| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-41465 | Hig | 0.49 | 7.5 | 0.01 | Jul 24, 2024 | Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/setcfm. | ||
| CVE-2024-41464 | Hig | 0.49 | 7.5 | 0.01 | Jul 24, 2024 | Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic | ||
| CVE-2024-41463 | Hig | 0.49 | 7.5 | 0.01 | Jul 24, 2024 | Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/addressNat. | ||
| CVE-2024-41462 | Hig | 0.49 | 7.5 | 0.01 | Jul 24, 2024 | Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient. | ||
| CVE-2024-41550 | Hig | 0.47 | 7.2 | 0.00 | Jul 24, 2024 | CampCodes Supplier Management System v1.0 is vulnerable to SQL injection via Supply_Management_System/admin/view_invoice_items.php?id= . | ||
| CVE-2024-41135 | Hig | 0.47 | 7.2 | 0.01 | Jul 24, 2024 | A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute… | ||
| CVE-2024-41134 | Hig | 0.47 | 7.2 | 0.01 | Jul 24, 2024 | A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute… | ||
| CVE-2024-41133 | Hig | 0.47 | 7.2 | 0.01 | Jul 24, 2024 | A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute… | ||
| CVE-2024-36534 | Hig | 0.55 | 8.4 | 0.00 | Jul 24, 2024 | Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. | ||
| CVE-2024-33519 | Hig | 0.47 | 7.2 | 0.01 | Jul 24, 2024 | A vulnerability in the web-based management interface of HPE Aruba Networking EdgeConnect SD-WAN gateway could allow an authenticated remote attacker to conduct a server-side prototype pollution attack. Successful exploitation of this vulnerability could allow an attacker to… | ||
| CVE-2024-40495 | Hig | 0.52 | 8.0 | 0.01 | Jul 24, 2024 | A vulnerability was discovered in Linksys Router E2500 with firmware 2.0.00, allows authenticated attackers to execute arbitrary code via the hnd_parentalctrl_unblock function. | ||
| CVE-2024-36538 | Hig | 0.57 | 8.8 | 0.01 | Jul 24, 2024 | Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. | ||
| CVE-2024-36537 | Hig | 0.47 | 7.2 | 0.00 | Jul 24, 2024 | Insecure permissions in cert-manager v1.14.4 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. | ||
| CVE-2024-41672 | Hig | 0.42 | 7.5 | 0.01 | Jul 24, 2024 | DuckDB is a SQL database management system. In versions 1.0.0 and prior, content in filesystem is accessible for reading using `sniff_csv`, even with `enable_external_access=false`. This vulnerability provides an attacker with access to filesystem even when access is expected to… | ||
| CVE-2024-41667 | Hig | 0.50 | 8.8 | 0.04 | Jul 24, 2024 | OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginUrlTemplate` method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL… | ||
| CVE-2024-41662 | Hig | 0.00 | 8.6 | 0.02 | Jul 24, 2024 | VNote is a note-taking platform. A Cross-Site Scripting (XSS) vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary… | ||
| CVE-2024-36541 | Hig | 0.57 | 8.8 | 0.00 | Jul 24, 2024 | Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. | ||
| CVE-2024-31970 | Hig | 0.57 | 8.8 | 0.01 | Jul 24, 2024 | AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1) have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination… | ||
| CVE-2024-41914 | Hig | 0.53 | 8.1 | 0.01 | Jul 24, 2024 | A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to… | ||
| CVE-2024-39345 | Hig | 0.47 | 7.2 | 0.01 | Jul 24, 2024 | AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only… | ||
| CVE-2024-31977 | Hig | 0.57 | 8.8 | 0.02 | Jul 24, 2024 | Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility. | ||
| CVE-2024-22443 | Hig | 0.47 | 7.2 | 0.01 | Jul 24, 2024 | A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a server-side prototype pollution attack. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary… | ||
| CVE-2024-6096 | Hig | 0.57 | 8.8 | 0.01 | Jul 24, 2024 | In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability. | ||
| CVE-2024-7066 | Hig | 0.48 | 7.3 | 0.03 | Jul 24, 2024 | A vulnerability was found in F-logic DataCube3 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/config_time_sync.php of the component HTTP POST Request Handler. The manipulation of the argument ntp_server leads… | ||
| CVE-2024-6197 | Hig | 0.49 | 7.5 | 0.04 | Jul 24, 2024 | libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes `free()` on a 4 byte localstack buffer. Most modern malloc implementations detect this… | ||
| CVE-2024-39676 | — | Hig | 0.42 | 7.5 | 0.01 | Jul 24, 2024 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Pinot. This issue affects Apache Pinot: from 0.1 before 1.0.0. Users are recommended to upgrade to version 1.0.0 and configure RBAC, which fixes the issue. Details: When using a request to… | |
| CVE-2023-48362 | — | Hig | 0.50 | 8.8 | 0.01 | Jul 24, 2024 | XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file. Users are recommended to upgrade to version 1.21.2, which fixes this issue. | |
| CVE-2024-7027 | Hig | 0.47 | 7.3 | 0.00 | Jul 24, 2024 | The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.9.3. This is due to insufficient verification on the user being supplied during a QR code login through the plugin. This makes it possible for… | ||
| CVE-2024-6756 | Hig | 0.57 | 8.8 | 0.01 | Jul 24, 2024 | The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpw_auto_poster_get_image_path' function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with… | ||
| CVE-2024-6753 | Hig | 0.47 | 7.2 | 0.01 | Jul 24, 2024 | The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mapTypes’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output… | ||
| CVE-2024-6750 | Hig | 0.47 | 7.3 | 0.00 | Jul 24, 2024 | The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to add,… | ||
| CVE-2024-41656 | Hig | 0.39 | 7.1 | 0.00 | Jul 23, 2024 | Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 24.7.1, an unsanitized payload sent by an Integration platform integration allows storing arbitrary HTML tags on the Sentry side with the subsequent rendering them on… | ||
| CVE-2024-38176 | Hig | 0.53 | 8.1 | 0.01 | Jul 23, 2024 | An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network. | ||
| CVE-2024-0981 | Hig | 0.46 | 7.1 | 0.00 | Jul 23, 2024 | Okta Browser Plugin versions 6.5.0 through 6.31.0 (Chrome/Edge/Firefox/Safari) are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields,… | ||
| CVE-2024-41668 | Hig | 0.47 | 8.3 | 0.01 | Jul 23, 2024 | The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery (SSRF)… | ||
| CVE-2020-11640 | Hig | 0.57 | 8.8 | 0.00 | Jul 23, 2024 | AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables. … | ||
| CVE-2020-11639 | Hig | 0.51 | 7.8 | 0.00 | Jul 23, 2024 | An attacker could exploit the vulnerability by injecting garbage data or specially crafted data. Depending on the data injected each process might be affected differently. The process could crash or cause communication issues on the affected node, effectively causing a… | ||
| CVE-2024-41178 | Hig | 0.42 | 7.5 | 0.01 | Jul 23, 2024 | Exposure of temporary credentials in logs in Apache Arrow Rust Object Store (`object_store` crate), version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity… | ||
| CVE-2024-6714 | Hig | 0.00 | 8.8 | 0.00 | Jul 23, 2024 | An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege. | ||
| CVE-2024-4076 | Hig | 0.49 | 7.5 | 0.02 | Jul 23, 2024 | Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through… | ||
| CVE-2024-41655 | Hig | 0.42 | 7.5 | 0.01 | Jul 23, 2024 | TF2 Item Format helps users format TF2 items to the community standards. Versions of `tf2-item-format` since at least `4.2.6` and prior to `5.9.14` are vulnerable to a Regular Expression Denial of Service (ReDoS) attack when parsing crafted user input. This vulnerability can be… | ||
| CVE-2024-40060 | Hig | 0.49 | 7.5 | 0.01 | Jul 23, 2024 | go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas() function. | ||
| CVE-2024-1975 | Hig | 0.49 | 7.5 | 0.02 | Jul 23, 2024 | If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions… | ||
| CVE-2024-1737 | Hig | 0.49 | 7.5 | 0.02 | Jul 23, 2024 | Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9… | ||
| CVE-2024-0760 | Hig | 0.49 | 7.5 | 0.05 | Jul 23, 2024 | A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through… | ||
| CVE-2024-5602 | Hig | 0.51 | 7.8 | 0.00 | Jul 23, 2024 | A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted nitrace file. The NI I/O Trace tool is installed… | ||
| CVE-2024-4081 | Hig | 0.51 | 7.8 | 0.00 | Jul 23, 2024 | A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects NI LabVIEW 2024 Q1 and… | ||
| CVE-2024-4080 | Hig | 0.51 | 7.8 | 0.00 | Jul 23, 2024 | A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024… | ||
| CVE-2024-4079 | Hig | 0.51 | 7.8 | 0.00 | Jul 23, 2024 | An out of bounds read due to a missing bounds check in LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior… | ||
| CVE-2024-7014 | Hig | 0.53 | 8.1 | 0.01 | Jul 23, 2024 | EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android application affecting versions 10.14.4 and older. |
- risk 0.49cvss 7.5epss 0.01
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/setcfm.
- risk 0.49cvss 7.5epss 0.01
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic
- risk 0.49cvss 7.5epss 0.01
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/addressNat.
- risk 0.49cvss 7.5epss 0.01
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.
- risk 0.47cvss 7.2epss 0.00
CampCodes Supplier Management System v1.0 is vulnerable to SQL injection via Supply_Management_System/admin/view_invoice_items.php?id= .
- risk 0.47cvss 7.2epss 0.01
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute…
- risk 0.47cvss 7.2epss 0.01
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute…
- risk 0.47cvss 7.2epss 0.01
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute…
- risk 0.55cvss 8.4epss 0.00
Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
- risk 0.47cvss 7.2epss 0.01
A vulnerability in the web-based management interface of HPE Aruba Networking EdgeConnect SD-WAN gateway could allow an authenticated remote attacker to conduct a server-side prototype pollution attack. Successful exploitation of this vulnerability could allow an attacker to…
- risk 0.52cvss 8.0epss 0.01
A vulnerability was discovered in Linksys Router E2500 with firmware 2.0.00, allows authenticated attackers to execute arbitrary code via the hnd_parentalctrl_unblock function.
- risk 0.57cvss 8.8epss 0.01
Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
- risk 0.47cvss 7.2epss 0.00
Insecure permissions in cert-manager v1.14.4 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
- risk 0.42cvss 7.5epss 0.01
DuckDB is a SQL database management system. In versions 1.0.0 and prior, content in filesystem is accessible for reading using `sniff_csv`, even with `enable_external_access=false`. This vulnerability provides an attacker with access to filesystem even when access is expected to…
- risk 0.50cvss 8.8epss 0.04
OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginUrlTemplate` method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL…
- risk 0.00cvss 8.6epss 0.02
VNote is a note-taking platform. A Cross-Site Scripting (XSS) vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary…
- risk 0.57cvss 8.8epss 0.00
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
- risk 0.57cvss 8.8epss 0.01
AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1) have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination…
- risk 0.53cvss 8.1epss 0.01
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to…
- risk 0.47cvss 7.2epss 0.01
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only…
- risk 0.57cvss 8.8epss 0.02
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility.
- risk 0.47cvss 7.2epss 0.01
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a server-side prototype pollution attack. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary…
- risk 0.57cvss 8.8epss 0.01
In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability.
- risk 0.48cvss 7.3epss 0.03
A vulnerability was found in F-logic DataCube3 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/config_time_sync.php of the component HTTP POST Request Handler. The manipulation of the argument ntp_server leads…
- risk 0.49cvss 7.5epss 0.04
libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes `free()` on a 4 byte localstack buffer. Most modern malloc implementations detect this…
- risk 0.42cvss 7.5epss 0.01
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Pinot. This issue affects Apache Pinot: from 0.1 before 1.0.0. Users are recommended to upgrade to version 1.0.0 and configure RBAC, which fixes the issue. Details: When using a request to…
- risk 0.50cvss 8.8epss 0.01
XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file. Users are recommended to upgrade to version 1.21.2, which fixes this issue.
- risk 0.47cvss 7.3epss 0.00
The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.9.3. This is due to insufficient verification on the user being supplied during a QR code login through the plugin. This makes it possible for…
- risk 0.57cvss 8.8epss 0.01
The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpw_auto_poster_get_image_path' function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with…
- risk 0.47cvss 7.2epss 0.01
The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mapTypes’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output…
- risk 0.47cvss 7.3epss 0.00
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to add,…
- risk 0.39cvss 7.1epss 0.00
Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 24.7.1, an unsanitized payload sent by an Integration platform integration allows storing arbitrary HTML tags on the Sentry side with the subsequent rendering them on…
- risk 0.53cvss 8.1epss 0.01
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.
- risk 0.46cvss 7.1epss 0.00
Okta Browser Plugin versions 6.5.0 through 6.31.0 (Chrome/Edge/Firefox/Safari) are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields,…
- risk 0.47cvss 8.3epss 0.01
The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery (SSRF)…
- risk 0.57cvss 8.8epss 0.00
AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables. …
- risk 0.51cvss 7.8epss 0.00
An attacker could exploit the vulnerability by injecting garbage data or specially crafted data. Depending on the data injected each process might be affected differently. The process could crash or cause communication issues on the affected node, effectively causing a…
- risk 0.42cvss 7.5epss 0.01
Exposure of temporary credentials in logs in Apache Arrow Rust Object Store (`object_store` crate), version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity…
- risk 0.00cvss 8.8epss 0.00
An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege.
- risk 0.49cvss 7.5epss 0.02
Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through…
- risk 0.42cvss 7.5epss 0.01
TF2 Item Format helps users format TF2 items to the community standards. Versions of `tf2-item-format` since at least `4.2.6` and prior to `5.9.14` are vulnerable to a Regular Expression Denial of Service (ReDoS) attack when parsing crafted user input. This vulnerability can be…
- risk 0.49cvss 7.5epss 0.01
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas() function.
- risk 0.49cvss 7.5epss 0.02
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions…
- risk 0.49cvss 7.5epss 0.02
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9…
- risk 0.49cvss 7.5epss 0.05
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through…
- risk 0.51cvss 7.8epss 0.00
A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted nitrace file. The NI I/O Trace tool is installed…
- risk 0.51cvss 7.8epss 0.00
A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects NI LabVIEW 2024 Q1 and…
- risk 0.51cvss 7.8epss 0.00
A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024…
- risk 0.51cvss 7.8epss 0.00
An out of bounds read due to a missing bounds check in LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior…
- risk 0.53cvss 8.1epss 0.01
EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android application affecting versions 10.14.4 and older.