Total
155 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-35985 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-28 | N/A | 8.8 HIGH |
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted malicious site if the browser plugin extension is enabled. | |||||
CVE-2023-5247 | 1 Mitsubishielectric | 4 Gx Works3, Melsoft Iq Appportal, Melsoft Navigator and 1 more | 2024-02-28 | N/A | 7.8 HIGH |
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition. | |||||
CVE-2023-49864 | 1 Wwbn | 1 Avideo | 2024-02-28 | N/A | 6.5 MEDIUM |
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_image` parameter. | |||||
CVE-2023-40194 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-28 | N/A | 8.8 HIGH |
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
CVE-2024-1329 | 1 Hashicorp | 1 Nomad | 2024-02-28 | N/A | 7.5 HIGH |
HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. Fixed in Nomad 1.7.4, 1.6.7, 1.5.14. | |||||
CVE-2023-6569 | 1 H2o | 1 H2o | 2024-02-28 | N/A | 8.2 HIGH |
External Control of File Name or Path in h2oai/h2o-3 | |||||
CVE-2023-49862 | 1 Wwbn | 1 Avideo | 2024-02-28 | N/A | 6.5 MEDIUM |
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_gifimage` parameter. | |||||
CVE-2024-23639 | 1 Objectcomputing | 1 Micronaut | 2024-02-28 | N/A | 7.8 HIGH |
Micronaut Framework is a modern, JVM-based, full stack Java framework designed for building modular, easily testable JVM applications with support for Java, Kotlin and the Groovy language. Enabled but unsecured management endpoints are susceptible to drive-by localhost attacks. While not typical of a production application, these attacks may have more impact on a development environment where such endpoints may be flipped on without much thought. A malicious/compromised website can make HTTP requests to `localhost`. Normally, such requests would trigger a CORS preflight check which would prevent the request; however, some requests are "simple" and do not require a preflight check. These endpoints, if enabled and not secured, are vulnerable to being triggered. Production environments typically disable unused endpoints and secure/restrict access to needed endpoints. A more likely victim is the developer in their local development host, who has enabled endpoints without security for the sake of easing development. This issue has been addressed in version 3.8.3. Users are advised to upgrade. | |||||
CVE-2024-24760 | 1 Mailcow | 1 Mailcow\ | 2024-02-28 | N/A | 7.3 HIGH |
mailcow is a dockerized email package, with multiple containers linked in one bridged network. A security vulnerability has been identified in mailcow affecting versions < 2024-01c. This vulnerability potentially allows attackers on the same subnet to connect to exposed ports of a Docker container, even when the port is bound to 127.0.0.1. The vulnerability has been addressed by implementing additional iptables/nftables rules. These rules drop packets for Docker containers on ports 3306, 6379, 8983, and 12345, where the input interface is not `br-mailcow` and the output interface is `br-mailcow`. | |||||
CVE-2023-39542 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-28 | N/A | 8.8 HIGH |
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file can create arbitrary files, which can lead to remote code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
CVE-2023-38046 | 1 Paloaltonetworks | 1 Pan-os | 2024-02-28 | N/A | 4.9 MEDIUM |
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system. | |||||
CVE-2023-32615 | 1 Openautomationsoftware | 1 Oas Platform | 2024-02-28 | N/A | 8.1 HIGH |
A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
CVE-2023-37855 | 1 Phoenixcontact | 12 Wp 6070-wvps, Wp 6070-wvps Firmware, Wp 6101-wxps and 9 more | 2024-02-28 | N/A | 4.3 MEDIUM |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser. | |||||
CVE-2023-44209 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2024-02-28 | N/A | 7.8 HIGH |
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 29051. | |||||
CVE-2023-40139 | 1 Google | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2022-46868 | 2 Acronis, Microsoft | 2 Cyber Protect Home Office, Windows | 2024-02-28 | N/A | 7.8 HIGH |
Local privilege escalation during recovery due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173. | |||||
CVE-2023-4704 | 1 Instantcms | 1 Instantcms | 2024-02-28 | N/A | 4.9 MEDIUM |
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git. | |||||
CVE-2023-35838 | 2 Microsoft, Wireguard | 2 Windows, Wireguard | 2024-02-28 | N/A | 5.7 MEDIUM |
The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and services even while the VPN is enabled. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "LocalNet attack resulting in the blocking of traffic" rather than to only WireGuard. | |||||
CVE-2023-37856 | 1 Phoenixcontact | 12 Wp 6070-wvps, Wp 6070-wvps Firmware, Wp 6101-wxps and 9 more | 2024-02-28 | N/A | 4.3 MEDIUM |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser . | |||||
CVE-2023-4089 | 1 Wago | 14 Compact Controller 100, Compact Controller 100 Firmware, Edge Controller and 11 more | 2024-02-28 | N/A | 2.7 LOW |
On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected. |