Search Results (366276 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-2837 1 Gpac 1 Gpac 2025-01-21 5.5 Medium
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.
CVE-2024-31986 1 Xwiki 1 Xwiki 2025-01-21 9.1 Critical
XWiki Platform is a generic wiki platform. Starting in version 3.1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, by creating a document with a special crafted documented reference and an `XWiki.SchedulerJobClass` XObject, it is possible to execute arbitrary code on the server whenever an admin visits the scheduler page or the scheduler page is referenced, e.g., via an image in a comment on a page in the wiki. The vulnerability has been fixed in XWiki 14.10.19, 15.5.5, and 15.9. As a workaround, apply the patch manually by modifying the `Scheduler.WebHome` page.
CVE-2024-31987 1 Xwiki 1 Xwiki 2025-01-21 10 Critical
XWiki Platform is a generic wiki platform. Starting in version 6.4-milestone-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, any user who can edit any page like their profile can create a custom skin with a template override that is executed with programming right, thus allowing remote code execution. This has been patched in XWiki 14.10.19, 15.5.4 and 15.10RC1. No known workarounds are available except for upgrading.
CVE-2023-28467 1 Mybb 1 Mybb 2025-01-21 6.1 Medium
In MyBB before 1.8.34, there is XSS in the User CP module via the user email field.
CVE-2023-29838 1 Allwaysync 1 Allwaysync 2025-01-21 7.8 High
Insecure Permission vulnerability found in Botkind/Siber Systems SyncApp v.19.0.3.0 allows a local attacker toe escalate privileges via the SyncService.exe file.
CVE-2023-31923 1 Supremainc 1 Biostar 2 2025-01-21 8.8 High
Suprema BioStar 2 before 2022 Q4, v2.9.1 has Insecure Permissions. A vulnerability in the web application allows an authenticated attacker with "User Operator" privileges to create a highly privileged user account. The vulnerability is caused by missing server-side validation, which can be exploited to gain full administrator privileges on the system.
CVE-2023-33264 1 Hazelcast 1 Hazelcast 2025-01-21 4.3 Medium
In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, configuration routines don't mask passwords in the member configuration properly. This allows Hazelcast Management Center users to view some of the secrets.
CVE-2023-33285 2 Qt, Redhat 2 Qt, Enterprise Linux 2025-01-21 5.3 Medium
An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.
CVE-2023-23299 1 Garmin 1 Connect-iq 2025-01-21 7.5 High
The permission system implemented and enforced by the GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 can be bypassed entirely. A malicious application with specially crafted code and data sections could access restricted CIQ modules, call their functions and disclose sensitive data such as user profile information and GPS coordinates, among others.
CVE-2024-27929 1 Sixlabors 1 Imagesharp 2025-01-21 7.1 High
ImageSharp is a managed, cross-platform, 2D graphics library. A heap-use-after-free flaw was found in ImageSharp's InitializeImage() function of PngDecoderCore.cs file. This vulnerability is triggered when an attacker passes a specially crafted PNG image file to ImageSharp for conversion, potentially leading to information disclosure. This issue has been patched in versions 3.1.3 and 2.1.7.
CVE-2023-33293 1 Kaiostech 1 Kaios 2025-01-21 5.3 Medium
An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on *.localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read the manifest.webmanifest contents, including the app version.
CVE-2024-27565 2 Chatgpt-wechat-personal, Dirk1983 2 Weixin.php, Chatgpt-wechat-personal 2025-01-21 9.8 Critical
A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests.
CVE-2023-33294 1 Kaiostech 1 Kaios 2025-01-21 9.8 Critical
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctweb_server binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns proper CORS headers, it's accessible to all websites via the browser. At a bare minimum, this allows an attacker to retrieve a list of the user's installed apps, notifications, and downloads. It also allows an attacker to delete local files and modify system properties including the boolean persist.moz.killswitch property (which would render the device inoperable). This vulnerability is partially mitigated by SELinux which prevents reads, writes, or modifications to files or permissions within protected partitions.
CVE-2024-27563 1 Wondercms 1 Wondercms 2025-01-21 5.3 Medium
A Server-Side Request Forgery (SSRF) in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter.
CVE-2024-27561 1 Wondercms 1 Wondercms 2025-01-21 8.1 High
A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the installThemePlugin parameter.
CVE-2023-25537 1 Dell 60 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 57 more 2025-01-21 6.1 Medium
Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.
CVE-2024-0795 1 Mintplexlabs 1 Anythingllm 2025-01-21 7.2 High
If an attacked was given access to an instance with the admin or manager role there is no backend authentication that would prevent the attacked from creating a new user with an `admin` role and then be able to use this new account to have elevated privileges on the instance
CVE-2024-2022 1 Netentsec 1 Application Security Gateway 2025-01-21 6.3 Medium
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/list_ipAddressPolicy.php. The manipulation of the argument GroupId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-255301 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2022-46680 1 Schneider-electric 10 Powerlogic Ion7400, Powerlogic Ion7400 Firmware, Powerlogic Ion8650 and 7 more 2025-01-21 8.8 High
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic.
CVE-2020-20012 1 Sudytech 1 Webplus Pro 2025-01-21 9.8 Critical
WebPlus Pro v1.4.7.8.4-01 is vulnerable to Incorrect Access Control.