Total
3544 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-46627 | 1 Becn | 1 Datagerry | 2024-09-30 | 9.1 Critical |
| Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests. | ||||
| CVE-2024-45982 | 1 Scheduler | 1 Scheduler | 2024-09-30 | 8.8 High |
| A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts. | ||||
| CVE-2024-41605 | 1 Foxitsoftware | 1 Foxit Pdf Editor | 2024-09-30 | 8.4 High |
| In Foxit PDF Reader before 2024.3, and PDF Editor before 2024.3 and 13.x before 13.1.4, an attacker can replace an update file with a Trojan horse via side loading, because the update service lacks integrity validation for the updater. Attacker-controlled code may thus be executed. | ||||
| CVE-2024-46097 | 1 Testlink | 1 Testlink | 2024-09-30 | 8.1 High |
| TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a new TestPlan is created, an ID with an incremental value is automatically generated. Using the edit function you can change the tplan_id parameter to another ID. The application does not carry out a check on the user's permissions maing it possible to recover the IDs of all the TestPlans (even the administrative ones) and modify them even with minimal privileges. | ||||
| CVE-2024-47145 | 1 Mattermost | 1 Mattermost Server | 2024-09-26 | 3.1 Low |
| Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when viewing archived channels is disabled, which allows an attacker to view posts and files of archived channels via file links. | ||||
| CVE-2024-45489 | 1 The Browser Company | 1 Arc | 2024-09-26 | 9.8 Critical |
| Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however (because of misconfigured Firebase ACLs), it is possible to create or update a boost using another user's ID. This installs the boost in the victim's browser and runs arbitrary Javascript on that browser in a privileged context. NOTE: this is a no-action cloud vulnerability with zero affected users. | ||||
| CVE-2024-45313 | 1 Overleaf | 1 Overleaf | 2024-09-25 | 5.4 Medium |
| Overleaf is a web-based collaborative LaTeX editor. When installing Server Pro using the Overleaf Toolkit from before 2024-07-17 or legacy docker-compose.yml from before 2024-08-28, the configuration for LaTeX compiles was insecure by default, requiring the administrator to enable the security features via a configuration setting (`SIBLING_CONTAINERS_ENABLED` in Toolkit, `SANDBOXED_COMPILES` in legacy docker-compose/custom deployments). If these security features are not enabled then users have access to the `sharelatex` container resources (filesystem, network, environment variables) when running compiles, leading to multiple file access vulnerabilities, either directly or via symlinks created during compiles. The setting has now been changed to be secure by default for new installs in the Toolkit and legacy docker-compose deployment. The Overleaf Toolkit has been updated to set `SIBLING_CONTAINERS_ENABLED=true` by default for new installs. It is recommended that any existing installations using the previous default setting migrate to using sibling containers. Existing installations can set `SIBLING_CONTAINERS_ENABLED=true` in `config/overleaf.rc` as a mitigation. In legacy docker-compose/custom deployments `SANDBOXED_COMPILES=true` should be used. | ||||
| CVE-2024-9003 | 2 Jflow Project, Jinan Chicheng Company | 2 Jflow, Jflow | 2024-09-25 | 4.3 Medium |
| A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFile_Load.do of the component Attachment Handler. The manipulation of the argument oid leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-28170 | 1 Intel | 1 Raid Web Console | 2024-09-23 | 3.3 Low |
| Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2024-32940 | 1 Intel | 1 Raid Web Console | 2024-09-23 | 6.5 Medium |
| Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2024-34543 | 1 Intel | 1 Raid Web Console | 2024-09-23 | 6.7 Medium |
| Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-36261 | 1 Intel | 1 Raid Web Console | 2024-09-23 | 3.5 Low |
| Improper access control in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2024-36247 | 1 Intel | 1 Raid Web Console | 2024-09-23 | 4.6 Medium |
| Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2024-45323 | 1 Fortinet | 1 Fortiedrmanager | 2024-09-20 | 4.6 Medium |
| An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6.0 all versions may allow in a shared environment context an authenticated admin with REST API permissions in his profile and restricted to a specific organization to access backend logs that include information related to other organizations. | ||||
| CVE-2024-6796 | 2 Baxter, Hillrom | 2 Connex Health Portal, Connex Health Portal | 2024-09-20 | 8.2 High |
| In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content. | ||||
| CVE-2024-45811 | 2 Redhat, Vitejs | 2 Openshift Distributed Tracing, Vite | 2024-09-20 | 4.8 Medium |
| Vite a frontend build tooling framework for javascript. In affected versions the contents of arbitrary files can be returned to the browser. `@fs` denies access to files outside of Vite serving allow list. Adding `?import&raw` to the URL bypasses this limitation and returns the file content if it exists. This issue has been patched in versions 5.4.6, 5.3.6, 5.2.14, 4.5.5, and 3.2.11. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-46990 | 2024-09-20 | 5 Medium | ||
| Directus is a real-time API and App dashboard for managing SQL database content. When relying on blocking access to localhost using the default `0.0.0.0` filter a user may bypass this block by using other registered loopback devices (like `127.0.0.2` - `127.127.127.127`). This issue has been addressed in release versions 10.13.3 and 11.1.0. Users are advised to upgrade. Users unable to upgrade may block this bypass by manually adding the `127.0.0.0/8` CIDR range which will block access to any `127.X.X.X` ip instead of just `127.0.0.1`. | ||||
| CVE-2024-7553 | 2 Microsoft, Mongodb | 24 Windows 10 1507, Windows 10 1511, Windows 10 1607 and 21 more | 2024-09-19 | 7.3 High |
| Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1. Required Configuration: Only environments with Windows as the underlying operating system is affected by this issue | ||||
| CVE-2024-6087 | 2 Lunary, Lunary-ai | 2 Lunary, Lunary-ai\/lunary | 2024-09-19 | 6.5 Medium |
| An improper access control vulnerability exists in lunary-ai/lunary at the latest commit (a761d83) on the main branch. The vulnerability allows an attacker to use the auth tokens issued by the 'invite user' functionality to obtain valid JWT tokens. These tokens can be used to compromise target users upon registration for their own arbitrary organizations. The attacker can invite a target email, obtain a one-time use token, retract the invite, and later use the token to reset the password of the target user, leading to full account takeover. | ||||
| CVE-2023-37234 | 1 Loftware | 1 Spectrum | 2024-09-18 | 7.5 High |
| Loftware Spectrum through 4.6 has unprotected JMX Registry. | ||||