Total
28533 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23794 | 1 Otrs | 1 Otrs | 2024-08-01 | 5.2 Medium |
| An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting 'RequiredLock' of 'AgentFrontend::Ticket::InlineEditing::Property###Watch' in the system configuration.This issue affects OTRS: * 8.0.X * 2023.X * from 2024.X through 2024.4.x | ||||
| CVE-2024-23740 | 1 Getkap | 1 Kap | 2024-08-01 | 9.8 Critical |
| An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. | ||||
| CVE-2024-23739 | 2 Apple, Discord | 2 Macos, Discord | 2024-08-01 | 9.8 Critical |
| An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. | ||||
| CVE-2024-23756 | 1 Plone | 1 Plone | 2024-08-01 | 7.5 High |
| The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 (5221), allowing unauthenticated attackers to execute dangerous actions such as uploading files to the server or deleting them. | ||||
| CVE-2024-23730 | 1 Llamahub | 1 Llamahub | 2024-08-01 | 9.8 Critical |
| The OpenAPI and ChatGPT plugin loaders in LlamaHub (aka llama-hub) before 0.0.67 allow attackers to execute arbitrary code because safe_load is not used for YAML. | ||||
| CVE-2024-23683 | 1 Ls1intum | 1 Artemis Java Test Sandbox | 2024-08-01 | 8.2 High |
| Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code. | ||||
| CVE-2024-23676 | 1 Splunk | 2 Cloud, Splunk | 2024-08-01 | 4.6 Medium |
| In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit. | ||||
| CVE-2024-23649 | 1 Join-lemmy | 1 Lemmy | 2024-08-01 | 7.5 High |
| Lemmy is a link aggregator and forum for the fediverse. Starting in version 0.17.0 and prior to version 0.19.1, users can report private messages, even when they're neither sender nor recipient of the message. The API response to creating a private message report contains the private message itself, which means any user can just iterate over message ids to (loudly) obtain all private messages of an instance. A user with instance admin privileges can also abuse this if the private message is removed from the response, as they're able to see the resulting reports. Creating a private message report by POSTing to `/api/v3/private_message/report` does not validate whether the reporter is the recipient of the message. lemmy-ui does not allow the sender to report the message; the API method should likely be restricted to accessible to recipients only. The API response when creating a report contains the `private_message_report_view` with all the details of the report, including the private message that has been reported: Any authenticated user can obtain arbitrary (untargeted) private message contents. Privileges required depend on the instance configuration; when registrations are enabled without application system, the privileges required are practically none. When registration applications are required, privileges required could be considered low, but this assessment heavily varies by instance. Version 0.19.1 contains a patch for this issue. A workaround is available. If an update to a fixed Lemmy version is not immediately possible, the API route can be blocked in the reverse proxy. This will prevent anyone from reporting private messages, but it will also prevent exploitation before the update has been applied. | ||||
| CVE-2024-23678 | 1 Splunk | 1 Splunk | 2024-08-01 | 7.5 High |
| In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows. | ||||
| CVE-2024-23641 | 1 Svelte | 2 Adapter-node, Kit | 2024-08-01 | 7.5 High |
| SvelteKit is a web development kit. In SvelteKit 2, sending a GET request with a body eg `{}` to a built and previewed/hosted sveltekit app throws `Request with GET/HEAD method cannot have body.` and crashes the preview/hosting. After this happens, one must manually restart the app. `TRACE` requests will also cause the app to crash. Prerendered pages and SvelteKit 1 apps are not affected. `@sveltejs/adapter-node` versions 2.1.2, 3.0.3, and 4.0.1 and `@sveltejs/kit` version 2.4.3 contain a patch for this issue. | ||||
| CVE-2024-23562 | 1 Hcltech | 1 Domino | 2024-08-01 | 5.3 Medium |
| This vulnerability is being re-assessed. Vulnerability details will be updated. The security bulletin will be republished when further details are available. | ||||
| CVE-2024-23655 | 1 Tuta | 1 Tutanota | 2024-08-01 | 7.5 High |
| Tuta is an encrypted email service. Starting in version 3.118.12 and prior to version 3.119.10, an attacker is able to send a manipulated email so that the user can no longer use the app to get access to received emails. By sending a manipulated email, an attacker could put the app into an unusable state. In this case, a user can no longer access received e-mails. Since the vulnerability affects not only the app, but also the web application, a user in this case has no way to access received emails. This issue was tested with iOS and the web app, but it is possible all clients are affected. Version 3.119.10 fixes this issue. | ||||
| CVE-2024-23682 | 1 Ls1intum | 1 Artemis Java Test Sandbox | 2024-08-01 | 8.2 High |
| Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code. | ||||
| CVE-2024-23588 | 1 Hcltech | 1 Nomad Server On Domino | 2024-08-01 | 5.3 Medium |
| HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability. | ||||
| CVE-2024-23550 | 1 Hcltechsw | 2 Hcl Devops Deploy, Hcl Launch | 2024-08-01 | 6.2 Medium |
| HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent. | ||||
| CVE-2024-23347 | 1 Facebook | 1 Meta Spark Studio | 2024-08-01 | 7.8 High |
| Prior to v176, when opening a new project Meta Spark Studio would execute scripts defined inside of a package.json file included as part of that project. Those scripts would have the ability to execute arbitrary code on the system as the application. | ||||
| CVE-2024-23301 | 4 Fedoraproject, Redhat, Relax-and-recover and 1 more | 4 Fedora, Enterprise Linux, Relax-and-recover and 1 more | 2024-08-01 | 5.5 Medium |
| Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. | ||||
| CVE-2024-23272 | 1 Apple | 1 Macos | 2024-08-01 | 5.5 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system. | ||||
| CVE-2024-23344 | 1 Enalean | 1 Tuleap | 2024-08-01 | 5.3 Medium |
| Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted information when a process validates the permissions of multiple users (e.g. mail notifications). This issue has been patched in version 15.4.99.140 of Tuleap Community Edition. | ||||
| CVE-2024-23348 | 1 Appleple | 1 A-blog Cms | 2024-08-01 | 8.8 High |
| Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute arbitrary JavaScript code by uploading a specially crafted SVG file. | ||||