.5 Medium
Vert.x STOMP is a vert.x implementation of the STOMP specification that provides a STOMP server and client. From versions 3.1.0 until 3.9.16 and 4.0.0 until 4.4.2, a Vert.x STOMP server processes client STOMP frames without checking that the client send an initial CONNECT frame replied with a successful CONNECTED frame. The client can subscribe to a destination or publish message without prior authentication. Any Vert.x STOMP server configured with an authentication handler is impacted. The issue is patched in Vert.x 3.9.16 and 4.4.2. There are no trivial workarounds.
CVE-2024-47761 1 Glpi-project 1 Glpi 2025-01-23 7.2 High
GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an administrator with access to the sent notifications contents can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue.
CVE-2022-4207 1 Oxilab 1 Image Hover Effects Ultimate 2025-01-23 5.5 Medium
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, the plugin only allows administrators access to edit Image Hovers, however, if a site admin makes the plugin's features available to lower privileged users through the 'Who Can Edit?' setting then this can be exploited by those users.
CVE-2024-1882 4 Apple, Linux, Microsoft and 1 more 5 Macos, Linux Kernel, Windows and 2 more 2025-01-23 7.2 High
This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server.
CVE-2024-1654 4 Apple, Linux, Microsoft and 1 more 5 Macos, Linux Kernel, Windows and 2 more 2025-01-23 7.2 High
This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this.
CVE-2024-1223 4 Apple, Linux, Microsoft and 1 more 5 Macos, Linux Kernel, Windows and 2 more 2025-01-23 4.8 Medium
This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in a specific runtime state.
CVE-2023-32306 1 Anuko 1 Time Tracker 2025-01-23 8.8 High
Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the `reports.php` page was not validating all parameters in POST requests. Because some parameters were not checked, it was possible to craft POST requests with malicious SQL for Time Tracker database. This issue is fixed in version 1.22.13.5792. As a workaround, use the fixed code in `ttReportHelper.class.php` from version 1.22.13.5792.
CVE-2023-32303 1 Planet 1 Planet 2025-01-23 5.2 Medium
Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in version 2.0.1. As a workaround, set the secret file permissions to only user read/write by hand.
CVE-2024-47760 1 Glpi-project 1 Glpi 2025-01-23 8.8 High
GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.17, a technician with an access to the API can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue.
CVE-2023-27863 2 Ibm, Linux 2 Spectrum Protect, Linux Kernel 2025-01-23 4.4 Medium
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325.
CVE-2024-1222 4 Apple, Linux, Microsoft and 1 more 5 Macos, Linux Kernel, Windows and 2 more 2025-01-23 8.6 High
This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.
CVE-2023-32996 1 Jenkins 1 Saml Single Sign-on 2025-01-23 4.3 Medium
A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.
CVE-2023-32995 1 Jenkins 1 Saml Single Sign On 2025-01-23 8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.
CVE-2023-32993 1 Jenkins 1 Saml Single Sign On 2025-01-23 4.8 Medium
Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.
CVE-2023-32992 1 Jenkins 1 Saml Single Sign On 2025-01-23 8.8 High
Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.
CVE-2023-32784 1 Keepass 1 Keepass 2025-01-23 7.5 High
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.
CVE-2023-32758 2 Coala, Semgrep 2 Git-url-parse, Semgrep 2025-01-23 7.5 High
giturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package's author placed a ReDoS attack payload in a URL used by the package.
CVE-2023-31986 1 Edimax 2 Br-6428ns, Br-6428ns Firmware 2025-01-23 9.8 Critical
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations.