Charitable Donations & Fundraising Team Security Vulnerabilities

CVE-2024-21503

Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service....

CVE-2019-8354

An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer...

CVE-2024-33545

Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through...

CVE-2024-35706

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Cross-Site Scripting (XSS).This issue affects Heateor Social Login: from n/a through...

CVE-2024-5835

Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

CVE-2024-5837

Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity:...

CVE-2022-28805

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua...

CVE-2024-5843

Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file. (Chromium security severity:...

CVE-2024-5086 Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.8.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Carousel Widget

The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Member Carousel widget in all Pro versions up to, and including, 5.8.14 due to insufficient input...

CVE-2023-6345

Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity:...

CVE-2024-30465

Missing Authorization vulnerability in Pagelayer Team PageLayer.This issue affects PageLayer: from n/a through...

CVE-2024-34062

tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. --delim, --buf-size, --manpath) are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All...

Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences

Impact DoS vuln via OOM using jq in ignoreDifferences. ignoreDifferences: - group: apps kind: Deployment jqPathExpressions: - 'until(true == false; [.] + [1])' Patches A patch for this vulnerability has been released in the following Argo CD versions: v2.10.8 v2.9.13...

CVE-2024-20752

Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2024-27965

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFunnels Team WPFunnels allows Stored XSS.This issue affects WPFunnels: from n/a through...

CVE-2024-21885

A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or...

CVE-2024-28869

Traefik is an HTTP reverse proxy and load balancer. In affected versions sending a GET request to any Traefik endpoint with the "Content-length" request header results in an indefinite hang with the default configuration. This vulnerability can be exploited by attackers to induce a denial of...

Acquia DAM - Moderately critical - Access bypass, Denial of Service - SA-CONTRIB-2024-025

Acquia DAM provides a connection to a third-party asset management system, allowing for images to be managed, linked to, and viewed from Drupal. In order for assets to be managed in Drupal, a site administrator must first authenticate the site to their DAM instance. The module doesn't sufficiently....

TYPO3 vulnerable to an HTML Injection in the History Module

Problem The history backend module is vulnerable to HTML injection. Although Content-Security-Policy headers effectively prevent JavaScript execution, adversaries can still inject malicious HTML markup. Exploiting this vulnerability requires a valid backend user account. Solution Update to TYPO3...

CVE-2023-51516

Missing Authorization vulnerability in Business Directory Team Business Directory Plugin.This issue affects Business Directory Plugin: from n/a through...

CVE-2024-20771

Bridge versions 13.0.6, 14.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim.....

Anonymous PrestaShop customer can download other customers' invoices

Impact Since PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. Patches Patched in 8.1.6 Workarounds Upgrade to 8.1.6 Thank you to Samuel Bodevin, who found this vulnerability and shared it with the PrestaShop....

CVE-2024-24790

The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4...

CVE-2024-5197

There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be...

CVE-2024-5458

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs)....

Exploit for Command Injection in Vmware Aria Operations For Networks

CVE-2023-20887 POC for CVE-2023-20887 VMWare Aria Operations...

CVE-2024-36600

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image...

CVE-2024-21096

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes...

CVE-2024-33544

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through...

Exploit for OS Command Injection in Php

CVE-2024-4577 A Proof of Concept developed by...

CVE-2022-3676

In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible...

Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR

...

CVE-2024-35768

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

CVE-2023-2281

When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name, display name, description, and other data about the archived...

CVE-2023-27266

Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api/v4/users/me/teams API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the...

CVE-2024-24788

A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite...

CVE-2023-52425

libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are...

TYPO3 vulnerable to Cross-Site Scripting in the ShowImageController

Problem Failing to properly encode user-controlled values in file entities, the ShowImageController (eID tx_cms_showpic) is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to file entities. Solution Update to TYPO3 versions 9.5.48....

CVE-2024-5697

A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox &lt;...

CVE-2022-4967

strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be...

Exploit for Authentication Bypass by Spoofing in Telerik Report Server 2024

CVE-2024-4358 / CVE-2024-1800 Telerik Report Server...

Exploit for Incorrect Permission Assignment for Critical Resource in Microsoft

CVE-2024-21305 This repo contains the report and PoC of...

CVE-2024-21085

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit...

CVE-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

CVE-2024-5695

If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox &lt;...

CVE-2023-4039

DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style...

CVE-2023-27265

Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the "Regenerate Invite Id" API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the...

CVE-2024-33549

Improper Privilege Management vulnerability in AA-Team WZone allows Privilege Escalation.This issue affects WZone: from n/a through...

CVE-2024-35235

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the...

CVE-2023-36794

Visual Studio Remote Code Execution...