Search Results (26983 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0199 1 Gnu 1 Glibc 2024-11-20 9.8 Critical
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.
CVE-2024-11311 1 Trcore 1 Dvc 2024-11-20 9.8 Critical
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-11312 1 Trcore 1 Dvc 2024-11-20 9.8 Critical
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-11313 1 Trcore 1 Dvc 2024-11-20 9.8 Critical
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-11314 1 Trcore 1 Dvc 2024-11-20 9.8 Critical
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-11315 1 Trcore 1 Dvc 2024-11-20 9.8 Critical
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
CVE-2024-10575 1 Schneider-electric 1 Ecostruxure It Gateway 2024-11-19 9.8 Critical
CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices.
CVE-2021-3902 2 Dompdf, Dompdf Project 2 Dompdf, Dompdf 2024-11-19 9.8 Critical
An improper restriction of external entities (XXE) vulnerability in dompdf/dompdf's SVG parser allows for Server-Side Request Forgery (SSRF) and deserialization attacks. This issue affects all versions prior to 2.0.0. The vulnerability can be exploited even if the isRemoteEnabled option is set to false. It allows attackers to perform SSRF, disclose internal image files, and cause PHAR deserialization attacks.
CVE-2021-3838 2 Dompdf, Dompdf Project 2 Dompdf, Dompdf 2024-11-19 9.8 Critical
DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the file_get_contents() function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution, especially when DOMPdf is used with frameworks with documented POP chains like Laravel or vulnerable developer code.
CVE-2022-1884 2 Gogs, Microsoft 2 Gogs, Windows 2024-11-19 10 Critical
A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution.
CVE-2024-3379 2 Lunary, Lunary-ai 2 Lunary, Lunary-ai\/lunary 2024-11-18 9.6 Critical
In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows unprivileged users to re-generate the private key for projects they do not have access to. Specifically, a user with a 'Member' role can issue a request to regenerate the private key of a project without having the necessary permissions or being assigned to that project. This issue was fixed in version 1.2.7.
CVE-2024-11020 1 Vice 1 Webopac 2024-11-18 9.8 Critical
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents.
CVE-2024-11018 1 Vice 1 Webopac 2024-11-18 9.8 Critical
Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server.
CVE-2024-44761 2 Gzequan, Yiquan Information 2 Eq Enterprise Management System, Eq Enterprise Management System 2024-11-18 9.9 Critical
An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests.
CVE-2024-52300 2 Xwiki, Xwikisas 2 Pdf Viewer Macro, Macro Pdfviewer 2024-11-18 9.1 Critical
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any user who can edit a page. XSS can impact the confidentiality, integrity and availability of the whole XWiki installation when an admin visits the page with the malicious code. This is fixed in 2.5.6.
CVE-2024-44760 1 Sunmochina 1 Enterprise Management System 2024-11-15 9.1 Critical
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server.
CVE-2024-44102 1 Siemens 1 Telecontrol Server Basic 2024-11-15 10 Critical
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 32 to 64 V3.1 (6NH9910-0AA31-0AF1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 64 to 256 V3.1 (6NH9910-0AA31-0AC1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 8 to 32 V3.1 (6NH9910-0AA31-0AB1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 1000 V3.1 (6NH9910-0AA31-0AD0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 256 V3.1 (6NH9910-0AA31-0AC0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 32 V3.1 (6NH9910-0AA31-0AF0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 5000 V3.1 (6NH9910-0AA31-0AE0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 64 V3.1 (6NH9910-0AA31-0AB0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 8 V3.1 (6NH9910-0AA31-0AA0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Serv Upgr (6NH9910-0AA31-0GA1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Upgr V3.1 (6NH9910-0AA31-0GA0) (All versions < V3.1.2.1 with redundancy configured). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the attacker to execute arbitrary code on the device with SYSTEM privileges.
CVE-2024-9487 1 Github 1 Enterprise Server 2024-11-15 9.1 Critical
An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed resulting in unauthorized provisioning of users and access to the instance. Exploitation required the encrypted assertions feature to be enabled, and the attacker would require direct network access as well as a signed SAML response or metadata document. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.15 and was fixed in versions 3.11.16, 3.12.10, 3.13.5, and 3.14.2. This vulnerability was reported via the GitHub Bug Bounty program.
CVE-2024-11016 1 Vice 1 Webopac 2024-11-14 9.8 Critical
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents.
CVE-2024-10381 2 Matrix Comsec, Matrixcomsec 3 Matrix Door Controller Cosec Vega Faxq Firmware, Cosec Vega Faxq, Cosec Vega Faxq Firmware 2024-11-14 9.8 Critical
This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper implementation of session management at the web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the vulnerable device. Successful exploitation of this vulnerability could allow remote attacker to gain unauthorized access and take complete control of the targeted device.