Search Results (365349 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-24826 1 Riot-os 1 Riot 2025-01-10 5.9 Medium
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send crafted frames to the device to trigger the usage of an uninitialized object leading to denial of service. This issue is fixed in version 2023.04. As a workaround, disable fragment forwarding or SFR.
CVE-2023-33973 1 Riot-os 1 Riot 2025-01-10 7.5 High
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send a crafted frame which is forwarded by the device. During encoding of the packet a NULL pointer dereference occurs. This crashes the device leading to denial of service. A patch is available at pull request 19678. There are no known workarounds.
CVE-2024-37900 1 Xwiki 1 Xwiki 2025-01-10 6.4 Medium
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When uploading an attachment with a malicious filename, malicious JavaScript code could be executed. This requires a social engineering attack to get the victim into uploading a file with a malicious name. The malicious code is solely executed during the upload and affects only the user uploading the attachment. While this allows performing actions in the name of that user, it seems unlikely that a user wouldn't notice the malicious filename while uploading the attachment. This has been patched in XWiki 14.10.21, 15.5.5, 15.10.6 and 16.0.0.
CVE-2023-33974 1 Riot-os 1 Riot 2025-01-10 7.5 High
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send multiple crafted frames to the device to trigger a race condition. The race condition invalidates assumptions about the program state and leads to an invalid memory access resulting in denial of service. This issue is patched in pull request 19679. There are no known workarounds.
CVE-2024-33059 1 Qualcomm 32 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 29 more 2025-01-10 6.7 Medium
Memory corruption while processing frame command IOCTL calls.
CVE-2023-33975 1 Riot-os 1 Riot 2025-01-10 9.8 Critical
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. This issue is fixed in pull request 19680. As a workaround, disable support for fragmented IP datagrams.
CVE-2023-32684 1 Linuxfoundation 1 Lima 2025-01-10 2.7 Low
Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The official templates of Lima and the well-known third party products (Colima, Rancher Desktop, and Finch) are unlikely to be affected by this issue. To exploit this issue, the attacker has to embed the target file path (an absolute or a relative path from the instance directory) in a malicious disk image, as the qcow2 (or vmdk) backing file path string. As Lima refuses to run as the root, it is practically impossible for the attacker to read the entire host disk via `/dev/rdiskN`. Also, practically, the attacker cannot read at least the first 512 bytes (MBR) of the target file. The issue has been patched in Lima in version 0.16.0 by prohibiting using a backing file path in the VM base image.
CVE-2023-32699 1 Metersphere 1 Metersphere 2025-01-10 6.5 Medium
MeterSphere is an open source continuous testing platform. Version 2.9.1 and prior are vulnerable to denial of service. ​The `checkUserPassword` method is used to check whether the password provided by the user matches the password saved in the database, and the `CodingUtil.md5` method is used to encrypt the original password with MD5 to ensure that the password will not be saved in plain text when it is stored. If a user submits a very long password when logging in, the system will be forced to execute the long password MD5 encryption process, causing the server CPU and memory to be exhausted, thereby causing a denial of service attack on the server. This issue is fixed in version 2.10.0-lts with a maximum password length.
CVE-2023-33961 1 Leantime 1 Leantime 2025-01-10 8.9 High
Leantime is a lean open source project management system. Starting in version 2.3.21, an authenticated user with commenting privileges can inject malicious Javascript into a comment. Once the malicious comment is loaded in the browser by a user, the malicious Javascript code executes. As of time of publication, a patch does not exist.
CVE-2024-33061 1 Qualcomm 18 Qcs8550, Qcs8550 Firmware, Sw5100 and 15 more 2025-01-10 6.8 Medium
Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.
CVE-2023-33962 1 Jstachio Project 1 Jstachio 2025-01-10 5.4 Medium
JStachio is a type-safe Java Mustache templating engine. Prior to version 1.0.1, JStachio fails to escape single quotes `'` in HTML, allowing an attacker to inject malicious code. This vulnerability can be exploited by an attacker to execute arbitrary JavaScript code in the context of other users visiting pages that use this template engine. This can lead to various consequences, including session hijacking, defacement of web pages, theft of sensitive information, or even the propagation of malware. Version 1.0.1 contains a patch for this issue. To mitigate this vulnerability, the template engine should properly escape special characters, including single quotes. Common practice is to escape `'` as `&#39`. As a workaround, users can avoid this issue by using only double quotes `"` for HTML attributes.
CVE-2023-28079 1 Dell 1 Powerpath 2025-01-10 7 High
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains Insecure File and Folder Permissions vulnerability. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
CVE-2023-28080 1 Dell 1 Powerpath 2025-01-10 6.7 Medium
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
CVE-2023-32448 1 Dell 1 Powerpath 2025-01-10 5.5 Medium
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. A local user with access to the installation directory can retrieve the license key of the product and use it to install and license PowerPath on different systems.
CVE-2023-2998 1 Phpmyfaq 1 Phpmyfaq 2025-01-10 6.1 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14.
CVE-2023-2999 1 Phpmyfaq 1 Phpmyfaq 2025-01-10 6.1 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14.
CVE-2023-33633 1 H3c 2 Magic R300-2100m, Magic R300-2100m Firmware 2025-01-10 7.2 High
H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateWanParams interface at /goform/aspForm.
CVE-2023-33632 1 H3c 2 Magic R300-2100m, Magic R300-2100m Firmware 2025-01-10 7.2 High
H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm.
CVE-2023-33631 1 H3c 2 Magic R300-2100m, Magic R300-2100m Firmware 2025-01-10 7.2 High
H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelSTList interface at /goform/aspForm.
CVE-2023-33629 1 H3c 2 Magic R300-2100m, Magic R300-2100m Firmware 2025-01-10 7.2 High
H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm.