Total
2626 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45170 | 2024-11-21 | N/A | 8.1 HIGH | ||
| An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or missing access control, low privileged users can use administrative functions of the C-MOR web interface. It was found out that different functions are only available to administrative users. However, access those functions is restricted via the web application user interface and not checked on the server side. Thus, by sending corresponding HTTP requests to the web server of the C-MOR web interface, low privileged users can also use administrative functionality, for instance downloading backup files or changing configuration settings. | |||||
| CVE-2024-41806 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| The Open edX Platform is a learning management platform. Instructors can upload csv files containing learner information to create cohorts in the instructor dashboard. These files are uploaded using the django default storage. With certain storage backends, uploads may become publicly available when the uploader uses versions master, palm, olive, nutmeg, maple, lilac, koa, or juniper. The patch in commit cb729a3ced0404736dfa0ae768526c82b608657b ensures that cohorts data uploaded to AWS S3 buckets is written with a private ACL. Beyond patching, deployers should also ensure that existing cohorts uploads have a private ACL, or that other precautions are taken to avoid public access. | |||||
| CVE-2024-41703 | 1 Librechat | 1 Librechat | 2024-11-21 | N/A | 9.8 CRITICAL |
| LibreChat through 0.7.4-rc1 has incorrect access control for message updates. | |||||
| CVE-2024-40117 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server. Not existing for SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300, 1200, 2000, SL 50 Gateway / fixed in 5.1.2 / 6.0.0 for SL Base. | |||||
| CVE-2024-3765 | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL | ||
| A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3504 | 1 Lunary | 1 Lunary | 2024-11-21 | N/A | 6.5 MEDIUM |
| An improper access control vulnerability exists in lunary-ai/lunary versions up to and including 1.2.2, where an admin can update any organization user to the organization owner. This vulnerability allows the elevated user to delete projects within the organization. The issue is resolved in version 1.2.7. | |||||
| CVE-2024-3404 | 1 Gaizhenbiao | 1 Chuanhuchatgpt | 2024-11-21 | N/A | 6.5 MEDIUM |
| In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a vulnerability due to improper access control mechanisms. This flaw allows an authenticated attacker to bypass intended access restrictions and read the `history` files of other users, potentially leading to unauthorized access to sensitive information. The vulnerability is present in the application's handling of access control for the `history` path, where no adequate mechanism is in place to prevent an authenticated user from accessing another user's chat history files. This issue poses a significant risk as it could allow attackers to obtain sensitive information from the chat history of other users. | |||||
| CVE-2024-39943 | 1 Rejetto | 1 Http File Server | 2024-11-21 | N/A | 9.9 CRITICAL |
| rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js). | |||||
| CVE-2024-39934 | 2024-11-21 | N/A | 7.8 HIGH | ||
| Robotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated Python environment setup is enabled, because the "shared holotree usage" feature allows any user to edit any Python environment. | |||||
| CVE-2024-39701 | 2024-11-21 | N/A | 6.3 MEDIUM | ||
| Directus is a real-time API and App dashboard for managing SQL database content. Directus >=9.23.0, <=v10.5.3 improperly handles _in, _nin operators. It evaluates empty arrays as valid so expressions like {"role": {"_in": $CURRENT_USER.some_field}} would evaluate to true allowing the request to pass. This results in Broken Access Control because the rule fails to do what it was intended to do: Pass rule if **field** matches any of the **values**. This vulnerability is fixed in 10.6.0. | |||||
| CVE-2024-39697 | 2024-11-21 | N/A | 8.6 HIGH | ||
| phonenumber is a library for parsing, formatting and validating international phone numbers. Since 0.3.4, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment of rust-phonenumber, this may get triggered by feeding a maliciously crafted phonenumber, e.g. over the network, specifically strings of the form `+dwPAA;phone-context=AA`, where the "number" part potentially parses as a number larger than 2^56. This vulnerability is fixed in 0.3.6. | |||||
| CVE-2024-39376 | 1 Markoni | 4 Markoni-d \(compact\), Markoni-d \(compact\) Firmware, Markoni-dh \(exciter\+amplifiers\) and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive information or performing actions beyond their designated permissions. | |||||
| CVE-2024-39361 | 1 Mattermost | 1 Mattermost | 2024-11-21 | N/A | 3.1 LOW |
| Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5 fail to prevent users from specifying a RemoteId for their posts which allows an attacker to specify both a remoteId and the post ID, resulting in creating a post with a user-defined post ID. This can cause some broken functionality in the channel or thread with user-defined posts | |||||
| CVE-2024-38518 | 2024-11-21 | N/A | 4.6 MEDIUM | ||
| BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an attacker to join a meeting as moderator using a join link that was originally created for viewer access. This vulnerability has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7. | |||||
| CVE-2024-38371 | 2024-11-21 | N/A | 8.6 HIGH | ||
| authentik is an open-source Identity Provider. Access restrictions assigned to an application were not checked when using the OAuth2 Device code flow. This could potentially allow users without the correct authorization to get OAuth tokens for an application and access it. This issue has been patched in version(s) 2024.6.0, 2024.2.4 and 2024.4.3. | |||||
| CVE-2024-38273 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access. | |||||
| CVE-2024-38164 | 1 Microsoft | 1 Groupme | 2024-11-21 | N/A | 9.6 CRITICAL |
| An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link. | |||||
| CVE-2024-38100 | 1 Microsoft | 4 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows File Explorer Elevation of Privilege Vulnerability | |||||
| CVE-2024-38061 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 7.5 HIGH |
| DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability | |||||
| CVE-2024-37905 | 2024-11-21 | N/A | 8.8 HIGH | ||
| authentik is an open-source Identity Provider that emphasizes flexibility and versatility. Authentik API-Access-Token mechanism can be exploited to gain admin user privileges. A successful exploit of the issue will result in a user gaining full admin access to the Authentik application, including resetting user passwords and more. This issue has been patched in version(s) 2024.2.4, 2024.4.2 and 2024.6.0. | |||||