Search Results (364909 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-34617 1 Genson Project 1 Genson 2025-01-03 7.5 High
An issue was discovered genson thru 1.6 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
CVE-2023-34616 1 Pbjson Project 1 Pbjson 2025-01-03 7.5 High
An issue was discovered pbjson thru 0.4.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
CVE-2023-34615 1 Pwall 1 Jsonutil 2025-01-03 7.5 High
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
CVE-2024-28238 1 Monospace 1 Directus 2025-01-03 2.3 Low
Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places (e.g., web server logs, browser history). Attackers gaining access to these logs may hijack active user sessions, leading to unauthorized access to sensitive information or actions on behalf of the user. This issue has been addressed in version 10.10.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-27296 1 Monospace 1 Directus 2025-01-03 5.3 Medium
Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known vulnerabilities in Directus core or any of its shipped dependencies in that specific running version. The problem has been resolved in versions 10.8.3 and newer.
CVE-2024-27295 1 Monospace 1 Directus 2025-01-03 8.2 High
Directus is a real-time API and App dashboard for managing SQL database content. The password reset mechanism of the Directus backend allows attackers to receive a password reset email of a victim user, specifically having it arrive at a similar email address as the victim with a one or more characters changed to use accents. This is due to the fact that by default MySQL/MariaDB are configured for accent-insensitive and case-insensitive comparisons. This vulnerability is fixed in version 10.8.3.
CVE-2023-2807 1 Pandorafms 1 Pandora Fms 2025-01-03 6.4 Medium
Authentication Bypass by Spoofing vulnerability in the password reset process of Pandora FMS allows an unauthenticated attacker to initiate a password reset process for any user account without proper authentication. This issue affects PandoraFMS v771 and prior versions on all platforms.
CVE-2023-34867 1 Jerryscript 1 Jerryscript 2025-01-03 7.5 High
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.
CVE-2023-34865 2 Linux, Ujcms 2 Linux Kernel, Ujcms 2025-01-03 9.8 Critical
Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature.
CVE-2023-34824 1 Fdkaac Project 1 Fdkaac 2025-01-03 5.5 Medium
fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c.
CVE-2023-1323 1 Yikesinc 1 Easy Forms For Mailchimp 2025-01-03 4.8 Medium
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVE-2022-31636 1 Hp 806 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 803 more 2025-01-03 7.8 High
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
CVE-2022-31635 1 Hp 806 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 803 more 2025-01-03 7.8 High
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
CVE-2024-45815 2 Linuxfoundation, Redhat 2 Backstage, Rhdh 2025-01-03 6.5 Medium
Backstage is an open framework for building developer portals. A malicious actor with authenticated access to a Backstage instance with the catalog backend plugin installed is able to interrupt the service using a specially crafted query to the catalog API. This has been fixed in the `1.26.0` release of the `@backstage/plugin-catalog-backend`. All users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2021-43783 1 Linuxfoundation 1 Backstage 2025-01-03 8.5 High
@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend host instance. This vulnerability can in some situation also be exploited through user input when executing a template, meaning you do not need write access to the templates. This method will not allow the attacker to control the contents of the injected file however, unless the template is also crafted in a specific way that gives control of the file contents. This vulnerability is fixed in version `0.15.14` of the `@backstage/plugin-scaffolder-backend`. This attack is mitigated by restricting access and requiring reviews when registering or modifying scaffolder templates.
CVE-2024-45816 2 Linuxfoundation, Redhat 2 Backstage, Rhdh 2025-01-03 6.5 Medium
Backstage is an open framework for building developer portals. When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak contents of the bucket that are not intended to be accessible, as well as bypass permission checks in Backstage. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. All users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-46976 2 Linuxfoundation, Redhat 2 Backstage, Rhdh 2025-01-03 6.5 Medium
Backstage is an open framework for building developer portals. An attacker with control of the contents of the TechDocs storage buckets is able to inject executable scripts in the TechDocs content that will be executed in the victim's browser when browsing documentation or navigating to an attacker provided link. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-0431 1 File Away Project 1 File Away 2025-01-03 5.4 Medium
The File Away WordPress plugin through 3.9.9.0.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
CVE-2023-2398 1 Icegram 1 Icegram Engage 2025-01-03 6.1 Medium
The Icegram Engage WordPress plugin before 3.1.12 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVE-2023-2568 1 Ays-pro 1 Photo Gallery 2025-01-03 6.1 Medium
The Photo Gallery by Ays WordPress plugin before 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin