Les dernières vulnérabilités publiées sur la National Vulnerability Database (NVD)

CVE-2024-52757 - D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the notify parameter in the arp_sys_asp function.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52757
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52754 - D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the fn parameter in the tgfile_htm function.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52754
Partager : LinkedIn / Twitter / Facebook

CVE-2024-48985 - An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet data. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the packet body determined earlier and the header length. If the allocate fails because the specified packet is too large, no exception handling occurs and hciTrSerialRxIncoming continues to write bytes into the 4-byte large temporary header buffer, leading to a buffer overflow. This can be leveraged into an arbitrary write by an attacker. It is possible to overwrite the pointer to the buffer that is supposed to receive the contents of the packet body but which couldn't be allocated. One can then overwrite the state variable used by the function to determine which step of the parsing process is currently being executed. This advances the function to the next state, where it proceeds to copy data to that arbitrary location. The packet body is then written wherever the corrupted data pointer is pointing.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-48985
Partager : LinkedIn / Twitter / Facebook

CVE-2024-48983 - An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the packet body determined earlier plus the header length. WsfMsgAlloc then increments this again by sizeof(wsfMsg_t). This may cause an integer overflow that results in the buffer being significantly too small to contain the entire packet. This may cause a buffer overflow of up to 65 KB . This bug is trivial to exploit for a denial of service but can generally not be exploited further because the exploitable buffer is dynamically allocated.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-48983
Partager : LinkedIn / Twitter / Facebook

CVE-2024-48981 - An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of possible lengths. The initial parsing function, hciTrSerialRxIncoming does not drop packets with invalid identifiers but also does not set a safe default for the length of unknown packets' headers, leading to a buffer overflow. This can be leveraged into an arbitrary write by an attacker. It is possible to overwrite the pointer to a not-yet-allocated buffer that is supposed to receive the contents of the packet body. One can then overwrite the state variable used by the function to determine which state of packet parsing is currently occurring. Because the buffer is allocated when the last byte of the header has been copied, the combination of having a bad header length variable that will never match the counter variable and being able to overwrite the state variable with the resulting buffer overflow can be used to advance the function to the next step while skipping the buffer allocation and resulting pointer write. The next 16 bytes from the packet body are then written wherever the corrupted data pointer is pointing.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-48981
Partager : LinkedIn / Twitter / Facebook

CVE-2024-45510 - An issue was discovered in Zimbra Collaboration (ZCS) through 10.0. Zimbra Webmail (Modern UI) is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper sanitization of user input. This allows an attacker to inject malicious code into specific fields of an e-mail message. When the victim adds the attacker to their contacts, the malicious code is stored and executed when viewing the contact list. This can lead to unauthorized actions such as arbitrary mail sending, mailbox exfiltration, profile picture alteration, and other malicious actions. Proper sanitization and escaping of input fields are necessary to mitigate this vulnerability.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-45510
Partager : LinkedIn / Twitter / Facebook

CVE-2024-45511 - An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A reflected Cross-Site Scripting (XSS) issue exists through the Briefcase module due to improper sanitization of file content by the OnlyOffice formatter. This occurs when the victim opens a crafted URL pointing to a shared folder containing a malicious file uploaded by the attacker. The vulnerability allows the attacker to execute arbitrary JavaScript in the context of the victim's session.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-45511
Partager : LinkedIn / Twitter / Facebook

CVE-2024-33439 - An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker to execute arbitrary OS commands via cgi parameters.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-33439
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52739 - D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52739
Partager : LinkedIn / Twitter / Facebook

CVE-2024-29292 - Multiple OS Command Injection vulnerabilities affecting Kasda KW6512 router software version KW6512_Linux_V1.0 enable an authenticated remote attacker to execute arbitrary OS commands via Quick Setup and Internet page parameters passed to internet.cgi.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-29292
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11493 - A vulnerability classified as problematic was found in 115cms up to 20240807. This vulnerability affects unknown code of the file /index.php/setpage/admin/pageAE.html. The manipulation of the argument tid leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11493
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11492 - A vulnerability classified as problematic has been found in 115cms up to 20240807. This affects an unknown part of the file /index.php/admin/web/appurladd.html. The manipulation of the argument tid leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11492
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11081 - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11081
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9487 - In setVpnForcedLocked of Vpn.java, there is a possible blocking of internet traffic through vpn due to a bad uid check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9487
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9486 - In hidh_l2cif_data_ind of hidh_conn.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9486
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9485 - In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9485
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9484 - In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9484
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9483 - In bta_dm_remove_sec_dev_entry of bta_dm_act.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9483
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9482 - In intr_data_copy_cb of btif_hd.cc, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9482
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9481 - In bta_hd_set_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9481
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9480 - In bta_hd_get_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9480
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9479 - In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9479
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9478 - In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9478
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9477 - In the development options section of the Settings app, there is a possible authentication bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9477
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9475 - In HeadsetInterface::ClccResponse of btif_hf.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote escalation of privilege via Bluetooth, if the recipient has enabled SIP calls with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9475
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9474 - In writeToParcel of MediaPlayer.java, there is a possible serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9474
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9472 - In xmlMemStrdupLoc of xmlmemory.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9472
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9471 - In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9471
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9470 - In bff_Scanner_addOutPos of Scanner.c, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9470
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52796 - Password Pusher, an open source application to communicate sensitive information over the web, comes with a configurable rate limiter. In versions prior to v1.49.0, the rate limiter could be bypassed by forging proxy headers allowing bad actors to send unlimited traffic to the site potentially causing a denial of service. In v1.49.0, a fix was implemented to only authorize proxies on local IPs which resolves this issue. As a workaround, one may add rules to one's proxy and/or firewall to not accept external proxy headers such as `X-Forwarded-*` from clients.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52796
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52771 - DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/file_manage_view.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52771
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52770 - An arbitrary file upload vulnerability in the component /admin/file_manage_control of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52770
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52769 - An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52769
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52725 - SemCms v4.8 was discovered to contain a SQL injection vulnerability. This allows an attacker to execute arbitrary code via the ldgid parameter in the SEMCMS_SeoAndTag.php component.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52725
Partager : LinkedIn / Twitter / Facebook

CVE-2024-51163 - Local File Inclusion vulnerability in Vegam Solutions Vegam 4i v.6.3.47.0 and earlier allows a remote attacker to obtain sensitive information via the print labelling function.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-51163
Partager : LinkedIn / Twitter / Facebook

CVE-2024-51162 - An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-51162
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11491 - A vulnerability was found in 115cms up to 20240807. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php/admin/web/useradmin.html. The manipulation of the argument ks leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11491
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11490 - A vulnerability was found in 115cms up to 20240807. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php/admin/web/set.html. The manipulation of the argument type leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11490
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11489 - A vulnerability was found in 115cms up to 20240807. It has been classified as problematic. Affected is an unknown function of the file /index.php/admin/web/file.html. The manipulation of the argument ks leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11489
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11488 - A vulnerability was found in 115cms up to 20240807 and classified as problematic. This issue affects some unknown processing of the file /app/admin/view/web_user.html. The manipulation of the argument ks leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11488
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9469 - In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut due to a missing permission check. This could lead to local escalation of privilege in a privileged app with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9469
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9468 - In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2018-9468
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11487 - A vulnerability has been found in Code4Berry Decoration Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /decoration/admin/btndates_report.php of the component Between Dates Reports. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11487
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11486 - A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Management System 1.0. This affects an unknown part of the file /decoration/admin/user_permission.php of the component User Permission Handler. The manipulation leads to permission issues. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11486
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11485 - A vulnerability, which was classified as critical, has been found in Code4Berry Decoration Management System 1.0. Affected by this issue is some unknown functionality of the file /decoration/admin/userregister.php of the component User Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11485
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11484 - A vulnerability classified as critical was found in Code4Berry Decoration Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /decoration/admin/update_image.php of the component User Image Handler. The manipulation of the argument productimage1 leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11484
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52598 - 2FAuth is a web app to manage Two-Factor Authentication (2FA) accounts and generate their security codes. Two interconnected vulnerabilities exist in version 5.4.1 a SSRF and URI validation bypass issue. The endpoint at POST /api/v1/twofaccounts/preview allows setting a remote URI to retrieve the image of a 2fa site. By abusing this functionality, it is possible to force the application to make a GET request to an arbitrary URL, whose content will be stored in an image file in the server if it looks like an image. Additionally, the library does some basic validation on the URI, attempting to filter our URIs which do not have an image extension. However, this can be easily bypassed by appending the string `#.svg` to the URI. The combination of these two issues allows an attacker to retrieve URIs accessible from the application, as long as their content type is text based. If not, the request is still sent, but the response is not reflected to the attacker. Version 5.4.1 fixes the issues.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52598
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52473 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sandeep Verma HTML5 Lyrics Karaoke Player allows Reflected XSS.This issue affects HTML5 Lyrics Karaoke Player: from n/a through 2.4.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52473
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52472 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Weather Atlas Weather Atlas Widget allows Reflected XSS.This issue affects Weather Atlas Widget: from n/a through 3.0.1.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52472
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52471 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in petesheppard84 Extensions for Elementor allows Reflected XSS.This issue affects Extensions for Elementor: from n/a through 2.0.37.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52471
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52470 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainvireinfo Dynamic URL SEO allows Reflected XSS.This issue affects Dynamic URL SEO: from n/a through 1.0.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52470
Partager : LinkedIn / Twitter / Facebook

CVE-2024-51209 - Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Management System Version 1.2 allow local attackers to inject arbitrary web script or HTML via the search input field parameter to admin search invoice page and client search invoice page.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-51209
Partager : LinkedIn / Twitter / Facebook

CVE-2024-51208 - File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-51208
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10094 - Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10094
Partager : LinkedIn / Twitter / Facebook

CVE-2024-9479 - Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-9479
Partager : LinkedIn / Twitter / Facebook

CVE-2024-9478 - Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-9478
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52597 - 2FAuth is a web app to manage Two-Factor Authentication (2FA) accounts and generate their security codes. Versions prior to 5.4.1 are vulnerable to stored cross-site scripting due to improper headers in direct access to uploaded SVGs. The application allows uploading images in several places. One of the accepted types of image is SVG, which allows JS scripting. Therefore, by uploading a malicious SVG which contains JS code, an attacker which is able to drive a victim to the uploaded image could compromise that victim's session and access to their tokens. Version 5.4.1 contains a patch for the issue.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52597
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11154 - The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.15 via the 'actAjaxRevisionDiffs' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract sensitive data including revisions of posts and pages.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11154
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10913 - The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.6 via deserialization of untrusted input in the 'recursive_unserialized_replace' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10913
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11495 - Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11495
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11086 - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11086
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52451 - Cross-Site Request Forgery (CSRF) vulnerability in Aaron Robbins Post Ideas allows SQL Injection.This issue affects Post Ideas: from n/a through 2.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52451
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52450 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Official pro coders nBlocks allows PHP Local File Inclusion.This issue affects nBlocks: from n/a through 1.0.2.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52450
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52449 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Navneil Naicer Bootscraper allows PHP Local File Inclusion.This issue affects Bootscraper: from n/a through 2.1.0.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52449
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52448 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WebCodingPlace Ultimate Classified Listings allows PHP Local File Inclusion.This issue affects Ultimate Classified Listings: from n/a through 1.4.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52448
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52447 - Path Traversal: '.../...//' vulnerability in Corporate Zen Contact Page With Google Map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through 1.6.1.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52447
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52446 - Cross-Site Request Forgery (CSRF) vulnerability in Buying Buddy Buying Buddy IDX CRM allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through 1.1.12.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52446
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52445 - Deserialization of Untrusted Data vulnerability in Modeltheme QRMenu Restaurant QR Menu Lite allows Object Injection.This issue affects QRMenu Restaurant QR Menu Lite: from n/a through 1.0.3.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52445
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52444 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPOPAL Opal Woo Custom Product Variation allows Path Traversal.This issue affects Opal Woo Custom Product Variation: from n/a through 1.1.3.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52444
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52443 - Deserialization of Untrusted Data vulnerability in Nerijus Masikonis Geolocator allows Object Injection.This issue affects Geolocator: from n/a through 1.1.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52443
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52442 - Incorrect Privilege Assignment vulnerability in Userplus UserPlus allows Privilege Escalation.This issue affects UserPlus: from n/a through 2.0.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52442
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52441 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Rajesh Thanoch Quick Learn allows Object Injection.This issue affects Quick Learn: from n/a through 1.0.1.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52441
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52440 - Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout allows Object Injection.This issue affects Xpresslane Fast Checkout: from n/a through 1.0.0.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52440
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52439 - Deserialization of Untrusted Data vulnerability in Mark O'Donnell Team Rosters allows Object Injection.This issue affects Team Rosters: from n/a through 4.6.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52439
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52438 - Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows Privilege Escalation.This issue affects de:branding: from n/a through 1.0.2.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52438
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52437 - Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System allows Privilege Escalation.This issue affects Banner System: from n/a through 1.0.0.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52437
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11406 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django CMS Attributes Fields allows Stored XSS.This issue affects django CMS Attributes Fields: before 4.0.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11406
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11404 - Unrestricted Upload of File with Dangerous Type, Improper Input Validation, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS.This issue affects django Filer: from 3 before 3.3.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11404
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10520 - The WP Project Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the 'check' method of the 'Create_Milestone', 'Create_Task_List', 'Create_Task', and 'Delete_Task' classes in version 2.6.14. This makes it possible for unauthenticated attackers to create milestones, create task lists, create tasks, or delete tasks in any project. NOTE: Version 2.6.14 implemented a partial fix for this vulnerability.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10520
Partager : LinkedIn / Twitter / Facebook

CVE-2024-48899 - A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-48899
Partager : LinkedIn / Twitter / Facebook

CVE-2024-45691 - A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-45691
Partager : LinkedIn / Twitter / Facebook

CVE-2024-45690 - A flaw was found in Moodle. Additional checks were required to ensure users can only delete their OAuth2-linked accounts.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-45690
Partager : LinkedIn / Twitter / Facebook

CVE-2024-45689 - A flaw was found in Moodle. Dynamic tables did not enforce capability checks, which resulted in users having the ability to retrieve information they did not have permission to access.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-45689
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10872 - The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `template-post-custom-field` block in all versions up to, and including, 2.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10872
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10382 - There exists a code execution vulnerability in the Car App Android Jetpack Library. In the CarAppService desrialization logic is used that allows for arbitrary java classes to be constructed. In combination with other gadgets, this can lead to arbitrary code execution. An attacker needs to have an app on a victims Android device that uses the CarAppService Class and the victim would need to install a malicious app alongside it. We recommend upgrading the library past version 1.7.0-beta02
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10382
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11494 - **UNSUPPORTED WHEN ASSIGNED** The improper authentication vulnerability in the Zyxel P-6101C ADSL modem firmware version P-6101CSA6AP_20140331 could allow an unauthenticated attacker to read some device information via a crafted HTTP HEAD method.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11494
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11179 - The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to SQL Injection via the 'status_type' parameter in all versions up to, and including, 4.15.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11179
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10891 - The Save as PDF Plugin by Pdfcrowd plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'save_as_pdf_pdfcrowd' shortcode in all versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10891
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10665 - The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpay_view_log_callback() and yaadpay_delete_log_callback() functions in all versions up to, and including, 2.2.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view and delete logs.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10665
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11176 - Improper access control vulnerability in M-Files Aino in versions before 24.10 allowed an authenticated user to access object information via incorrect calculation of effective permissions.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11176
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10127 - Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10127
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10126 - Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1, 24.2 SR3 and 23.8 SR7) allows an authenticated user to read server local files of a limited set of filetypes via document preview.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10126
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52033 - Exposure of sensitive system information to an unauthorized control sphere issue exists in Rakuten Turbo 5G firmware version V1.3.18 and earlier. If this vulnerability is exploited, a remote unauthenticated attacker may obtain information of the other devices connected through the Wi-Fi.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-52033
Partager : LinkedIn / Twitter / Facebook

CVE-2024-48895 - Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in Rakuten Turbo 5G firmware version V1.3.18 and earlier. If this vulnerability is exploited, a remote authenticated attacker may execute an arbitrary OS command.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-48895
Partager : LinkedIn / Twitter / Facebook

CVE-2024-47865 - Missing authentication for critical function vulnerability exists in Rakuten Turbo 5G firmware version V1.3.18 and earlier. If this vulnerability is exploited, a remote unauthenticated attacker may update or downgrade the firmware on the device.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-47865
Partager : LinkedIn / Twitter / Facebook

CVE-2024-9239 - The Booster for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 7.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-9239
Partager : LinkedIn / Twitter / Facebook

CVE-2024-8726 - The MailChimp Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-8726
Partager : LinkedIn / Twitter / Facebook

CVE-2024-11277 - The 404 Solution plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 2.35.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-11277
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10900 - The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_remove_file_attachment() function in all versions up to, and including, 5.9.3.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary user meta which can do things like deny an administrator's access to their site. .
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10900
Partager : LinkedIn / Twitter / Facebook

CVE-2024-10899 - The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.6. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. The same 'id' parameter is vulnerable to Reflected Cross-Site Scripting as well.
20/11/2024 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-10899
Partager : LinkedIn / Twitter / Facebook

Soutenez No Hack Me sur Tipeee

Les annonces ayant été modifiées dernièrement

CVE-2018-9466 - In the xmlSnprintfElementContent function of valid.c, there is a possible out of bounds write. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9466
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9432 - In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user's ability to disable access to contacts, with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9432
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9428 - In startDevice of AAudioServiceStreamBase.cpp there is a possible out of bounds write due to a use after free. This could lead to local arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. https://source.android.com/security/bulletin/2018-07-01
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9428
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9424 - In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9424
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9421 - In writeInplace of Parcel.cpp, there is a possible information leak across processes, using Binder, due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9421
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9420 - In BnCameraService::onTransact of CameraService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9420
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9419 - In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9419
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9417 - In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9417
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9411 - In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9411
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52762 - A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "tz" parameter.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52762
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9409 - In HWCSession::SetColorModeById of hwc_session.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9409
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9371 - In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9371
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9366 - In IMSA_Recv_Thread and VT_IMCB_Thread of ImsaClient.cpp and VideoTelephony.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9366
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9364 - In the LG LAF component, there is a special command that allowed modification of certain partitions. This could lead to bypass of secure boot. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9364
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9348 - In SMF_ParseMetaEvent of eas_smf.c, there is a possible integer overflow. This could lead to remote denial of service due to resource exhaustion with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9348
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52759 - D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52759
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52714 - Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52714
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9346 - In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9346
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9345 - In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9345
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9344 - In several functions of DescramblerImpl.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9344
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9341 - In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9341
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9340 - In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9340
Partager : LinkedIn / Twitter / Facebook

CVE-2018-9339 - In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2018-9339
Partager : LinkedIn / Twitter / Facebook

CVE-2024-53051 - In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during hotplug scenario or suspend/resume scenario encoder is not always initialized when intel_hdcp_get_capability add a check to avoid kernel null pointer dereference.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-53051
Partager : LinkedIn / Twitter / Facebook

CVE-2024-53050 - In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in hdcp2_get_capability Add encoder check in intel_hdcp2_get_capability to avoid null pointer error.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-53050
Partager : LinkedIn / Twitter / Facebook

CVE-2024-48070 - An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-48070
Partager : LinkedIn / Twitter / Facebook

CVE-2024-48069 - A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-48069
Partager : LinkedIn / Twitter / Facebook

CVE-2023-21270 - In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2023-21270
Partager : LinkedIn / Twitter / Facebook

CVE-2017-13315 - In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2017-13315
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52401 - Cross-Site Request Forgery (CSRF) vulnerability in ???? Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52401
Partager : LinkedIn / Twitter / Facebook

CVE-2024-51814 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ?? ???????? allows DOM-Based XSS.This issue affects ????????: from n/a through 1.2.0.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-51814
Partager : LinkedIn / Twitter / Facebook

CVE-2024-48071 - E-cology has a directory traversal vulnerability. An attacker can exploit this vulnerability to delete the server directory, causing the server to permanently deny service.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-48071
Partager : LinkedIn / Twitter / Facebook

CVE-2024-8403 - Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-8403
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52574 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24543)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52574
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52573 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24521)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52573
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52572 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain a stack based overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24486)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52572
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52571 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24485)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52571
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52570 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24365)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52570
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52569 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24260)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52569
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52568 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-24244)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52568
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52567 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24237)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52567
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52566 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24233)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52566
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52565 - A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24231)
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52565
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52426 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through 2.7.11.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52426
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52425 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Urchenko Drozd – Addons for Elementor allows Stored XSS.This issue affects Drozd – Addons for Elementor: from n/a through 1.1.1.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52425
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52424 - Cross-Site Request Forgery (CSRF) vulnerability in Suresh Kumar wp-login customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through 1.0.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52424
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52423 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themify Themify Builder allows Stored XSS.This issue affects Themify Builder: from n/a through 7.6.3.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52423
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52422 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Terry Lin WP Githuber MD allows Stored XSS.This issue affects WP Githuber MD: from n/a through 1.16.3.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52422
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52419 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Clipboard Team Copy Anything to Clipboard allows Stored XSS.This issue affects Copy Anything to Clipboard: from n/a through 4.0.3.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52419
Partager : LinkedIn / Twitter / Facebook

CVE-2024-52436 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9.
20/11/2024 | https://nvd.nist.gov/vuln/detail/CVE-2024-52436
Partager : LinkedIn / Twitter / Facebook