Search Results (367003 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-25052 1 Ibm 1 Jazz Reporting Service 2024-11-21 4.4 Medium
IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by an admin user. IBM X-Force ID: 283363.
CVE-2024-25031 1 Ibm 2 Storage Defender, Storage Defender Resiliency Service 2024-11-21 6.5 Medium
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678.
CVE-2024-25023 1 Ibm 2 Cloud Pak For Security, Qradar Suite 2024-11-21 5.5 Medium
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281429.
CVE-2024-25007 1 Ericsson 1 Network Manager 2024-11-21 7.1 High
Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. There is limited impact to integrity and availability. The attacker on the adjacent network with administration access can exploit the vulnerability.
CVE-2024-24974 1 Openvpn 1 Openvpn 2024-11-21 7.5 High
The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service.
CVE-2024-24943 1 Jetbrains 1 Toolbox 2024-11-21 5.3 Medium
In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image
CVE-2024-24942 1 Jetbrains 1 Teamcity 2024-11-21 5.3 Medium
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
CVE-2024-24941 1 Jetbrains 1 Intellij Idea 2024-11-21 6.1 Medium
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL
CVE-2024-24939 1 Jetbrains 1 Rider 2024-11-21 3.3 Low
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible
CVE-2024-24937 1 Jetbrains 1 Teamcity 2024-11-21 4.6 Medium
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
CVE-2024-24936 1 Jetbrains 1 Teamcity 2024-11-21 4.3 Medium
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
CVE-2024-24925 1 Siemens 1 Simcenter Femap 2024-11-21 7.8 High
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-22060)
CVE-2024-24920 1 Siemens 1 Simcenter Femap 2024-11-21 7.8 High
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21710)
CVE-2024-24864 1 Linux 1 Linux Kernel 2024-11-21 5.3 Medium
A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.
CVE-2024-24829 1 Sentry 1 Sentry 2024-11-21 4.3 Medium
Sentry is an error tracking and performance monitoring platform. Sentry’s integration platform provides a way for external services to interact with Sentry. One of such integrations, the Phabricator integration (maintained by Sentry) with version <=24.1.1 contains a constrained SSRF vulnerability. An attacker could make Sentry send POST HTTP requests to arbitrary URLs (including internal IP addresses) by providing an unsanitized input to the Phabricator integration. However, the body payload is constrained to a specific format. If an attacker has access to a Sentry instance, this allows them to: 1. interact with internal network; 2. scan local/remote ports. This issue has been fixed in Sentry self-hosted release 24.1.2, and has already been mitigated on sentry.io on February 8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-24828 1 Vercel 1 Pkg 2024-11-21 6.6 Medium
pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by `pkg` are written to a hardcoded directory. On unix systems, this is `/tmp/pkg/*` which is a shared directory for all users on the same local system. There is no uniqueness to the package names within this directory, they are predictable. An attacker who has access to the same local system has the ability to replace the genuine executables in the shared directory with malicious executables of the same name. A user may then run the malicious executable without realising it has been modified. This package is deprecated. Therefore, there will not be a patch provided for this vulnerability. To check if your executable build by pkg depends on native code and is vulnerable, run the executable and check if `/tmp/pkg/` was created. Users should transition to actively maintained alternatives. We would recommend investigating Node.js 21’s support for single executable applications. Given the decision to deprecate the pkg package, there are no official workarounds or remediations provided by our team. Users should prioritize migrating to other packages that offer similar functionality with enhanced security.
CVE-2024-24826 1 Exiv2 1 Exiv2 2024-11-21 5.5 Medium
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, `QuickTimeVideo::NikonTagsDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted video file. In most cases this out of bounds read will result in a crash. This bug is fixed in version v0.28.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-24823 1 Graylog 1 Graylog 2024-11-21 5.7 Medium
Graylog is a free and open log management platform. Starting in version 4.3.0 and prior to versions 5.1.11 and 5.2.4, reauthenticating with an existing session cookie would re-use that session id, even if for different user credentials. In this case, the pre-existing session could be used to gain elevated access to an existing Graylog login session, provided the malicious user could successfully inject their session cookie into someone else's browser. The complexity of such an attack is high, because it requires presenting a spoofed login screen and injection of a session cookie into an existing browser, potentially through a cross-site scripting attack. No such attack has been discovered. Graylog 5.1.11 and 5.2.4, and any versions of the 6.0 development branch, contain patches to not re-use sessions under any circumstances. Some workarounds are available. Using short session expiration and explicit log outs of unused sessions can help limiting the attack vector. Unpatched this vulnerability exists, but is relatively hard to exploit. A proxy could be leveraged to clear the `authentication` cookie for the Graylog server URL for the `/api/system/sessions` endpoint, as that is the only one vulnerable.
CVE-2024-24822 1 Pimcore 1 Admin Classic Bundle 2024-11-21 6.5 Medium
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Prior to version 1.3.3, an attacker can create, delete etc. tags without having the permission to do so. A fix is available in version 1.3.3. As a workaround, one may apply the patch manually.
CVE-2024-24816 1 Ckeditor 1 Ckeditor 2024-11-21 6.1 Medium
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature. All integrators that use these samples in the production code can be affected. The vulnerability allows an attacker to execute JavaScript code by abusing the misconfigured preview feature. It affects all users using the CKEditor 4 at version < 4.24.0-lts with affected samples used in a production environment. A fix is available in version 4.24.0-lts.