| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. NOTE: the vendor disputes this because input to the Pebble templating engine is intended to include arbitrary Java code, and thus either the input should not arrive from an untrusted source, or else the application using the engine should apply restrictions to the input. The engine is not responsible for validating the input. |
| graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9. |
| ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts malicious JavaScript code into the web page, causing the user / administrator to trigger malicious code when accessing. |
| In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity authentication information) as the victim without the victim's knowledge. |
| Project Wonder WebObjects 1.0 through 5.4.3 is vulnerable to Arbitrary HTTP Header injection and URL- or Header-based XSS reflection in all web-server adaptor interfaces. |
| Tesla Model 3 V11.0(2022.4.5.1 6b701552d7a6) Tesla mobile app v4.23 is vulnerable to Authentication Bypass by spoofing. Tesla Model 3's Phone Key authentication is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to open a door and drive the car away by leveraging access to a legitimate Phone Key. |
| Zentao Demo15 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: URL : view-source:https://demo15.zentao.pm/user-login.html/zentao/index.php?mode=getconfig. |
| Miniblog.Core v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /blog/edit. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Excerpt field. |
| SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable to Remote Code Execution (RCE) via the ping host feature. |
| Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the k variable in resolve-shims.js. |
| A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states "we are in the process of marking this report as invalid"; however, some third parties takes the position that "A prototype injection/Prototype pollution is not just when global objects are polluted with recursive merge or deep cloning but also when a target object is polluted." |
| Prototype pollution vulnerability in beautify-web js-beautify 1.13.7 via the name variable in options.js. |
| Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3. |
| Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report. |
| Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue. |
| Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate. |
| Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set. |
| Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc. |
| Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making (RUM), as exploited in the wild in 2020 through 2022. |
| In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file. |
