Search Results (364935 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-34245 1 Udecode 1 Plate 2025-01-06 8.1 High
@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the `javascript:` scheme. As a result, links with JavaScript URLs can be inserted into the Plate editor through various means, including opening or pasting malicious content. `@udecode/plate-link` 20.0.0 resolves this issue by introducing an `allowedSchemes` option to the link plugin, defaulting to `['http', 'https', 'mailto', 'tel']`. URLs using a scheme that isn't in this list will not be rendered to the DOM. Users are advised to upgrade. Users unable to upgrade are advised to override the `LinkElement` and `PlateFloatingLink` components with implementations that explicitly check the URL scheme before rendering any anchor elements.
CVE-2024-13034 1 Code-projects 1 Chat System 2025-01-06 3.5 Low
A vulnerability, which was classified as problematic, was found in code-projects Chat System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2023-34100 1 Contiki-ng 1 Contiki-ng 2025-01-06 7.3 High
Contiki-NG is an open-source, cross-platform operating system for IoT devices. When reading the TCP MSS option value from an incoming packet, the Contiki-NG OS does not verify that certain buffer indices to read from are within the bounds of the IPv6 packet buffer, uip_buf. In particular, there is a 2-byte buffer read in the module os/net/ipv6/uip6.c. The buffer is indexed using 'UIP_IPTCPH_LEN + 2 + c' and 'UIP_IPTCPH_LEN + 3 + c', but the uip_buf buffer may not have enough data, resulting in a 2-byte read out of bounds. The problem has been patched in the "develop" branch of Contiki-NG, and is expected to be included in release 4.9. Users are advised to watch for the 4.9 release and to upgrade when it becomes available. There are no workarounds for this vulnerability aside from manually patching with the diff in commit `cde4e9839`.
CVE-2023-32312 1 Umbraco 1 Umbraco Identity Extensibility 2025-01-06 3.7 Low
UmbracoIdentityExtensions is an Umbraco add-on package that enables easy extensibility points for ASP.Net Identity integration. In affected versions client secrets are not required which may expose some endpoints to untrusted actors. Since Umbraco is not a single-page application, the implicit flow is not safe. For traditional MVC applications, it is recommended to use the authorization code flow, which requires the client to authenticate with the authorization server using a client secret. This flow provides better security, as it involves exchanging an authorization code for an access token and/or ID token, rather than directly returning tokens in the URL fragment. This issue has been patched in commit `e792429f9` and a release to Nuget is pending. Users are advised to upgrade when possible.
CVE-2024-13035 1 Code-projects 1 Chat System 2025-01-06 6.3 Medium
A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/update_user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-11211 1 Eyoucms 1 Eyoucms 2025-01-06 4.7 Medium
A vulnerability classified as critical has been found in EyouCMS up to 1.6.7. Affected is an unknown function of the component Website Logo Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-33897 2 Google, Unisoc 14 Android, S8006, Sc7731e and 11 more 2025-01-06 4.4 Medium
In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2023-38130 1 Cubecart 1 Cubecart 2025-01-06 8.1 High
Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system.
CVE-2023-35032 1 Atos 2 Unify Openscape 4000 Assistant, Unify Openscape 4000 Manager 2025-01-06 8.8 High
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow command injection by authenticated users, aka OSFOURK-23554.
CVE-2023-35033 1 Atos 2 Unify Openscape 4000 Assistant, Unify Openscape 4000 Manager 2025-01-06 8.8 High
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23556.
CVE-2024-26929 1 Redhat 2 Enterprise Linux, Rhel Eus 2025-01-06 5.5 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2023-37712 1 Tenda 6 Ac1206, Ac1206 Firmware, F1202 and 3 more 2025-01-06 9.8 Critical
Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function.
CVE-2023-32220 1 Milesight 2 Ncr\/camera, Ncr\/camera Firmware 2025-01-06 8.2 High
Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method.
CVE-2023-32219 1 Mazda 2 Mazda, Mazda Firmware 2025-01-06 6.5 Medium
A Mazda model (2015-2016) can be unlocked via an unspecified method.
CVE-2023-31671 1 Webbax 1 Postfinance 2025-01-06 9.8 Critical
PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().
CVE-2023-30150 1 Leotheme 1 Leocustomajax 2025-01-06 9.8 Critical
PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocustomajax/leoajax.php.
CVE-2023-30082 1 Enhancesoft 1 Osticket 2025-01-06 7.5 High
A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure will consume all available CPU and memory.
CVE-2023-28478 1 Tp-link 2 Ec70, Ec70 Firmware 2025-01-06 8.8 High
TP-Link EC-70 devices through 2.3.4 Build 20220902 rel.69498 have a Buffer Overflow.
CVE-2023-26133 1 Progressbar.js Project 1 Progressbar.js 2025-01-06 8.2 High
All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js.
CVE-2023-26132 1 Dottie Project 1 Dottie 2025-01-06 7.5 High
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file.