VYPR

CVEs

100,075 total · page 693 of 2,002

  • CVE-2023-35841HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0.

  • CVE-2024-4791HigMay 14, 2024
    risk 0.49cvss 7.5epss 0.01

    A vulnerability classified as critical was found in Contemporary Control System BASrouter BACnet BASRT-B 2.7.2. This vulnerability affects unknown code of the component Application Protocol Data Unit. The manipulation leads to denial of service. The attack can be initiated…

  • CVE-2024-4747HigMay 14, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Propovoice Propovoice CRM allows Stored XSS.This issue affects Propovoice CRM: from n/a through 1.7.6.2.

  • CVE-2024-4712HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is…

  • CVE-2024-4605HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    The Breakdance plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.7.1 via post meta data. This is due to the plugin storing custom data in metadata without an underscore prefix. This makes it possible for lower privileged users,…

  • CVE-2024-4545HigMay 14, 2024
    risk 0.50cvss 7.7epss 0.01

    All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 prior to 15.7.0 and from 16.0 prior to 16.3.0 may allow users using edbldr to bypass role permissions from pg_read_server_files. This could allow low privilege users to read files to which they would not…

  • CVE-2024-4441HigMay 14, 2024
    risk 0.53cvss 8.1epss 0.01

    The XML Sitemap & Google News plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.4.8 via the 'feed' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the…

  • CVE-2024-4423HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.01

    The access control in CemiPark software does not properly validate user-entered data, which allows the authentication bypass. An attacker who has network access to the login panel can log in with administrator rights to the application.This issue affects CemiPark software: 4.5,…

  • CVE-2024-4397HigMay 14, 2024
    risk 0.50cvss 8.8epss 0.01

    The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_post_materials' function in versions up to, and including, 4.2.6.5. This makes it possible for authenticated attackers, with…

  • CVE-2024-4129HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.00

    Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows a networked attacker to perform an Authentication Bypass if Active Directory Authentication is enabled.This issue affects Snow License Manager: from 9.33.2 through 9.34.0.

  • CVE-2024-4068HigMay 14, 2024
    risk 0.42cvss 7.5epss 0.01

    The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program…

  • CVE-2024-4044HigMay 14, 2024
    risk 0.52cvss 7.8epss 0.15

    A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability…

  • CVE-2024-3954HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    The Ditty plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.1.38 via deserialization of untrusted input when adding a new ditty. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object.…

  • CVE-2024-3940HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.00

    The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

  • CVE-2024-3903HigMay 14, 2024
    risk 0.46cvss 7.1epss 0.00

    The Add Custom CSS and JS WordPress plugin through 1.20 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in as author and above add Stored XSS payloads via a CSRF attack

  • CVE-2024-3828HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration forms and set the default role to administrator This makes it possible for…

  • CVE-2024-3809HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.9 via the 'slideshow_type' post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include…

  • CVE-2024-3808HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the 'porto_portfolios' shortcode 'portfolio_layout' attribute. This makes it possible for authenticated attackers, with contributor-level…

  • CVE-2024-3807HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.02

    The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via 'porto_page_header_shortcode_type', 'slideshow_type' and 'post_layout' post meta. This makes it possible for authenticated attackers, with contributor-level and…

  • CVE-2024-3727HigMay 14, 2024
    risk 0.47cvss 8.3epss 0.01

    A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.

  • CVE-2024-3460HigMay 14, 2024
    risk 0.48cvss 7.4epss 0.00

    In KioWare for Windows (versions all through 8.34) it is possible to exit this software and use other already opened applications utilizing a short time window before the forced automatic logout occurs. Then, by using some built-in function of these applications, one may…

  • CVE-2024-3459HigMay 14, 2024
    risk 0.55cvss 8.4epss 0.00

    KioWare for Windows (versions all through 8.34) allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of that viewer it is possible to launch a web browser, search through local files…

  • CVE-2024-3055HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.102 due to insufficient escaping on the user supplied parameter and lack of…

  • CVE-2024-3037HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of…

  • CVE-2024-35205HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.01

    The WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a…

  • CVE-2024-35204HigMay 14, 2024
    risk 0.55cvss 8.4epss 0.00

    Veritas System Recovery before 23.3_Hotfix has incorrect permissions for the Veritas System Recovery folder, and thus low-privileged users can conduct attacks.

  • CVE-2024-35050HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    An issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID of a user that was deleted by an Admin.

  • CVE-2024-34974HigMay 14, 2024
    risk 0.53cvss 8.2epss 0.01

    Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter.

  • CVE-2024-34944HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.00

    Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.

  • CVE-2024-34942HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand.

  • CVE-2024-34921HigMay 14, 2024
    risk 0.58cvss 8.8epss 0.09

    TOTOLINK X5000R v9.1.0cu.2350_B20230313 was discovered to contain a command injection via the disconnectVPN function.

  • CVE-2024-34818HigMay 14, 2024
    risk 0.39cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress.This issue affects WebinarPress: from n/a through 1.33.17.

  • CVE-2024-34707HigMay 14, 2024
    risk 0.42cvss 7.5epss 0.01

    Nautobot is a Network Source of Truth and Network Automation Platform. A Nautobot user with admin privileges can modify the `BANNER_TOP`, `BANNER_BOTTOM`, and `BANNER_LOGIN` configuration settings via the `/admin/constance/config/` endpoint. Normally these settings are used to…

  • CVE-2024-34697HigMay 14, 2024
    risk 0.00cvss 7.6epss 0.01

    FreeScout is a free, self-hosted help desk and shared mailbox. A stored HTML Injection vulnerability has been identified in the Email Receival Module of the Freescout Application. The vulnerability allows attackers to inject malicious HTML content into emails sent to the…

  • CVE-2024-34559HigMay 14, 2024
    risk 0.49cvss 7.5epss 0.01

    Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0.

  • CVE-2024-34459HigMay 14, 2024
    risk 0.42cvss 7.5epss 0.02

    An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.

  • CVE-2024-34431HigMay 14, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-etracker WP etracker allows Reflected XSS.This issue affects WP etracker: from n/a through 1.0.2.

  • CVE-2024-34360HigMay 14, 2024
    risk 0.46cvss 8.2epss 0.01

    go-spacemesh is a Go implementation of the Spacemesh protocol full node. Nodes can publish activations transactions (ATXs) which reference the incorrect previous ATX of the Smesher that created the ATX. ATXs are expected to form a single chain from the newest to the first ATX…

  • CVE-2024-34351HigMay 14, 2024
    risk 0.42cvss 7.5epss 0.05

    Next.js is a React framework that can provide building blocks to create web applications. A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able…

  • CVE-2024-34350HigMay 14, 2024
    risk 0.42cvss 7.5epss 0.01

    Next.js is a React framework that can provide building blocks to create web applications. Prior to 13.5.1, an inconsistent interpretation of a crafted HTTP request meant that requests are treated as both a single request, and two separate requests by Next.js, leading to…

  • CVE-2024-34345HigMay 14, 2024
    risk 0.46cvss 8.1epss 0.01

    The CycloneDX JavaScript library contains the core functionality of OWASP CycloneDX for JavaScript. In 6.7.0, XML External entity injections were possible, when running the provided XML Validator on arbitrary input. This issue was fixed in version 6.7.1.

  • CVE-2024-34338HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.03

    Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to…

  • CVE-2024-34310HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    Jin Fang Times Content Management System v3.2.3 was discovered to contain a SQL injection vulnerability via the id parameter.

  • CVE-2024-34308HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the function urldecode.

  • CVE-2024-34231HigMay 14, 2024
    risk 0.46cvss 7.1epss 0.00

    A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name parameter.

  • CVE-2024-34224HigMay 14, 2024
    risk 0.48cvss 7.3epss 0.01

    Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters.

  • CVE-2024-34221HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation.

  • CVE-2024-34220HigMay 14, 2024
    risk 0.49cvss 7.5epss 0.01

    Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter.

  • CVE-2024-34219HigMay 14, 2024
    risk 0.58cvss 8.6epss 0.21

    TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet.

  • CVE-2024-34217HigMay 14, 2024
    risk 0.50cvss 7.7epss 0.01

    TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function.