Total
1793 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-39906 | 2024-11-21 | N/A | 8.3 HIGH | ||
| A command injection vulnerability was found in the IndieAuth functionality of the Ruby on Rails based Haven blog web application. The affected functionality requires authentication, but an attacker can craft a link that they can pass to a logged in administrator of the blog software. This leads to the immediate execution of the provided commands when the link is accessed by the authenticated administrator. This issue may lead to Remote Code Execution (RCE) and has been addressed by commit `c52f07c`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-39320 | 1 Discourse | 1 Discourse | 2024-11-21 | N/A | 6.1 MEDIUM |
| Discourse is an open source discussion platform. Prior to 3.2.5 and 3.3.0.beta5, the vulnerability allows an attacker to inject iframes from any domain, bypassing the intended restrictions enforced by the allowed_iframes setting. This vulnerability is fixed in 3.2.5 and 3.3.0.beta5. | |||||
| CVE-2024-38700 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in realmag777 WPCS allows Code Injection.This issue affects WPCS: from n/a through 1.2.0.3. | |||||
| CVE-2024-38366 | 1 Cocoapods | 1 Trunk.cocoapods.org | 2024-11-21 | N/A | 10.0 CRITICAL |
| trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX. This lookup could be manipulated to also execute a command on the trunk server, effectively giving root access to the server and the infrastructure. This issue was patched server-side with commit 001cc3a430e75a16307f5fd6cdff1363ad2f40f3 in September 2023. This RCE triggered a full user-session reset, as an attacker could have used this method to write to any Podspec in trunk. | |||||
| CVE-2024-37759 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing interface. | |||||
| CVE-2024-37442 | 1 Ays-pro | 1 Photo Gallery | 2024-11-21 | N/A | 3.8 LOW |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Code Injection.This issue affects Photo Gallery by Ays: from n/a before 5.7.1. | |||||
| CVE-2024-37253 | 2024-11-21 | N/A | 2.7 LOW | ||
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in WpDirectoryKit WP Directory Kit allows Code Injection.This issue affects WP Directory Kit: from n/a through 1.3.6. | |||||
| CVE-2024-36522 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| The default configuration of XSLTResourceStream.java is vulnerable to remote code execution via XSLT injection when processing input from an untrusted source without validation. Users are recommended to upgrade to versions 10.1.0, 9.18.0 or 8.16.0, which fix this issue. | |||||
| CVE-2024-36420 | 1 Flowiseai | 1 Flowise | 2024-11-21 | N/A | 7.5 HIGH |
| Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, the `/api/v1/openai-assistants-file` endpoint in `index.ts` is vulnerable to arbitrary file read due to lack of sanitization of the `fileName` body parameter. No known patches for this issue are available. | |||||
| CVE-2024-35777 | 2024-11-21 | N/A | 3.5 LOW | ||
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Automattic WooCommerce allows Content Spoofing.This issue affects WooCommerce: from n/a through 8.9.2. | |||||
| CVE-2024-35728 | 1 Themeisle | 1 Product Addons \& Fields For Woocommerce | 2024-11-21 | N/A | 5.3 MEDIUM |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Themeisle PPOM for WooCommerce allows Code Inclusion.This issue affects PPOM for WooCommerce: from n/a through 32.0.20. | |||||
| CVE-2024-35680 | 1 Yithemes | 1 Yith Woocommerce Product Add-ons | 2024-11-21 | N/A | 5.3 MEDIUM |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Code Injection.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.9.2. | |||||
| CVE-2024-34919 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file. | |||||
| CVE-2024-34062 | 2024-11-21 | N/A | 4.8 MEDIUM | ||
| tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python's `eval`, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-32986 | 2024-11-21 | N/A | 9.6 CRITICAL | ||
| PWAsForFirefox is a tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox. Due to improper sanitization of web app properties (such as name, description, shortcuts), web apps were able to inject additional lines into XDG Desktop Entries (on Linux) and `AppInfo.ini` (on PortableApps.com). This allowed malicious web apps to introduce keys like `Exec`, which could run arbitrary code when the affected web app was launched. This vulnerability affects all Linux and PortableApps.com users of all PWAsForFirefox versions up to (excluding) 2.12.0. Windows and macOS users are not affected. This vulnerability has been fixed in commit `9932d4b` which has been included in release in v2.12.0. The main fix is implemented in the native part, but the extension also contains additional fixes. All Linux and PortableApps.com users are advised to update to this version as soon as possible. It is also recommended for Windows and macOS users to update to this version, as it contains additional fixes related to properties sanitization. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-26020 | 1 Ankiweb | 1 Anki | 2024-11-21 | N/A | 9.6 CRITICAL |
| An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability. | |||||
| CVE-2024-23828 | 1 Nginxui | 1 Nginx Ui | 2024-11-21 | N/A | 8.8 HIGH |
| Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to an authenticated arbitrary command execution via CRLF attack when changing the value of test_config_cmd or start_cmd. This vulnerability exists due to an incomplete fix for CVE-2024-22197 and CVE-2024-22198. This vulnerability has been patched in version 2.0.0.beta.12. | |||||
| CVE-2024-23648 | 1 Pimcore | 1 Admin Classic Bundle | 2024-11-21 | N/A | 8.8 HIGH |
| Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The password reset functionality sends to the the user requesting a password change an email containing an URL to reset its password. The URL sent contains a unique token, valid during 24 hours, allowing the user to reset its password. This token is highly sensitive ; as an attacker able to retrieve it would be able to resets the user's password. Prior to version 1.2.3, the reset-password URL is crafted using the "Host" HTTP header of the request sent to request a password reset. This way, an external attacker could send password requests for users, but specify a "Host" header of a website that they control. If the user receiving the mail clicks on the link, the attacker would retrieve the reset token of the victim and perform account takeover. Version 1.2.3 fixes this issue. | |||||
| CVE-2024-23274 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.8 HIGH |
| An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. | |||||
| CVE-2024-23268 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.8 HIGH |
| An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. | |||||