Total
10313 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-47823 | 2024-10-10 | N/A | N/A | ||
| Livewire is a full-stack framework for Laravel that allows for dynamic UI components without leaving PHP. In livewire/livewire prior to `2.12.7` and `v3.5.2`, the file extension of an uploaded file is guessed based on the MIME type. As a result, the actual file extension from the file name is not validated. An attacker can therefore bypass the validation by uploading a file with a valid MIME type (e.g., `image/png`) and a “.php” file extension. If the following criteria are met, the attacker can carry out an RCE attack: 1. Filename is composed of the original file name using `$file->getClientOriginalName()`. 2. Files stored directly on your server in a public storage disk. 3. Webserver is configured to execute “.php” files. This issue has been addressed in release versions `2.12.7` and `3.5.2`. All users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-8518 | 2024-10-10 | N/A | 3.3 LOW | ||
| CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file is loaded by an application user. | |||||
| CVE-2024-20406 | 1 Cisco | 1 Ios Xr | 2024-10-07 | N/A | 7.4 HIGH |
| A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type. | |||||
| CVE-2024-8889 | 1 Circutor | 2 Tcp2rs\+, Tcp2rs\+ Firmware | 2024-10-07 | N/A | 9.1 CRITICAL |
| Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use. This equipment is at the end of its useful life cycle. | |||||
| CVE-2024-47179 | 2024-10-02 | N/A | 8.8 HIGH | ||
| RSSHub is an RSS network. Prior to commit 64e00e7, RSSHub's `docker-test-cont.yml` workflow is vulnerable to Artifact Poisoning, which could have lead to a full repository takeover. Downstream users of RSSHub are not vulnerable to this issue, and commit 64e00e7 fixed the underlying issue and made the repository no longer vulnerable. The `docker-test-cont.yml` workflow gets triggered when the `PR - Docker build test` workflow completes successfully. It then collects some information about the Pull Request that triggered the triggering workflow and set some labels depending on the PR body and sender. If the PR also contains a `routes` markdown block, it will set the `TEST_CONTINUE` environment variable to `true`. The workflow then downloads and extracts an artifact uploaded by the triggering workflow which is expected to contain a single `rsshub.tar.zst` file. However, prior to commit 64e00e7, it did not validate and the contents were extracted in the root of the workspace overriding any existing files. Since the contents of the artifact were not validated, it is possible for a malicious actor to send a Pull Request which uploads, not just the `rsshub.tar.zst` compressed docker image, but also a malicious `package.json` file with a script to run arbitrary code in the context of the privileged workflow. As of commit 64e00e7, this scenario has been addressed and the RSSHub repository is no longer vulnerable. | |||||
| CVE-2024-45825 | 1 Rockwellautomation | 2 5015-u8ihft, 5015-u8ihft Firmware | 2024-10-02 | N/A | 7.5 HIGH |
| CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service. | |||||
| CVE-2024-8445 | 2024-10-01 | N/A | 5.7 MEDIUM | ||
| The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input. | |||||
| CVE-2024-6436 | 2024-09-30 | N/A | N/A | ||
| An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition. If exploited, the device would become unresponsive, and a manual restart will be required for recovery. Additionally, if exploited, there could be a loss of view for the downstream equipment sequences in the controller. Users would not be able to view the status or command the equipment sequences, however the equipment sequence would continue to execute uninterrupted. | |||||
| CVE-2024-6658 | 2024-09-23 | N/A | 8.4 HIGH | ||
| Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.0 (inclusive) From 7.2.49.0 to 7.2.54.11 (inclusive) 7.2.48.12 and all prior versions Multi-Tenant Hypervisor 7.1.35.11 and all prior versions ECS All prior versions to 7.2.60.0 (inclusive) | |||||
| CVE-2024-45612 | 1 Contao | 1 Contao | 2024-09-23 | N/A | 5.3 MEDIUM |
| Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to upgrade should disable canonical tags in the root page settings. | |||||
| CVE-2024-34545 | 1 Intel | 1 Raid Web Console | 2024-09-23 | N/A | 5.7 MEDIUM |
| Improper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access. | |||||
| CVE-2024-38879 | 1 Siemens | 1 Omnivise T3000 Application Server | 2024-09-20 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system exposes the port of an internal application on the public network interface allowing an attacker to circumvent authentication and directly access the exposed application. | |||||
| CVE-2024-45798 | 2024-09-20 | N/A | 9.9 CRITICAL | ||
| arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. The `arduino-esp32` CI is vulnerable to multiple Poisoned Pipeline Execution (PPE) vulnerabilities. Code injection in `tests_results.yml` workflow (`GHSL-2024-169`) and environment Variable injection (`GHSL-2024-170`). These issue have been addressed but users are advised to verify the contents of the downloaded artifacts. | |||||
| CVE-2024-46946 | 2024-09-20 | N/A | 9.8 CRITICAL | ||
| langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify (which uses eval) in LLMSymbolicMathChain. LLMSymbolicMathChain was introduced in fcccde406dd9e9b05fc9babcbeb9ff527b0ec0c6 (2023-10-05). | |||||
| CVE-2024-45601 | 2024-09-20 | N/A | 7.5 HIGH | ||
| Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validation in a specific endpoint. This could have allowed an attacker to access files not intended to be served. Users are strongly advised to update to the latest version of Mesop immediately. The latest version includes a fix for this vulnerability. At time of publication 0.12.4 is the most recently available version of Mesop. | |||||
| CVE-2024-37406 | 2024-09-20 | N/A | 7.5 HIGH | ||
| In Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right instead of the left, which may lead to domain confusion. | |||||
| CVE-2024-6077 | 1 Rockwellautomation | 14 1756-en4, 1756-en4 Firmware, Compact Guardlogix 5380 Sil 2 and 11 more | 2024-09-19 | N/A | 7.5 HIGH |
| A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover. | |||||
| CVE-2024-6258 | 1 Zephyrproject | 1 Zephyr | 2024-09-19 | N/A | 6.5 MEDIUM |
| BT: Missing length checks of net_buf in rfcomm_handle_data | |||||
| CVE-2024-5931 | 1 Zephyrproject | 1 Zephyr | 2024-09-19 | N/A | 6.5 MEDIUM |
| BT: Unchecked user input in bap_broadcast_assistant | |||||
| CVE-2024-6259 | 1 Zephyrproject | 1 Zephyr | 2024-09-19 | N/A | 6.5 MEDIUM |
| BT: HCI: adv_ext_report Improper discarding in adv_ext_report | |||||