Total
140 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36829 | 2 Functional, Sentry | 2 Sentry, Sentry | 2024-11-06 | 6.8 Medium |
| Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the `access-control-allow-credentials: true` HTTP header if the `Origin` request header ends with the `system.base-hostname` option of Sentry installation. This only affects installations that have `system.base-hostname` option explicitly set, as it is empty by default. Impact is limited since recent versions of major browsers have cross-site cookie blocking enabled by default. However, this flaw could allow other multi-step attacks. The patch has been released in Sentry 23.6.2. | ||||
| CVE-2019-20634 | 1 Proofpoint | 1 Email Protection | 2024-10-28 | 3.7 Low |
| An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails. | ||||
| CVE-2023-23844 | 1 Solarwinds | 1 Solarwinds Platform | 2024-10-23 | 7.2 High |
| The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges. | ||||
| CVE-2023-23843 | 1 Solarwinds | 1 Solarwinds Platform | 2024-10-23 | 7.2 High |
| The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands. | ||||
| CVE-2023-23764 | 1 Github | 1 Enterprise Server | 2024-10-16 | 4.8 Medium |
| An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. To do so, an attacker would need write access to the repository. This vulnerability affected GitHub Enterprise Server versions 3.7.0 and above and was fixed in versions 3.7.9, 3.8.2, and 3.9.1. This vulnerability was reported via the GitHub Bug Bounty program. | ||||
| CVE-2024-39534 | 2024-10-15 | 5.4 Medium | ||
| An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker to create sessions or send traffic to the device using the network and broadcast address of the subnet assigned to an interface. This is unintended and unexpected behavior and can allow an attacker to bypass certain compensating controls, such as stateless firewall filters. This issue affects Junos OS Evolved: * All versions before 21.4R3-S8-EVO, * 22.2-EVO before 22.2R3-S4-EVO, * 22.3-EVO before 22.3R3-S4-EVO, * 22.4-EVO before 22.4R3-S3-EVO, * 23.2-EVO before 23.2R2-S1-EVO, * 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO. | ||||
| CVE-2023-28936 | 1 Apache | 1 Openmeetings | 2024-10-11 | 5.3 Medium |
| Attacker can access arbitrary recording/room Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 | ||||
| CVE-2023-32627 | 3 Fedoraproject, Redhat, Sox Project | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2024-10-01 | 6.2 Medium |
| A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service. | ||||
| CVE-2023-26590 | 3 Fedoraproject, Redhat, Sox Project | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2024-10-01 | 6.2 Medium |
| A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service. | ||||
| CVE-2023-40037 | 1 Apache | 1 Nifi | 2024-09-27 | 6.5 Medium |
| Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connection URL validation using custom input formatting. The resolution enhances connection URL validation and introduces validation for additional related properties. Upgrading to Apache NiFi 1.23.1 is the recommended mitigation. | ||||
| CVE-2023-23765 | 1 Github | 1 Enterprise Server | 2024-09-27 | 4.8 Medium |
| An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the GitHub Bug Bounty Program https://bounty.github.com/ . | ||||
| CVE-2023-41935 | 1 Jenkins | 1 Azure Ad | 2024-09-26 | 7.5 High |
| Jenkins Azure AD Plugin 396.v86ce29279947 and earlier, except 378.380.v545b_1154b_3fb_, uses a non-constant time comparison function when checking whether the provided and expected CSRF protection nonce are equal, potentially allowing attackers to use statistical methods to obtain a valid nonce. | ||||
| CVE-2023-41936 | 1 Jenkins | 1 Google Login | 2024-09-26 | 7.5 High |
| Jenkins Google Login Plugin 1.7 and earlier uses a non-constant time comparison function when checking whether the provided and expected token are equal, potentially allowing attackers to use statistical methods to obtain a valid token. | ||||
| CVE-2023-40271 | 1 Arm | 1 Trusted Firmware-m | 2024-09-26 | 7.5 High |
| In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function (defined during the build-time configuration phase) implemented with a dedicated function (i.e., not relying on usage of multipart functions), the buffer comparison during the verification of the authentication tag does not happen on the full 16 bytes but just on the first 4 bytes, thus leading to the possibility that unauthenticated payloads might be identified as authentic. This affects TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0, and TF-Mv1.8. | ||||
| CVE-2021-2388 | 3 Debian, Oracle, Redhat | 6 Debian Linux, Graalvm, Jdk and 3 more | 2024-09-26 | 7.5 High |
| Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). | ||||
| CVE-2024-6641 | 1 Getastra | 1 Wp Hardening | 2024-09-25 | 5.3 Medium |
| The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 1.2.6. This is due to use of an incorrect regular expression within the "Stop User Enumeration" feature. This makes it possible for unauthenticated attackers to bypass intended security restrictions and expose site usernames. | ||||
| CVE-2015-6964 | 1 Multibit | 1 Multibit Hd | 2024-09-25 | 5.3 Medium |
| MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. (Attackers cannot realistically steal these fees for themselves.) This occurs because there is no message authentication code (MAC). | ||||
| CVE-2023-23766 | 1 Github | 1 Enterprise Server | 2024-09-24 | 4.5 Medium |
| An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To do so, an attacker would need write access to the repository. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.6.17, 3.7.15, 3.8.8, 3.9.3, and 3.10.1. This vulnerability was reported via the GitHub Bug Bounty program. | ||||
| CVE-2024-41958 | 1 Mailcow | 1 Mailcow\ | 2024-09-20 | 6.6 Medium |
| mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated attacker to bypass the 2FA protection, enabling unauthorized access to other accounts that are otherwise secured with 2FA. To exploit this vulnerability, the attacker must first have access to an account within the system and possess the credentials of the target account that has 2FA enabled. By leveraging these credentials, the attacker can circumvent the 2FA process and gain access to the protected account. This issue has been addressed in the `2024-07` release. All users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-44378 | 1 Consensys | 1 Gnark | 2024-09-19 | 7.1 High |
| gnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of `a`, for small values there exists a second decomposition for `a+r` (where `r` is the modulus the values are being reduced by). The second decomposition was possible due to overflowing the field where the values are defined. Upgrading to version 0.9.0 should fix the issue without needing to change the calls to value comparison methods. | ||||