Total
4091 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21900 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | N/A | 4.3 MEDIUM |
|
An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.3.2578 build 20231110 and later
QuTS hero h5.1.3.2578 build 20231110 and later
QuTScloud c5.1.5.2651 and later
|
|||||
| CVE-2024-21645 | 1 Pyload | 1 Pyload | 2024-11-21 | N/A | 5.3 MEDIUM |
|
pyLoad is the free and open-source Download Manager written in pure Python. A log injection vulnerability was identified in `pyload` allowing any unauthenticated actor to inject arbitrary messages into the logs gathered by `pyload`. Forged or otherwise, corrupted log files can be used to cover an attacker’s tracks or even to implicate another party in the commission of a malicious act. This vulnerability has been patched in version 0.5.0b3.dev77.
|
|||||
| CVE-2024-21623 | 1 Mehah | 1 Otclient | 2024-11-21 | N/A | 9.8 CRITICAL |
|
OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "`Analysis - SonarCloud`" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and alter the repository using this workflow. Commit db560de0b56476c87a2f967466407939196dd254 contains a fix for this issue.
|
|||||
| CVE-2024-0552 | 1 Intumit | 2 Smartrobot, Smartrobot Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Intumit inc. SmartRobot's web framwork has a remote code execution vulnerability. An unauthorized remote attacker can exploit this vulnerability to execute arbitrary commands on the remote server.
|
|||||
| CVE-2024-0231 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A | 2.7 LOW |
|
A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows an attacker to craft a repository import in such a way as to misdirect commits.
|
|||||
| CVE-2023-7114 | 1 Mattermost | 1 Mattermost | 2024-11-21 | N/A | 7.1 HIGH |
|
Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.
|
|||||
| CVE-2023-7039 | 1 Byzoro | 2 Smart S210, Smart S210 Firmware | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A vulnerability classified as critical has been found in Byzoro S210 up to 20231210. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248688.
|
|||||
| CVE-2023-6458 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | N/A | 7.1 HIGH |
|
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.
|
|||||
| CVE-2023-6174 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A | 6.3 MEDIUM |
|
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file
|
|||||
| CVE-2023-5340 | 1 Fivestarplugins | 1 Five Star Restaurant Menu | 2024-11-21 | N/A | 9.8 CRITICAL |
|
The Five Star Restaurant Menu and Food Ordering WordPress plugin before 2.4.11 unserializes user input via an AJAX action available to unauthenticated users, allowing them to perform PHP Object Injection when a suitable gadget is present on the blog.
|
|||||
| CVE-2023-52081 | 1 Ewen-lbh | 1 Firefox Css | 2024-11-21 | N/A | 5.3 MEDIUM |
|
ffcss is a CLI interface to apply and configure Firefox CSS themes. Prior to 0.2.0, the function `lookupPreprocess()` is meant to apply some transformations to a string by disabling characters in the regex `[-_ .]`. However, due to the use of late Unicode normalization of type NFKD, it is possible to bypass that validation and re-introduce all the characters in the regex `[-_ .]`. The `lookupPreprocess()` can be easily bypassed with equivalent Unicode characters like U+FE4D (﹍), which would resu ...
Show More |
|||||
| CVE-2023-51664 | 1 Tj-actions | 1 Changed-files | 2024-11-21 | N/A | 7.3 HIGH |
|
tj-actions/changed-files is a Github action to retrieve all files and directories. Prior to 41.0.0, the `tj-actions/changed-files` workflow allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. This issue may lead to arbitrary command execution in the GitHub Runner. This vulnerability has been addressed in version 41.0.0. Users are advised to upgrade.
|
|||||
| CVE-2023-51446 | 1 Glpi-project | 1 Glpi | 2024-11-21 | N/A | 5.9 MEDIUM |
|
GLPI is a Free Asset and IT Management Software package. When authentication is made against a LDAP, the authentication form can be used to perform LDAP injection. Upgrade to 10.0.12.
|
|||||
| CVE-2023-4843 | 1 Pega | 1 Pega Platform | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however this field can only be modified by an authenticated administrative user.
|
|||||
| CVE-2023-4767 | 1 Zohocorp | 1 Manageengine Desktop Central | 2024-11-21 | N/A | 6.1 MEDIUM |
|
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in /STATE_ID/1613157927228/InvSWMetering.csv.
|
|||||
| CVE-2023-4478 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts.
|
|||||
| CVE-2023-4450 | 1 Jeecg | 1 Jimureport | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Template Handler. The manipulation leads to injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.1 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-237571.
|
|||||
| CVE-2023-4393 | 1 Liquidfiles | 1 Liquidfiles | 2024-11-21 | N/A | 5.4 MEDIUM |
|
HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow an attacker to perform more advanced phishing attacks against an organization.
|
|||||
| CVE-2023-4212 | 1 Trane | 8 Pivot, Pivot Firmware, Xl1050 and 5 more | 2024-11-21 | N/A | 6.8 MEDIUM |
|
A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick.
|
|||||
| CVE-2023-4197 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | N/A | 7.5 HIGH |
|
Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker to inject and evaluate arbitrary PHP code.
|
|||||
| CVE-2023-4157 | 1 Omeka | 1 Omeka S | 2024-11-21 | N/A | 5.2 MEDIUM |
|
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.
|
|||||
| CVE-2023-49964 | 1 Hyland | 1 Alfresco Content Services | 2024-11-21 | N/A | 8.8 HIGH |
|
An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and achieve RCE (Remote Code Execution). NOTE: this issue exists because of an incomplete fix for CVE-2020-12873.
|
|||||
| CVE-2023-49328 | 2 Linux, Wolterskluwer | 2 Linux Kernel, B.point | 2024-11-21 | N/A | 7.2 HIGH |
|
On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module.
|
|||||
| CVE-2023-49214 | 1 Usedesk | 1 Usedesk | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Usedesk before 1.7.57 allows chat template injection.
|
|||||
| CVE-2023-48841 | 1 Phpjabbers | 1 Appointment Scheduler | 2024-11-21 | N/A | 8.8 HIGH |
|
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
|
|||||
| CVE-2023-48835 | 1 Phpjabbers | 1 Car Rental Script | 2024-11-21 | N/A | 8.8 HIGH |
|
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
|
|||||
| CVE-2023-48830 | 1 Phpjabbers | 1 Shuttle Booking Software | 2024-11-21 | N/A | 8.8 HIGH |
|
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export.
|
|||||
| CVE-2023-48826 | 1 Phpjabbers | 1 Time Slots Booking Calendar | 2024-11-21 | N/A | 8.8 HIGH |
|
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List.
|
|||||
| CVE-2023-48205 | 1 Jorani | 1 Leave Management System | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Jorani Leave Management System 1.0.2 allows a remote attacker to spoof a Host header associated with password reset emails.
|
|||||
| CVE-2023-47119 | 1 Discourse | 1 Discourse | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.
|
|||||
| CVE-2023-46726 | 1 Glpi-project | 1 Glpi | 2024-11-21 | N/A | 7.2 HIGH |
|
GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.11, on PHP 7.4 only, the LDAP server configuration form can be used to execute arbitrary code previously uploaded as a GLPI document. Version 10.0.11 contains a patch for the issue.
|
|||||
| CVE-2023-46468 | 1 Juzaweb | 1 Juzaweb Cms | 2024-11-21 | N/A | 7.8 HIGH |
|
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function.
|
|||||
| CVE-2023-46456 | 1 Gl-inet | 2 Gl-ar300m, Gl-ar300m Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality.
|
|||||
| CVE-2023-45540 | 1 Jorani | 1 Leave Management System | 2024-11-21 | N/A | 6.5 MEDIUM |
|
An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page.
|
|||||
| CVE-2023-45303 | 1 Thingsboard | 1 Thingsboard | 2024-11-21 | N/A | 8.4 HIGH |
|
ThingsBoard before 3.5 allows Server-Side Template Injection if users are allowed to modify an email template, because Apache FreeMarker supports freemarker.template.utility.Execute (for content sent to the /api/admin/settings endpoint).
|
|||||
| CVE-2023-44373 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2024-11-21 | N/A | 9.1 CRITICAL |
|
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1BA ...
Show More |
|||||
| CVE-2023-44109 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 7.5 HIGH |
|
Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2023-43835 | 1 Superstorefinder | 1 Super Store Finder | 2024-11-21 | N/A | 8.8 HIGH |
|
Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php content.
|
|||||
| CVE-2023-43661 | 1 All-three | 1 Cachet | 2024-11-21 | N/A | 8.8 HIGH |
|
Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Commit 6fb043e109d2a262ce3974e863c54e9e5f5e0587 of the 2.4 branch contains a patch for this issue.
|
|||||
| CVE-2023-43656 | 1 Matrix | 1 Hookshot | 2024-11-21 | N/A | 5.6 MEDIUM |
|
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions (those that have `generic.allowJsTransformationFunctions` in their config), may be vulnerable to an attack where it is possible to break out of the `vm2` sandbox and as a result Hookshot will be vulnerable to this. This problem is only likely to affect users who have allowed untrusted users to apply their own transformation functions. If yo ...
Show More |
|||||