Total
5552 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-6376 | 1 Mongodb | 1 Compass | 2024-11-21 | N/A | 7.0 HIGH |
| MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2 | |||||
| CVE-2024-6206 | 2024-11-21 | N/A | 7.5 HIGH | ||
| A security vulnerability has been identified in HPE Athonet Mobile Core software. The core application contains a code injection vulnerability where a threat actor could execute arbitrary commands with the privilege of the underlying container leading to complete takeover of the target system. | |||||
| CVE-2024-5834 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
| Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-5826 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server. | |||||
| CVE-2024-5751 | 1 Litellm | 1 Litellm | 2024-11-21 | N/A | 9.8 CRITICAL |
| BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the `add_deployment` function, which decodes and decrypts environment variables from base64 and assigns them to `os.environ`. An attacker can exploit this by sending a malicious payload to the `/config/update` endpoint, which is then processed and executed by the server when the `get_secret` function is triggered. This requires the server to use Google KMS and a database to store a model. | |||||
| CVE-2024-5683 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| Improper Control of Generation of Code ('Code Injection') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Remote Code Inclusion.This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5. | |||||
| CVE-2024-4889 | 1 Litellm | 1 Litellm | 2024-11-21 | N/A | 7.2 HIGH |
| A code injection vulnerability exists in the berriai/litellm application, version 1.34.6, due to the use of unvalidated input in the eval function within the secret management system. This vulnerability requires a valid Google KMS configuration file to be exploitable. Specifically, by setting the `UI_LOGO_PATH` variable to a remote server address in the `get_image` function, an attacker can write a malicious Google KMS configuration file to the `cached_logo.jpg` file. This file can then be used to execute arbitrary code by assigning malicious code to the `SAVE_CONFIG_TO_DB` environment variable, leading to full system control. The vulnerability is contingent upon the use of the Google KMS feature. | |||||
| CVE-2024-4884 | 1 Progress | 1 Whatsup Gold | 2024-11-21 | N/A | 9.8 CRITICAL |
| In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The Apm.UI.Areas.APM.Controllers.CommunityController allows execution of commands with iisapppool\nmconsole privileges. | |||||
| CVE-2024-4883 | 1 Progress | 1 Whatsup Gold | 2024-11-21 | N/A | 9.8 CRITICAL |
| In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe. | |||||
| CVE-2024-4264 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| A remote code execution (RCE) vulnerability exists in the berriai/litellm project due to improper control of the generation of code when using the `eval` function unsafely in the `litellm.get_secret()` method. Specifically, when the server utilizes Google KMS, untrusted data is passed to the `eval` function without any sanitization. Attackers can exploit this vulnerability by injecting malicious values into environment variables through the `/config/update` endpoint, which allows for the update of settings in `proxy_server_config.yaml`. | |||||
| CVE-2024-45507 | 1 Apache | 1 Ofbiz | 2024-11-21 | N/A | 9.8 CRITICAL |
| Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue. | |||||
| CVE-2024-41667 | 2024-11-21 | N/A | 8.8 HIGH | ||
| OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginUrlTemplate` method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL for handling login to override the default OpenAM login, they did not restrict the `CustomLoginUrlTemplate`, allowing it to be set freely. Commit fcb8432aa77d5b2e147624fe954cb150c568e0b8 introduces `TemplateClassResolver.SAFER_RESOLVER` to disable the resolution of commonly exploited classes in FreeMarker template injection. As of time of publication, this fix is expected to be part of version 15.0.4. | |||||
| CVE-2024-41468 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand | |||||
| CVE-2024-40735 | 1 Netbox | 1 Netbox | 2024-11-21 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-outlets/{id}/edit/. | |||||
| CVE-2024-40726 | 1 Netbox | 1 Netbox | 2024-11-21 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/{id}/edit/. | |||||
| CVE-2024-40546 | 1 Publiccms | 1 Publiccms | 2024-11-21 | N/A | 8.8 HIGH |
| An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | |||||
| CVE-2024-3995 | 2024-11-21 | N/A | N/A | ||
| In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins. | |||||
| CVE-2024-3955 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| URL GET parameter "logtime" utilized within the "downloadlog" function from "cbpi/http_endpoints/http_system.py" is subsequently passed to the "os.system" function in "cbpi/controller/system_controller.py" without prior validation allowing to execute arbitrary code.This issue affects CraftBeerPi 4: from 4.0.0.58 (commit 563fae9) before 4.4.1.a1 (commit 57572c7). | |||||
| CVE-2024-3924 | 2024-11-21 | N/A | 4.4 MEDIUM | ||
| A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0. | |||||
| CVE-2024-3562 | 1 Custom Field Suite Project | 1 Custom Field Suite | 2024-11-21 | N/A | 8.8 HIGH |
| The Custom Field Suite plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 2.6.7 via the Loop custom field. This is due to insufficient sanitization of input prior to being used in a call to the eval() function. This makes it possible for authenticated attackers, with contributor-level access and above, to execute arbitrary PHP code on the server. | |||||