Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7172 | 2024-07-29 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this vulnerability is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272593 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-5882 | 2024-07-29 | N/A | N/A | ||
| The Ultimate Classified Listings WordPress plugin before 1.3 does not validate the `ucl_page` and `layout` parameters allowing unauthenticated users to access PHP files on the server from the listings page | |||||
| CVE-2024-24257 | 2024-07-29 | N/A | N/A | ||
| An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component. | |||||
| CVE-2024-41374 | 2024-07-29 | N/A | N/A | ||
| ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/settings-screen.php | |||||
| CVE-2024-26520 | 2024-07-29 | N/A | N/A | ||
| An issue in Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform v1 allows an attacker to bypass authentication and perform arbitrary password resets. | |||||
| CVE-2024-6124 | 2024-07-29 | N/A | N/A | ||
| Reflected XSS in M-Files Hubshare before version 5.0.6.0 allows an attacker to execute arbitrary JavaScript code in the context of the victim's browser session | |||||
| CVE-2024-37034 | 2024-07-29 | N/A | N/A | ||
| An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not ensure that credentials are negotiated with the Key-Value (KV) service using SCRAM-SHA when remote link encryption is configured for Half-Secure. | |||||
| CVE-2024-7202 | 2024-07-29 | N/A | 9.8 CRITICAL | ||
| The query functionality of WinMatrix3 Web package from Simopro Technology lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | |||||
| CVE-2024-38512 | 2024-07-29 | N/A | 7.2 HIGH | ||
| A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands. | |||||
| CVE-2024-41628 | 2024-07-29 | N/A | N/A | ||
| Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. | |||||
| CVE-2024-42054 | 2024-07-29 | N/A | N/A | ||
| Cervantes through 0.5-alpha accepts insecure file uploads. | |||||
| CVE-2024-7201 | 2024-07-29 | N/A | 9.8 CRITICAL | ||
| The login functionality of WinMatrix3 Web package from Simopro Technology lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | |||||
| CVE-2024-41091 | 2024-07-29 | N/A | N/A | ||
| In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tun_xdp_one() path, which could cause a corrupted skb to be sent downstack. Even before the skb is transmitted, the tun_xdp_one-->eth_type_trans() may access the Ethernet header although it can be less than ETH_HLEN. Once transmitted, this could either cause out-of-bound access beyond the actual length, or confuse the underlayer with incorrect or inconsistent header length in the skb metadata. In the alternative path, tun_get_user() already prohibits short frame which has the length less than Ethernet header size from being transmitted for IFF_TAP. This is to drop any frame shorter than the Ethernet header size just like how tun_get_user() does. CVE: CVE-2024-41091 | |||||
| CVE-2024-6591 | 2024-07-29 | N/A | 5.8 MEDIUM | ||
| The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized email creation and sending due to a missing capability check on the 'send_auction_email_callback' and 'resend_auction_email_callback' functions in all versions up to, and including, 4.2.6. This makes it possible for unauthenticated attackers to craft emails that include links and send to any email address. | |||||
| CVE-2024-41373 | 2024-07-29 | N/A | N/A | ||
| ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php. | |||||
| CVE-2024-6521 | 2024-07-29 | N/A | 5.5 MEDIUM | ||
| The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2024-38508 | 2024-07-29 | N/A | 7.2 HIGH | ||
| A privilege escalation vulnerability was discovered in the web interface or SSH captive command shell interface of XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via a specially crafted request. | |||||
| CVE-2024-6569 | 2024-07-29 | N/A | 5.3 MEDIUM | ||
| The Campaign Monitor for WordPress plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.8.15. This is due the plugin not properly restricting direct access to /forms/views/admin/create.php and display_errors being enabled. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | |||||
| CVE-2024-41120 | 2024-07-29 | N/A | 9.8 CRITICAL | ||
| streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the `url` variable on line 63 of `pages/9_?_Vector_Data_Visualization.py` takes user input, which is later passed to the `gpd.read_file` method. `gpd.read_file` method creates a request to arbitrary destinations, leading to blind server-side request forgery. Commit c4f81d9616d40c60584e36abb15300853a66e489 fixes this issue. | |||||
| CVE-2024-42055 | 2024-07-29 | N/A | N/A | ||
| Cervantes through 0.5-alpha allows stored XSS. | |||||