CVSS 0-1
| CVE ID | CVSS | Vendor | Exploit | Patch | Trends |
|---|---|---|---|---|---|
CVE-2024-9476A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance. | CVSS 0 | Grafana | - | Patched |  |
CVE-2024-9286Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper Input Validation vulnerability in TRtek Software Distant Education Platform allows SQL Injection, Parameter Injection.This issue affects Distant Education Platform: before 3.2024.11. | CVSS 0 | - | - |  | |
CVE-2024-9145Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz (legacy) Visual Studio Code extension in versions 0.13.0 up to 0.17.8 are vulnerable to local command injection if the user opens a maliciously crafted Dockerfile located in a path that has been marked as a "trusted folder" within Visual Studio Code, and initiates a manual scan of the file. | CVSS 0 | - | - |  | |
CVE-2024-9124A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 600T. If the device is overloaded with requests, it will become unavailable. The device may require a power cycle to recover it if it does not re-establish a connection after it stops receiving requests. | CVSS 0 | Rockwellautomation | - | - |  |
CVE-2024-8421This CVE has been rejected. | CVSS 0 | Redhat | - | Patched |  |
CVE-2024-8068Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain | CVSS 0 | Citrix | - | - |  |
CVE-2024-52584Autolab is a course management service that enables auto-graded programming assignments. There is a vulnerability in version 3.0.1 where CAs can view or edit the grade for any submission ID, even if they are not a CA for the class that has the submission. The endpoints only check that the CAs have the authorization level of a CA in the class in the endpoint, which is not necessarily the class the submission is attached to. Version 3.0.2 contains a patch. No known workarounds are available. | CVSS 0 | Autolabproject | - | - |  |
CVE-2024-52524Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution (ReDoS) vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation times, potentially leading to denial of service. Giskard versions prior to 2.15.5 are affected. | CVSS 0 | - | Patched |  | |
CVE-2024-52506The reporting functionality in Graylog allows the creation and scheduling of reports which contain dashboard widgets displaying individual log messages or metrics aggregated from fields of multiple log messages. This functionality, as included in Graylog 6.1.0 & 6.1.1, is vulnerable to information leakage triggered by multiple concurrent report rendering requests from authorized users. When multiple report renderings are requested at the same start time, the headless browser instance used to render the PDF will be reused. Depending on the timing, either a check for the browser instance "freshness" hits, resulting in an error instead of the report being returned, or one of the concurrent report rendering requests "wins" and this report is returned for all report rendering requests that do not return an error. This might lead to one user getting the report of a different user, potentially leaking indexed log messages or aggregated data that this user normally has no access to. | CVSS 0 | Graylog | - | Patched |  |
CVE-2024-52304aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.10.11, the Python parser parses newlines in chunk extensions incorrectly which can lead to request smuggling vulnerabilities under certain conditions. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or `AIOHTTP_NO_EXTENSIONS` is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.10.11 fixes the issue. | CVSS 0 | Aiohttp | - | Patched |  |
CVE-2024-52301Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23, and 11.31.0. The framework now ignores argv values for environment detection on non-cli SAPIs. | CVSS 0 | Laravel | - | Patched |  |
CVE-2024-52295DataEase is an open source data visualization analysis tool. Prior to 2.10.2, DataEase allows attackers to forge jwt and take over services. The JWT secret is hardcoded in the code, and the UID and OID are hardcoded. The vulnerability has been fixed in v2.10.2. | CVSS 0 | Dataease | - | - |  |
CVE-2024-52010Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on the host. Zoraxy has a Web SSH terminal feature that allows authenticated users to connect to SSH servers from their browsers. In HandleCreateProxySession the request to create an SSH session is handled. An attacker can exploit the username variable to escape from the bash command and inject arbitrary commands into sshCommand. This is possible, because, unlike hostname and port, the username is not validated or sanitized. | CVSS 0 | - | Patched |  | |
CVE-2024-51736Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named `cmd.exe` is located in the current working directory it will be called by the `Process` class when preparing command arguments, leading to possible hijacking. This issue has been addressed in release versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS 0 | Symfony | - | Patched |  |
CVE-2024-51734Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an `AccessControl.userfolder.UserFolder` which may prevent any privileged access. This problem has been fixed in version 7.2. Users are advised to upgrade. Users unable to upgrade may address the issue by adding `data__roles__ = ()` to `AccessControl.userfolder.UserFolder`. | CVSS 0 | Zope | - | Patched |  |
CVE-2024-51502loona is an experimental, HTTP/1.1 and HTTP/2 implementation in Rust on top of io-uring. `loona-hpack` suffers from the same vulnerability as the original `hpack` as documented in issue #11. All users who try to decode untrusted input using the Decoder are vulnerable to this exploit. This issue has been addressed in release version 0.4.3. All users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS 0 | - | Patched |  | |
CVE-2024-50356Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The password could be reset by anyone who have access to the mail inbox circumventing the 2FA. Even though they wouldn't be able to login by bypassing the 2FA. Only users who have enabled 2FA are affected. Commit ba0007c28ac814260f836849bc07d29beea7deb6 patches this bug. | CVSS 0 | Saas | - | - |  |
CVE-2024-49506Insecure creation of temporary files allows local users on systems with non-default configurations to cause denial of service or set the encryption key for a filesystem | CVSS 0 | Opensuse | - | - |  |
CVE-2024-48915Certificate verification (in lib/agent/certificate.dart) has been found to contain two issues: During the delegation verification (in _checkDelegation function) the canister_ranges aren't verified. The impact of not checking the canister_ranges is that a subnet can sign canister responses in behalf of another subnet. You have more details in the IC specification here. Also for reference you can check how is this implemented in the agent-rs.
- The certificate’s timestamp, i.e /time path, is not verified, meaning that the certificate effectively has no expiration time. The IC spec doesn’t specify an expiry times, it gives some suggestions, quoting: "A reasonable expiry time for timestamps in R.signatures and the certificate Cert is 5 minutes (analogously to the maximum allowed ingress expiry enforced by the IC mainnet). Delegations require expiry times of at least a week since the IC mainnet refreshes the delegations only after replica upgrades which typically happen once a week". For reference you can check how is this implemented in the agent-rs (here and here).
Additionally, seems replica signed queries aren’t implemented | CVSS 0 | - | Patched |  | |
CVE-2024-47876Sakai is a Collaboration and Learning Environment. Starting in version 23.0 and prior to version 23.2, kernel users created with type roleview can log in as a normal user. This can result in illegal access being granted to the system. Version 23.3 fixes this vulnerability. | CVSS 0 | Sakailms | - | Patched |  |
CVE-2024-47874Starlette is an Asynchronous Server Gateway Interface (ASGI) framework/toolkit. Prior to version 0.40.0, Starlette treats `multipart/form-data` parts without a `filename` as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload arbitrary large form fields and cause Starlette to both slow down significantly due to excessive memory allocations and copy operations, and also consume more and more memory until the server starts swapping and grinds to a halt, or the OS terminates the server process with an OOM error. Uploading multiple such requests in parallel may be enough to render a service practically unusable, even if reasonable request size limits are enforced by a reverse proxy in front of Starlette. This Denial of service (DoS) vulnerability affects all applications built with Starlette (or FastAPI) accepting form requests. Verison 0.40.0 fixes this issue. | CVSS 0 | Encode, et al | - | Patched |  |
CVE-2024-47824matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that room, via injection of a malicious device controlled by the homeserver. This is possible because matrix-react-sdk before 3.102.0 shared historical message keys on invite. Version 3.102.0 fixes this issue by disabling sharing message keys on invite by removing calls to the vulnerable functionality. No known workarounds are available. | CVSS 0 | Matrix | - | Patched |  |
CVE-2024-47759GLPI is a free Asset and IT management software package. An technician can upload a SVG containing a malicious script. The script will then be executed when any user will try to see the document contents. Upgrade to 10.0.17. | CVSS 0 | Glpi-project | - | - |  |
CVE-2024-47611XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows (MinGW-w64 or MSVC), the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters (for example, filenames) that don't exist in the current legacy code page, the characters are converted to similar-looking characters with best-fit mapping. Some best-fit mappings result in ASCII characters that change the meaning of the command line, which can be exploited with malicious filenames to do argument injection or directory traversal attacks. This vulnerability is fixed in 5.6.3. Command line tools built for Cygwin or MSYS2 are unaffected. liblzma is unaffected. | CVSS 0 | Mingw | - | - |  |
CVE-2024-47609Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. This can be triggered by causing the accept call to error out with errors that were not covered correctly causing the accept loop to exit. Upgrading to tonic 0.12.3 and above contains the fix. | CVSS 0 | - | Patched |  | |
CVE-2024-47534During the ongoing work on the TUF conformance test suite, we have come across a test that reveals what we believe is a bug in go-tuf with security implications. The bug exists in go-tuf delegation tracing and could result in downloading the wrong artifact. We have come across this issue in the test in this PR: theupdateframework/tuf-conformance#115. The test - test_graph_traversal - sets up a repository with a series of delegations, invokes the clients refresh() and then checks the order in which the client traced the delegations. The test shows that the go-tuf client inconsistently traces the delegations in a wrong way. For example, during one CI run, the two-level-delegations test case triggered a wrong order. The delegations in this look as such: "two-level-delegations": DelegationsTestCase(
delegations=[
DelegationTester("targets", "A"),
DelegationTester("targets", "B"),
DelegationTester("B", "C"),
],
visited_order=["A", "B", "C"],
), Here, targets delegate to "A", and to "B", and "B" delegates to "C". The client should trace the delegations in the order "A" then "B" then "C" but in this particular CI run, go-tuf traced the delegations "B"->"C"->"A". In a subsequent CI run, this test case did not fail, but another one did. @jku has done a bit of debugging and believes that the returned map of GetRolesForTarget returns a map that causes this behavior: https://github.com/theupdateframework/go-tuf/blob/f95222bdd22d2ac4e5b8ed6fe912b645e213c3b5/metadata/metadata.go#L565-L580 We believe that this map should be an ordered list instead of a map. | CVSS 0 | Theupdateframework | - | Patched |  |
CVE-2024-47073DataEase is an open source data visualization analysis tool that helps users quickly analyze data and gain insights into business trends. In affected versions a the lack of signature verification of jwt tokens allows attackers to forge jwts which then allow access to any interface. The vulnerability has been fixed in v2.10.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS 0 | Dataease | - | - |  |
CVE-2024-42992Python Pip Pandas v2.2.2 was discovered to contain an arbitrary file read vulnerability. | CVSS 0 | Github | Exploit | - |  |
CVE-2024-38537Fides is an open-source privacy engineering platform. `fides.js`, a client-side script used to interact with the consent management features of Fides, used the `polyfill.io` domain in a very limited edge case, when it detected a legacy browser such as IE11 that did not support the fetch standard. Therefore it was possible for users of legacy, pre-2017 browsers who navigate to a page serving `fides.js` to download and execute malicious scripts from the `polyfill.io` domain when the domain was compromised and serving malware. No exploitation of `fides.js` via `polyfill.io` has been identified as of time of publication.
The vulnerability has been patched in Fides version `2.39.1`. Users are advised to upgrade to this version or later to secure their systems against this threat. On Thursday, June 27, 2024, Cloudflare and Namecheap intervened at a domain level to ensure `polyfill.io` and its subdomains could not resolve to the compromised service, rendering this vulnerability unexploitable. Prior to the domain level intervention, there were no server-side workarounds and the confidentiality, integrity, and availability impacts of this vulnerability were high. Clients could ensure they were not affected by using a modern browser that supported the fetch standard. | CVSS 0 | Ethyca | Exploit | Patched |  |
CVE-2024-37664Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router. | CVSS 0 | - | - |  | |
CVE-2024-37663Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages. | CVSS 0 | - | - |  | |
CVE-2024-32394An issue in ruijie.com/cn RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 and RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 allows a remote attacker to execute arbitrary code via a crafted HTTP request. | CVSS 0 | Ruijie | - | - |  |
CVE-2024-32368Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version 3.0 allows a local attacker to cause a denial of service via the Bluetooth Low Energy (BLE) component. | CVSS 0 | - | - |  | |
CVE-2024-32345A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section. | CVSS 0 | Cmsimple | - | - |  |
CVE-2024-31804An unquoted service path vulnerability in Terratec DMX_6Fire USB v.1.23.0.02 allows a local attacker to escalate privileges via the Program.exe component. | CVSS 0 | - | - |  | |
CVE-2024-30951FUDforum v3.1.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the chpos parameter at /adm/admsmiley.php. | CVSS 0 | Fudforum | - | - |  |
CVE-2024-30924Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component. | CVSS 0 | - | - |  | |
CVE-2024-29376There is a possibility to save XSS code in province field in the Checkout and Address Book and then execute it on these pages. The problem occurs when you open the address step page in the checkout or edit the address in the address book. This only affects the base UI Shop provided by Sylius. | CVSS 0 | Sylius | - | Patched |  |
CVE-2024-27349Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0.
Users are recommended to upgrade to version 1.3.0, which fixes the issue.
| CVSS 0 | Apache | - | Patched |  |
CVE-2024-27088es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63. | CVSS 0 | Exploit | Patched |  | |
CVE-2024-23293This issue was addressed through improved state management. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An attacker with physical access may be able to use Siri to access sensitive user data. | CVSS 0 | Apple | - | Patched |  |
CVE-2024-22856A SQL injection vulnerability via the Save Favorite Search function in Axefinance Axe Credit Portal >= v.3.0 allows authenticated attackers to execute unintended queries and disclose sensitive information from DB tables via crafted requests. | CVSS 0 | - | - |  | |
CVE-2024-2118The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.8.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | CVSS 0 | Wordpress, et al | - | - |  |
CVE-2024-10397A malicious server can crash the OpenAFS cache manager and other client
utilities, and possibly execute arbitrary code. | CVSS 0 | Openafs | - | - |  |
CVE-2024-10396An authenticated user can provide a malformed ACL to the fileserver's StoreACL
RPC, causing the fileserver to crash, possibly expose uninitialized memory, and
possibly store garbage data in the audit log.
Malformed ACLs provided in responses to client FetchACL RPCs can cause client
processes to crash and possibly expose uninitialized memory into other ACLs
stored on the server. | CVSS 0 | Apache | - | - |  |
CVE-2024-10394A local user can bypass the OpenAFS PAG (Process Authentication Group)
throttling mechanism in Unix clients, allowing the user to create a PAG using
an existing id number, effectively joining the PAG and letting the user steal
the credentials in that PAG. | CVSS 0 | Opengroup | - | - |  |
CVE-2023-7252The Tickera WordPress plugin before 3.5.2.5 does not prevent users from leaking other users' tickets. | CVSS 0 | Tickera, et al | - | - |  |
CVE-2019-14561** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | CVSS 0 | - | Patched |  | |
CVE-2013-4869Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service in Cisco Unified Presence Server through 9.1(2) use the same CTI and database-encryption key across different customers' installations, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key, aka Bug IDs CSCsc69187 and CSCui01756. NOTE: the vendor has provided a statement that the "hard-coded static encryption key is considered a hardening issue rather than a vulnerability, and as such, has a CVSS score of 0/0." | CVSS 0 | Cisco | - | Patched | |
CVE-2012-5085Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. | CVSS 0 | Oracle, et al | - | Patched |  |
CVE-2012-0547Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "toolkit internals references." | CVSS 0 | Oracle, et al | - | Patched |  |
CVE-1999-0657WinGate is being used. | CVSS 0 | - | - | ||
CVE-1999-0641The UUCP service is running. | CVSS 0 | - | - | ||
CVE-1999-0639The chargen service is running. | CVSS 0 | - | - | ||
CVE-1999-0638The daytime service is running. | CVSS 0 | - | - | ||
CVE-1999-0637The systat service is running. | CVSS 0 | - | - | ||
CVE-1999-0635The echo service is running. | CVSS 0 | - | Patched | ||
CVE-1999-0632The RPC portmapper service is running. | CVSS 0 | - | - | ||
CVE-1999-0629The ident/identd service is running. | CVSS 0 | - | - | ||
CVE-1999-0627The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. | CVSS 0 | Ibm | - | - | |
CVE-1999-0626A version of rusers is running that exposes valid user information to any entity on the network. | CVSS 0 | Sun | - | - | |
CVE-1999-0625The rpc.rquotad service is running. | CVSS 0 | - | - | ||
CVE-1999-0624The rstat/rstatd service is running. | CVSS 0 | - | - | ||
CVE-1999-0613The rpc.sprayd service is running. | CVSS 0 | - | - | ||
CVE-1999-0612A version of finger is running that exposes valid user information to any entity on the network. | CVSS 0 | Microsoft, et al | - | - | |
CVE-1999-0586A network service is running on a nonstandard port. | CVSS 0 | - | - | ||
CVE-1999-0532A DNS server allows zone transfers. | CVSS 0 | - | - | ||
CVE-1999-0525IP traceroute is allowed from arbitrary hosts. | CVSS 0 | - | - | ||
CVE-1999-0523ICMP echo (ping) is allowed from arbitrary hosts. | CVSS 0 | - | - | ||
CVE-1999-0497Anonymous FTP is enabled. | CVSS 0 | - | - |