Total
29495 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-42467 | 1 Openhab | 1 Openhab Web Interface | 2024-08-29 | N/A | 10.0 CRITICAL |
openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, the proxy endpoint of openHAB's CometVisu add-on can be accessed without authentication. This proxy-feature can be exploited as Server-Side Request Forgery (SSRF) to induce GET HTTP requests to internal-only servers, in case openHAB is exposed in a non-private network. Furthermore, this proxy-feature can also be exploited as a Cross-Site Scripting (XSS) vulnerability, as an attacker is able to re-route a request to their server and return a page with malicious JavaScript code. Since the browser receives this data directly from the openHAB CometVisu UI, this JavaScript code will be executed with the origin of the CometVisu UI. This allows an attacker to exploit call endpoints on an openHAB server even if the openHAB server is located in a private network. (e.g. by sending an openHAB admin a link that proxies malicious JavaScript.) This issue may lead up to Remote Code Execution (RCE) when chained with other vulnerabilities. Users should upgrade to version 4.2.1 of the CometVisu add-on of openHAB to receive a patch. | |||||
CVE-2024-7610 | 1 Gitlab | 1 Gitlab | 2024-08-29 | N/A | 6.5 MEDIUM |
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch. | |||||
CVE-2024-7554 | 1 Gitlab | 1 Gitlab | 2024-08-29 | N/A | 6.5 MEDIUM |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.0.6, all versions starting from 17.1 before 17.1.4, all versions starting from 17.2 before 17.2.2. Under certain conditions, access tokens may have been logged when an API request was made in a specific manner. | |||||
CVE-2024-8216 | 1 Insurance Management System Project | 1 Insurance Management System | 2024-08-29 | 5.5 MEDIUM | 5.4 MEDIUM |
A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument recipt_no leads to improper access controls. The attack may be launched remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-5423 | 1 Gitlab | 1 Gitlab | 2024-08-29 | N/A | 6.5 MEDIUM |
Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2 which allowed an attacker to cause resource exhaustion via banzai pipeline. | |||||
CVE-2024-7851 | 1 Oretnom23 | 1 Yoga Class Registration System | 2024-08-29 | 6.5 MEDIUM | 9.8 CRITICAL |
A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Users.php?f=save of the component Add User Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
CVE-2024-42493 | 1 Dorsettcontrols | 1 Infoscan | 2024-08-29 | N/A | 5.3 MEDIUM |
Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login. | |||||
CVE-2024-39287 | 1 Dorsettcontrols | 1 Infoscan | 2024-08-29 | N/A | 7.5 HIGH |
Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys. | |||||
CVE-2024-42440 | 1 Zoom | 3 Meeting Software Development Kit, Rooms, Workplace Desktop | 2024-08-28 | N/A | 6.7 MEDIUM |
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access. | |||||
CVE-2024-42441 | 1 Zoom | 3 Meeting Software Development Kit, Rooms, Workplace Desktop | 2024-08-28 | N/A | 6.7 MEDIUM |
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access. | |||||
CVE-2024-43472 | 1 Microsoft | 1 Edge Chromium | 2024-08-28 | N/A | 8.3 HIGH |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
CVE-2024-8033 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-08-27 | N/A | 4.3 MEDIUM |
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2024-6978 | 1 Catonetworks | 1 Cato Client | 2024-08-27 | N/A | 8.8 HIGH |
Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users.This issue affects SDP Client: before 5.10.28. | |||||
CVE-2024-44942 | 1 Linux | 1 Linux Kernel | 2024-08-27 | N/A | 7.8 HIGH |
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot reports a f2fs bug as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/inline.c:258! CPU: 1 PID: 34 Comm: kworker/u8:2 Not tainted 6.9.0-rc6-syzkaller-00012-g9e4bc4bcae01 #0 RIP: 0010:f2fs_write_inline_data+0x781/0x790 fs/f2fs/inline.c:258 Call Trace: f2fs_write_single_data_page+0xb65/0x1d60 fs/f2fs/data.c:2834 f2fs_write_cache_pages fs/f2fs/data.c:3133 [inline] __f2fs_write_data_pages fs/f2fs/data.c:3288 [inline] f2fs_write_data_pages+0x1efe/0x3a90 fs/f2fs/data.c:3315 do_writepages+0x35b/0x870 mm/page-writeback.c:2612 __writeback_single_inode+0x165/0x10b0 fs/fs-writeback.c:1650 writeback_sb_inodes+0x905/0x1260 fs/fs-writeback.c:1941 wb_writeback+0x457/0xce0 fs/fs-writeback.c:2117 wb_do_writeback fs/fs-writeback.c:2264 [inline] wb_workfn+0x410/0x1090 fs/fs-writeback.c:2304 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0xa12/0x17c0 kernel/workqueue.c:3335 worker_thread+0x86d/0xd70 kernel/workqueue.c:3416 kthread+0x2f2/0x390 kernel/kthread.c:388 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 The root cause is: inline_data inode can be fuzzed, so that there may be valid blkaddr in its direct node, once f2fs triggers background GC to migrate the block, it will hit f2fs_bug_on() during dirty page writeback. Let's add sanity check on F2FS_INLINE_DATA flag in inode during GC, so that, it can forbid migrating inline_data inode's data block for fixing. | |||||
CVE-2024-45236 | 1 Nicmx | 1 Fort-validator | 2024-08-27 | N/A | 7.5 HIGH |
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. | |||||
CVE-2024-45234 | 1 Nicmx | 1 Fort-validator | 2024-08-27 | N/A | 7.5 HIGH |
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics when faced with data not encoded in DER. Because Fort is an RPKI Relying Party, a panic can lead to Route Origin Validation unavailability, which can lead to compromised routing. | |||||
CVE-2024-6973 | 1 Catonetworks | 1 Cato Client | 2024-08-27 | N/A | 8.8 HIGH |
Remote Code Execution in Cato Windows SDP client via crafted URLs. This issue affects Windows SDP Client before 5.10.34. | |||||
CVE-2024-42662 | 1 Apolloconfig | 1 Apollo | 2024-08-26 | N/A | 7.5 HIGH |
An issue in apollocongif apollo v.2.2.0 allows a remote attacker to obtain sensitive information via a crafted request. | |||||
CVE-2024-7972 | 1 Google | 1 Chrome | 2024-08-26 | N/A | 8.8 HIGH |
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2024-41849 | 1 Adobe | 1 Experience Manager | 2024-08-26 | N/A | 4.1 MEDIUM |
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could lead to a security feature bypass. An low-privileged attacker could leverage this vulnerability to slightly affect the integrity of the page. Exploitation of this issue requires user interaction and scope is changed. |