Aimeos denial of service vulnerability in SaaS and marketplace setups
Impact All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack Patches Upgrade to the latest 2022.10 LTS, 2023.10 LTS and 2024.04.7 version of the aimeos/aimeos-core...
5.5CVSS
7AI Score
0.0004EPSS
Aimeos denial of service vulnerability in SaaS and marketplace setups
Impact All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack Patches Upgrade to the latest 2022.10 LTS, 2023.10 LTS and 2024.04.7 version of the aimeos/aimeos-core...
5.5CVSS
7AI Score
0.0004EPSS
Moderate: pki-core:10.6 and pki-deps:10.6 security update
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518) For more details about the security issue(s),...
7.5CVSS
7AI Score
0.002EPSS
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor (RCP) causes the OpenThread Border Router(OTBR) application task running on the host platform to crash, allowing an attacker to cause a temporary...
6.5CVSS
0.0004EPSS
CVE-2024-3017 Denial of service in multi-protocol gateway - Zigbee + Thread
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor (RCP) causes the OpenThread Border Router(OTBR) application task running on the host platform to crash, allowing an attacker to cause a temporary...
6.5CVSS
0.0004EPSS
QNAP QTS and Photo Station 6.0.3 - Remote Command Execution
This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest...
9.8CVSS
6.9AI Score
0.963EPSS
Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery
The Ray Dashboard API is affected by a Server-Side Request Forgery (SSRF) vulnerability in the url parameter of the /log_proxy API endpoint. The API does not perform sufficient input validation within the affected parameter and any HTTP or HTTPS URLs are accepted as...
9.1CVSS
8.6AI Score
0.326EPSS
Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection
Citrix ADC and NetScaler Gateway are susceptible to remote code injection. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Affected versions are before 13.0-58.30,...
6.5CVSS
7.3AI Score
0.974EPSS
Summary IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna. This bulletin identifies the steps required to address these vulnerabilities Vulnerability Details ** CVEID: CVE-2023-6004 DESCRIPTION: **libssh could allow a local...
5.9CVSS
8.6AI Score
EPSS
Folders <= 3.0 and Folders Pro <= 3.0.2 - Directory Traversal via handle_folders_file_upload
Description The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and.....
4.3CVSS
6.7AI Score
0.001EPSS
Atlassian Confluence Data Center and Server - Remote Code Execution
Detects a Remote Code Execution vulnerability in Confluence Data Center and Server versions prior to X.X (affected versions). This issue allows authenticated attackers to execute arbitrary...
8.8CVSS
9AI Score
0.511EPSS
SQLi (SQL Injection) org.postgresql:postgresql Dependency in Confluence Data Center and Server
This Critical severity org.postgresql:postgresql Dependency vulnerability was introduced in versions 6.0.1 of Confluence Data Center and Server. Confluence Data Center is unaffected by this vulnerability as it does not use the {{PreferQueryMode=SIMPLE}} parameter required for this vulnerability in....
10CVSS
9.7AI Score
0.001EPSS
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have....
4.7CVSS
5.2AI Score
0.001EPSS
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have....
4.7CVSS
5.4AI Score
0.001EPSS
Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0 through 2.12.2 and EC-Orange systems deployed before June 29th, 2015. If this vulnerability is exploited, a user of the affected shopping website may obtain other users' information by sending a crafted HTTP...
6.2AI Score
0.006EPSS
8AI Score
0.973EPSS
CVE-2019-1547 ECDSA remote timing attack
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have....
5.3AI Score
0.001EPSS
Zendframework1 Potential SQL injection in ORDER and GROUP functions
The implementation of ORDER BY and GROUP BY in Zend_Db_Select remained prone to SQL injection when a combination of SQL expressions and comments were used. This security patch provides a comprehensive solution that identifies and removes comments prior to checking validity of the statement to...
8.1AI Score
TYPO3 CMS Privilege Escalation and SQL Injection
Failing to properly dissociate system related configuration from user generated configuration, the Form Framework (system extension "form") is vulnerable to SQL injection and Privilege Escalation. Basically instructions can be persisted to a form definition file that were not configured to be...
8.1AI Score
DoS (Denial of Service) in Confluence Data Center and Server
This High severity DoS (Denial of Service) vulnerability was introduced in version 5.6 of Confluence Data Center and Server. With a CVSS Score of 7.5, this vulnerability allows an unauthenticated attacker to cause a resource to be unavailable for its intended users by temporarily or indefinitely...
9.8CVSS
7.6AI Score
EPSS
CVE-2023-48745 WordPress Captcha Code plugin <= 2.9 - Captcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha Code allows Functionality Bypass.This issue affects Captcha Code: from n/a through...
5.3CVSS
5.5AI Score
0.0004EPSS
DoS (Denial of Service) okio in Bitbucket Data Center and Server
This High severity Third-Party Dependency vulnerability is included in versions 7.17.0, 7.21.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, and 8.14.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.5CVSS
6.7AI Score
0.001EPSS
Typo3 Arbitrary file upload and XML External Entity processing
It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure,...
7.1AI Score
Apache Kafka Connect API Vulnerability in Bitbucket Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 7.21.0, 8.7.1, 8.8.0, 8.9.0, 8.10.0, 8.11.0, and 8.12.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
8.8CVSS
7AI Score
0.97EPSS
CVE-2023-48745 WordPress Captcha Code plugin <= 2.9 - Captcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha Code allows Functionality Bypass.This issue affects Captcha Code: from n/a through...
5.3CVSS
7.1AI Score
0.0004EPSS
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha Code allows Functionality Bypass.This issue affects Captcha Code: from n/a through...
5.3CVSS
7.3AI Score
0.0004EPSS
Vyper's raw_call `value=` kwargs not disabled for static and delegate calls
Summary Vyper compiler allows passing a value in builtin raw_call even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics of the respective opcodes, and vyper will silently ignore the value=...
5.3CVSS
5.3AI Score
0.0005EPSS
Decompressors can crash the JVM and leak memory content in Aircompressor
Summary All decompressor implementations of Aircompressor (LZ4, LZO, Snappy, Zstandard) can crash the JVM for certain input, and in some cases also leak the content of other memory of the Java process (which could contain sensitive information). Details When decompressing certain data, the...
8.6CVSS
6.2AI Score
0.0004EPSS
Bosa Elementor Addons and Templates for WooCommerce < 1.0.13 - Missing Authorization
Description The Bosa Elementor Addons and Templates for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the start_importer and plugin_requirements functions in versions up to, and including, 1.0.12. This makes it possible for...
8.8CVSS
6.4AI Score
0.001EPSS
The NXP Data Co-Processor (DCP) is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcp_tool reference implementation included in the repository selected the test key, regardless of its -t argument....
7.1CVSS
0.0004EPSS
The NXP Data Co-Processor (DCP) is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcp_tool reference implementation included in the repository selected the test key, regardless of its -t argument....
7.1CVSS
7AI Score
0.0004EPSS
CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation
The NXP Data Co-Processor (DCP) is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcp_tool reference implementation included in the repository selected the test key, regardless of its -t argument....
7.1CVSS
0.0004EPSS
Moderate: ruby:3.1 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (3.1). (AlmaLinux-35449) Security Fix(es): ruby: Buffer overread...
9.4AI Score
EPSS
(RHSA-2024:2962) Moderate: virt:rhel and virt-devel:rhel security and enhancement update
Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the....
7.7AI Score
0.002EPSS
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha Code allows Functionality Bypass.This issue affects Captcha Code: from n/a through...
5.3CVSS
5.5AI Score
0.0004EPSS
D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure
A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request...
5.3CVSS
6.9AI Score
0.001EPSS
XenServer and Citrix Hypervisor Security Update for CVE-2024-5661
An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which mayallow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. This issue has the following identifier: CVE-2024-5661 CVE-2024-5661 affects all deployments....
6.7AI Score
0.0004EPSS
CVE-2024-29129 WordPress OxyExtras plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPLIT Pty Ltd OxyExtras allows Reflected XSS.This issue affects OxyExtras: from n/a through...
7.1CVSS
7.1AI Score
0.0004EPSS
Moderate: ruby:3.1 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (3.1). (AlmaLinux-35449) Security Fix(es): ruby: Buffer overread...
7AI Score
EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPLIT Pty Ltd OxyExtras allows Reflected XSS.This issue affects OxyExtras: from n/a through...
7.1CVSS
9.3AI Score
0.0004EPSS
CVE-2024-29104 WordPress Ticket Tailor plugin <= 1.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zimma Ltd. Ticket Tailor allows Stored XSS.This issue affects Ticket Tailor: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shopfiles Ltd Ebook Store allows Stored XSS.This issue affects Ebook Store: from n/a through...
5.9CVSS
6.5AI Score
0.0004EPSS
Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution
Atlassian Crowd and Crowd Data Center is susceptible to a remote code execution vulnerability because the pdkinstall development plugin is incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit...
9.8CVSS
9.7AI Score
0.974EPSS
Improve one-time permissions handling and revoking mechanism to prevent security issues
In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
5.5CVSS
6.7AI Score
0.0004EPSS
Malicious app can bypass one-time permission revocation and keep it granted
In getGroupState of GrantPermissionsViewModel.kt, there is a possible way to keep a one-time permission granted due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.7AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zimma Ltd. Ticket Tailor allows Stored XSS.This issue affects Ticket Tailor: from n/a through...
6.5CVSS
9.1AI Score
0.0004EPSS
Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through...
7.6CVSS
6.9AI Score
0.0004EPSS
CVE-2024-23501 WordPress Ebook Store Plugin <= 5.788 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shopfiles Ltd Ebook Store allows Stored XSS.This issue affects Ebook Store: from n/a through...
5.9CVSS
5.9AI Score
0.0004EPSS
Proxy PAC URL can use several URL schemes, including file: and jar:
In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for...
5.5CVSS
6.3AI Score
0.0004EPSS
Typo3 Arbitrary file upload and XML External Entity processing
It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure,...
7.1AI Score