Total
29869 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-12919 | 1 Cozmoslabs | 1 Membership \& Content Restriction - Paid Member Subscriptions | 2025-01-22 | N/A | 9.8 CRITICAL |
|
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.13.7. This is due to the pms_pb_payment_redirect_link function using the user-controlled value supplied via the 'pms_payment_id' parameter to authenticate users without any further identity validation. This makes it possible for unauthenticated attackers with knowledge of a valid payment ID to log ...
Show More |
|||||
| CVE-2023-28369 | 1 Brother | 1 Iprint\&scan | 2025-01-22 | N/A | 3.3 LOW |
|
Brother iPrint&Scan V6.11.2 and earlier contains an improper access control vulnerability. This vulnerability may be exploited by the other app installed on the victim user's Android device, which may lead to displaying the settings and/or log information of the affected app as a print preview.
|
|||||
| CVE-2024-23666 | 1 Fortinet | 3 Fortianalyzer, Fortianalyzer Big Data, Fortimanager | 2025-01-21 | N/A | 7.5 HIGH |
|
A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData
at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0.1 through 7.0.6 and 6.4.5 through 6.4.7 and 6.2.5, FortiManager version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14 allows attacker to improper access control via crafted requests.
|
|||||
| CVE-2023-44255 | 1 Fortinet | 3 Fortianalyzer, Fortianalyzer Big Data, Fortimanager | 2025-01-21 | N/A | 4.1 MEDIUM |
|
An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 and FortiAnalyzer-BigData before 7.2.5 may allow a privileged attacker with administrative read permissions to read event logs of another adom via crafted HTTP or HTTPs requests.
|
|||||
| CVE-2022-40633 | 1 Rittal | 2 Cmc Iii, Cmc Iii Firmware | 2025-01-17 | N/A | 4.6 MEDIUM |
|
A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks.
|
|||||
| CVE-2024-33510 | 1 Fortinet | 2 Fortios, Fortiproxy | 2025-01-17 | N/A | 4.3 MEDIUM |
|
An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests.
|
|||||
| CVE-2024-47906 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2025-01-17 | N/A | 7.8 HIGH |
|
Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges.
|
|||||
| CVE-2024-8539 | 4 Apple, Ivanti, Linux and 1 more | 4 Macos, Secure Access Client, Linux Kernel and 1 more | 2025-01-17 | N/A | 7.1 HIGH |
|
Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.
|
|||||
| CVE-2024-9842 | 2 Ivanti, Microsoft | 2 Secure Access Client, Windows | 2025-01-17 | N/A | 7.3 HIGH |
|
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.
|
|||||
| CVE-2024-7571 | 2 Ivanti, Microsoft | 2 Secure Access Client, Windows | 2025-01-17 | N/A | 7.8 HIGH |
|
Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.
|
|||||
| CVE-2024-9844 | 1 Ivanti | 1 Connect Secure | 2025-01-17 | N/A | 7.1 HIGH |
|
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions.
|
|||||
| CVE-2024-3136 | 1 Stylemixthemes | 1 Masterstudy Lms | 2025-01-17 | N/A | 9.8 CRITICAL |
|
The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
|
|||||
| CVE-2023-31814 | 1 Dlink | 2 Dir-300, Dir-300 Firmware | 2025-01-17 | N/A | 9.8 CRITICAL |
|
D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.
|
|||||
| CVE-2023-27384 | 1 Cybozu | 1 Garoon | 2025-01-17 | N/A | 4.3 MEDIUM |
|
Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of MultiReport.
|
|||||
| CVE-2023-27304 | 1 Cybozu | 1 Garoon | 2025-01-17 | N/A | 4.3 MEDIUM |
|
Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
|
|||||
| CVE-2022-36109 | 2 Fedoraproject, Mobyproject | 2 Fedora, Moby | 2025-01-17 | N/A | 5.3 MEDIUM |
|
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. This bug i ...
Show More |
|||||
| CVE-2024-2047 | 1 Wpmet | 1 Elements Kit Elementor Addons | 2025-01-16 | N/A | 8.8 HIGH |
|
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.6 via the render_raw function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” f ...
Show More |
|||||
| CVE-2024-2291 | 1 Progress | 1 Moveit Transfer | 2025-01-16 | N/A | 4.3 MEDIUM |
|
In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered. An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly.
|
|||||
| CVE-2023-52580 | 1 Linux | 1 Linux Kernel | 2025-01-16 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
net/core: Fix ETH_P_1588 flow dissector
When a PTP ethernet raw frame with a size of more than 256 bytes followed
by a 0xff pattern is sent to __skb_flow_dissect, nhoff value calculation
is wrong. For example: hdr->message_length takes the wrong value (0xffff)
and it does not replicate real header length. In this case, 'nhoff' value
was overridden and the PTP header was badly dissected. This leads to a
kernel crash.
net/core: ...
Show More |
|||||
| CVE-2024-34077 | 1 Mantisbt | 1 Mantisbt | 2025-01-16 | N/A | 7.3 HIGH |
|
MantisBT (Mantis Bug Tracker) is an open source issue tracker. Insufficient access control in the registration and password reset process allows an attacker to reset another user's password and takeover their account, if the victim has an incomplete request pending. The exploit is only possible while the verification token is valid, i.e for 5 minutes after the confirmation URL sent by e-mail has been opened, and the user did not complete the process by updating their password. A brute-force atta ...
Show More |
|||||
| CVE-2023-33355 | 1 Thecosy | 1 Icecms | 2025-01-16 | N/A | 7.5 HIGH |
|
IceCMS v1.0.0 has Insecure Permissions. There is unauthorized access to the API, resulting in the disclosure of sensitive information.
|
|||||
| CVE-2024-3499 | 1 Wpmet | 1 Elements Kit Elementor Addons | 2025-01-16 | N/A | 8.8 HIGH |
|
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the generate_navigation_markup function of the Onepage Scroll module. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execu ...
Show More |
|||||
| CVE-2021-46887 | 1 Huawei | 1 Emui | 2025-01-15 | N/A | 9.8 CRITICAL |
|
Lack of length check vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds read.
|
|||||
| CVE-2022-48478 | 1 Huawei | 1 Harmonyos | 2025-01-15 | N/A | 9.8 CRITICAL |
|
The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.
|
|||||
| CVE-2024-22343 | 1 Ibm | 1 Txseries For Multiplatform | 2025-01-14 | N/A | 4.0 MEDIUM |
|
IBM TXSeries for Multiplatforms 8.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 280190.
|
|||||
| CVE-2023-32335 | 1 Ibm | 2 Maximo Application Suite, Maximo Asset Management | 2025-01-14 | N/A | 3.7 LOW |
|
IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255075.
|
|||||
| CVE-2019-9513 | 12 Apache, Apple, Canonical and 9 more | 22 Traffic Server, Mac Os X, Swiftnio and 19 more | 2025-01-14 | 7.8 HIGH | 7.5 HIGH |
|
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
|
|||||
| CVE-2023-23561 | 1 Stormshield | 1 Endpoint Security | 2025-01-14 | N/A | 5.5 MEDIUM |
|
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
|
|||||
| CVE-2024-35975 | 1 Linux | 1 Linux Kernel | 2025-01-14 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
octeontx2-pf: Fix transmit scheduler resource leak
Inorder to support shaping and scheduling, Upon class creation
Netdev driver allocates trasmit schedulers.
The previous patch which added support for Round robin scheduling has
a bug due to which driver is not freeing transmit schedulers post
class deletion.
This patch fixes the same.
|
|||||
| CVE-2024-36959 | 1 Linux | 1 Linux Kernel | 2025-01-14 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
If we fail to allocate propname buffer, we need to drop the reference
count we just took. Because the pinctrl_dt_free_maps() includes the
droping operation, here we call it directly.
|
|||||
| CVE-2022-46144 | 1 Siemens | 12 6gk5622-2gs00-2ac2, 6gk5622-2gs00-2ac2 Firmware, 6gk5626-2gs00-2ac2 and 9 more | 2025-01-14 | N/A | 6.5 MEDIUM |
|
A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V2.3), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V2.3), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V2.3), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V2.3), SCA ...
Show More |
|||||
| CVE-2024-56448 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-13 | N/A | 6.7 MEDIUM |
|
Vulnerability of improper access control in the home screen widget module
Impact: Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2022-39075 | 1 Zte | 34 Axon 40 Ultra, Axon 40 Ultra Firmware, Blade A31 and 31 more | 2025-01-13 | N/A | 7.1 HIGH |
|
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could delete some system files without user permission.
|
|||||
| CVE-2022-39074 | 1 Zte | 34 Axon 40 Ultra, Axon 40 Ultra Firmware, Blade A31 and 31 more | 2025-01-13 | N/A | 3.3 LOW |
|
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.
|
|||||
| CVE-2022-39071 | 1 Zte | 34 Axon 40 Ultra, Axon 40 Ultra Firmware, Blade A31 and 31 more | 2025-01-13 | N/A | 7.1 HIGH |
|
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers without user permission.
|
|||||
| CVE-2023-52527 | 1 Linux | 1 Linux Kernel | 2025-01-13 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
Including the transhdrlen in length is a problem when the packet is
partially filled (e.g. something like send(MSG_MORE) happened previously)
when appending to an IPv4 or IPv6 packet as we don't want to repeat the
transport header or account for it twice. This can happen under some
circumstances, such as splicing into an L2TP socket.
The symptom observed is a ...
Show More |
|||||
| CVE-2021-47325 | 1 Linux | 1 Linux Kernel | 2025-01-13 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation
The reference counting issue happens in several exception handling paths
of arm_smmu_iova_to_phys_hard(). When those error scenarios occur, the
function forgets to decrease the refcount of "smmu" increased by
arm_smmu_rpm_get(), causing a refcount leak.
Fix this issue by jumping to "out" label when those error scenarios
occur.
|
|||||
| CVE-2024-26709 | 1 Linux | 1 Linux Kernel | 2025-01-13 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach
The function spapr_tce_platform_iommu_attach_dev() is missing to call
iommu_group_put() when the domain is already set. This refcount leak
shows up with BUG_ON() during DLPAR remove operation as:
KernelBug: Kernel bug in state 'None': kernel BUG at arch/powerpc/platforms/pseries/iommu.c:100!
Oops: Exception in kernel mode, sig: 5 [#1]
LE PAGE ...
Show More |
|||||
| CVE-2022-48639 | 1 Linux | 1 Linux Kernel | 2025-01-13 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
net: sched: fix possible refcount leak in tc_new_tfilter()
tfilter_put need to be called to put the refount got by tp->ops->get to
avoid possible refcount leak when chain->tmplt_ops != NULL and
chain->tmplt_ops != tp->ops.
|
|||||
| CVE-2023-33741 | 2 Google, Macro-video | 2 Android, V380 Pro | 2025-01-13 | N/A | 7.5 HIGH |
|
Macrovideo v380pro v1.4.97 shares the device id and password when sharing the device.
|
|||||