Total
277558 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-42165 | 1 Fiware | 1 Keyrock | 2024-08-29 | 6.3 Medium |
| Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link. | ||||
| CVE-2024-42164 | 1 Fiware | 1 Keyrock | 2024-08-29 | 4.3 Medium |
| Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link. | ||||
| CVE-2024-42163 | 1 Fiware | 1 Keyrock | 2024-08-29 | 8.3 High |
| Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to take over the account of any user by predicting the token for the password reset link. | ||||
| CVE-2024-8222 | 2 Oretnom23, Sourcecodester | 2 Music Gallery Site, Music Gallery Site | 2024-08-29 | 6.3 Medium |
| A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file /admin/?page=musics/manage_music. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-8223 | 2 Music Gallery Site Project, Oretnom23 | 2 Music Gallery Site, Music Gallery Site | 2024-08-29 | 6.3 Medium |
| A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-6329 | 1 Gitlab | 1 Gitlab | 2024-08-29 | 5.7 Medium |
| An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which causes the web interface to fail to render the diff correctly when the path is encoded. | ||||
| CVE-2024-4784 | 1 Gitlab | 1 Gitlab | 2024-08-29 | 4.2 Medium |
| An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy. | ||||
| CVE-2024-4210 | 1 Gitlab | 1 Gitlab | 2024-08-29 | 6.5 Medium |
| A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 12.6 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause a denial of service using crafted adoc files. | ||||
| CVE-2024-8220 | 2 Angeljudesuarez, Itsourcecode | 2 Tailoring Management System, Tailoring Management System | 2024-08-29 | 6.3 Medium |
| A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file staffedit.php. The manipulation of the argument id/stafftype/address/fullname/phonenumber/salary leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-38018 | 1 Ibm | 1 Aspera Shares | 2024-08-29 | 6.3 Medium |
| IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 260574. | ||||
| CVE-2024-37382 | 1 Abinitio | 2 Authorization Gateway, Metadata Hub | 2024-08-29 | 6.3 Medium |
| An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway before 4.3.1.1 allows attackers to run arbitrary code via crafted modification of server configuration. | ||||
| CVE-2024-42493 | 1 Dorsettcontrols | 1 Infoscan | 2024-08-29 | 5.3 Medium |
| Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login. | ||||
| CVE-2024-39287 | 1 Dorsettcontrols | 1 Infoscan | 2024-08-29 | 5.3 Medium |
| Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys. | ||||
| CVE-2024-42408 | 1 Dorsettcontrols | 1 Infoscan | 2024-08-29 | 5.3 Medium |
| The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure. | ||||
| CVE-2024-42366 | 1 Vrcx-team | 1 Vrcx | 2024-08-29 | 9.1 Critical |
| VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In addition to the patch, VRCX maintainers worked with the VRC team and blocked the older version of VRCX on the VRC's API side. Users who use the older version of VRCX must update their installation to continue using VRCX. | ||||
| CVE-2022-2440 | 1 Mndpsingh287 | 1 Theme Editor | 2024-08-29 | 7.2 High |
| The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'images_array' parameter in versions up to, and including 2.8. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload. | ||||
| CVE-2024-7857 | 1 Maxfoundry | 1 Media Library Folders | 2024-08-29 | 9.8 Critical |
| The Media Library Folders plugin for WordPress is vulnerable to second order SQL Injection via the 'sort_type' parameter of the 'mlf_change_sort_type' AJAX action in all versions up to, and including, 8.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | ||||
| CVE-2024-41570 | 2 C5pider, Havocframework | 2 Havoc, Havoc | 2024-08-29 | 9.8 Critical |
| An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. | ||||
| CVE-2024-45043 | 1 Opentelemetry | 1 Opentelemetry Collector Contrib | 2024-08-29 | 5.3 Medium |
| The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. `awsfirehosereceiver` allows unauthenticated remote requests, even when configured to require a key. OpenTelemetry Collector can be configured to receive CloudWatch metrics via an AWS Firehose Stream. Firehose sets the header `X-Amz-Firehose-Access-Key` with an arbitrary configured string. The OpenTelemetry Collector awsfirehosereceiver can optionally be configured to require this key on incoming requests. However, when this is configured it **still accepts incoming requests with no key**. Only OpenTelemetry Collector users configured with the “alpha” `awsfirehosereceiver` module are affected. This module was added in version v0.49.0 of the “Contrib” distribution (or may be included in custom builds). There is a risk of unauthorized users writing metrics. Carefully crafted metrics could hide other malicious activity. There is no risk of exfiltrating data. It’s likely these endpoints will be exposed to the public internet, as Firehose does not support private HTTP endpoints. A fix was introduced in PR #34847 and released with v0.108.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-42905 | 1 Beijing Digital China Cloud Technology | 1 Dcme-320 | 2024-08-29 | 9.8 Critical |
| Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution vulnerability, which can be exploited to obtain device administrator privileges via the getVar function in the code/function/system/tool/ping.php file. | ||||