Total
345845 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-10186 | 1 Avecnous | 1 Event Post | 2024-11-08 | N/A | 5.4 MEDIUM |
| The Event post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's events_cal shortcode in all versions up to, and including, 5.9.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2020-11859 | 1 Microfocus | 1 Imanager | 2024-11-08 | N/A | 5.4 MEDIUM |
| Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3 | |||||
| CVE-2024-45794 | 2024-11-08 | N/A | 8.3 HIGH | ||
| devtron is an open source tool integration platform for Kubernetes. In affected versions an authenticated user (with minimum permission) could utilize and exploit SQL Injection to allow the execution of malicious SQL queries via CreateUser API (/orchestrator/user). This issue has been addressed in version 0.7.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-9579 | 1 Hp | 16 Poly Studio G62, Poly Studio G62 Firmware, Poly Studio G7500 and 13 more | 2024-11-08 | N/A | 7.5 HIGH |
| A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself. | |||||
| CVE-2024-49522 | 1 Adobe | 1 Substance 3d Painter | 2024-11-08 | N/A | 7.8 HIGH |
| Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-10452 | 1 Grafana | 1 Grafana | 2024-11-08 | N/A | 2.7 LOW |
| Organization admins can delete pending invites created in an organization they are not part of. | |||||
| CVE-2024-50076 | 1 Linux | 1 Linux Kernel | 2024-11-08 | N/A | 6.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. This may cause info-leak, so to prevent this, it is safest to modify it to initialize the allocated memory space to 0, and it generally does not affect the overall performance of the system. | |||||
| CVE-2024-50027 | 1 Linux | 1 Linux Kernel | 2024-11-08 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: thermal: core: Free tzp copy along with the thermal zone The object pointed to by tz->tzp may still be accessed after being freed in thermal_zone_device_unregister(), so move the freeing of it to the point after the removal completion has been completed at which it cannot be accessed any more. | |||||
| CVE-2023-52913 | 1 Linux | 1 Linux Kernel | 2024-11-08 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential context UAFs gem_context_register() makes the context visible to userspace, and which point a separate thread can trigger the I915_GEM_CONTEXT_DESTROY ioctl. So we need to ensure that nothing uses the ctx ptr after this. And we need to ensure that adding the ctx to the xarray is the *last* thing that gem_context_register() does with the ctx pointer. [tursulin: Stable and fixes tags add/tidy.] (cherry picked from commit bed4b455cf5374e68879be56971c1da563bcd90c) | |||||
| CVE-2022-48938 | 1 Linux | 1 Linux Kernel | 2024-11-08 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the sanity check. Both offset and offset + len need to be checked in such a manner that no overflow can occur. And those quantities should be unsigned. | |||||
| CVE-2022-48910 | 1 Linux | 1 Linux Kernel | 2024-11-08 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ensure we call ipv6_mc_down() at most once There are two reasons for addrconf_notify() to be called with NETDEV_DOWN: either the network device is actually going down, or IPv6 was disabled on the interface. If either of them stays down while the other is toggled, we repeatedly call the code for NETDEV_DOWN, including ipv6_mc_down(), while never calling the corresponding ipv6_mc_up() in between. This will cause a new entry in idev->mc_tomb to be allocated for each multicast group the interface is subscribed to, which in turn leaks one struct ifmcaddr6 per nontrivial multicast group the interface is subscribed to. The following reproducer will leak at least $n objects: ip addr add ff2e::4242/32 dev eth0 autojoin sysctl -w net.ipv6.conf.eth0.disable_ipv6=1 for i in $(seq 1 $n); do ip link set up eth0; ip link set down eth0 done Joining groups with IPV6_ADD_MEMBERSHIP (unprivileged) or setting the sysctl net.ipv6.conf.eth0.forwarding to 1 (=> subscribing to ff02::2) can also be used to create a nontrivial idev->mc_list, which will the leak objects with the right up-down-sequence. Based on both sources for NETDEV_DOWN events the interface IPv6 state should be considered: - not ready if the network interface is not ready OR IPv6 is disabled for it - ready if the network interface is ready AND IPv6 is enabled for it The functions ipv6_mc_up() and ipv6_down() should only be run when this state changes. Implement this by remembering when the IPv6 state is ready, and only run ipv6_mc_down() if it actually changed from ready to not ready. The other direction (not ready -> ready) already works correctly, as: - the interface notification triggered codepath for NETDEV_UP / NETDEV_CHANGE returns early if ipv6 is disabled, and - the disable_ipv6=0 triggered codepath skips fully initializing the interface as long as addrconf_link_ready(dev) returns false - calling ipv6_mc_up() repeatedly does not leak anything | |||||
| CVE-2023-29126 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2024-11-08 | N/A | 8.8 HIGH |
| The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute force process and under certain conditions bypass authentication. | |||||
| CVE-2023-29125 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2024-11-08 | N/A | 8.0 HIGH |
| A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700. | |||||
| CVE-2023-29121 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2024-11-08 | N/A | 8.8 HIGH |
| Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system. | |||||
| CVE-2023-29120 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2024-11-08 | N/A | 8.8 HIGH |
| Waybox Enel X web management application could be used to execute arbitrary OS commands and provide administrator’s privileges over the Waybox system. | |||||
| CVE-2023-29119 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2024-11-08 | N/A | 8.8 HIGH |
| Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php. | |||||
| CVE-2023-29118 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2024-11-08 | N/A | 8.8 HIGH |
| Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php. | |||||
| CVE-2023-29117 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2024-11-08 | N/A | 8.8 HIGH |
| Waybox Enel X web management API authentication could be bypassed and provide administrator’s privileges over the Waybox system. | |||||
| CVE-2023-29116 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2024-11-08 | N/A | 4.3 MEDIUM |
| Under certain conditions, through a request directed to the Waybox Enel X web management application, information like Waybox OS version or service configuration details could be obtained. | |||||
| CVE-2023-29115 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2024-11-08 | N/A | 6.5 MEDIUM |
| In certain conditions a request directed to the Waybox Enel X Web management application could cause a denial-of-service (e.g. reboot). | |||||