| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated
user with access to the device’s web interface to perform unauthorized file and firmware
uploads when crafting custom web requests. |
| CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path
Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s
web interface to corrupt files and impact device functionality when sending a crafted HTTP
request. |
| CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass
when sending a malformed POST request and particular configuration parameters are set. |
| in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free. |
| Fuji Electric Tellus Lite V-Simulator
is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. |
| Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary code. |
| Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "POST /api/v1/custom_component" endpoint and provide a Python script. |
| SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in the ProductController.php file. |
| Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root. |
| In the module "Custom links" (pk_customlinks) <= 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection. |
| In the module "Theme settings" (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection. |
| Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause other impacts via the functions setDefaults, mergeBranch, and Object.setObjectValue. |
| Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. |
| Memory management vulnerability in the Gralloc module
Impact: Successful exploitation of this vulnerability will affect availability. |
| Out-of-bounds read vulnerability in the audio module
Impact: Successful exploitation of this vulnerability will affect availability. |
| Memory management vulnerability in the boottime module
Impact: Successful exploitation of this vulnerability can affect integrity. |
| Privilege escalation vulnerability in the AMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of unauthorized screenshot capturing in the WMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed. |
| Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the `/api/v1/public-chatflows/id` endpoint. If the default configuration is used (unauthenticated), an attacker may be able to craft a specially crafted URL that injects Javascript into the user sessions, allowing the attacker to steal information, create false popups, or even redirect the user to other websites without interaction. If the chatflow ID is not found, its value is reflected in the 404 page, which has type text/html. This allows an attacker to attach arbitrary scripts to the page, allowing an attacker to steal sensitive information. This XSS may be chained with the path injection to allow an attacker without direct access to Flowise to read arbitrary files from the Flowise server. As of time of publication, no known patches are available. |