Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the mast...

Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can ...

The Bazaar v1.4.3 vulnerability, CVE-2024-40348, allows unauthenticated attackers to perform directory traversal through the /api/swaggerui/static component. This vulnerability presents a high risk to affected systems, compromising system integrity and confidentiality. A Proof of Concept (PoC) ha...

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function.

## What is CVE-2024-50379? CVE-2024-50379 is a serious vulnerability affecting Apache Tomcat, an open-source implementation of the Java Servlet, JavaServer Pages, and other Java EE technologies. This particular vulnerability arises from a Time-of-check Time-of-use (TOCTOU) race condition during ...

## What is CVE-2024-50379? CVE-2024-50379 is a serious vulnerability affecting Apache Tomcat, an open-source implementation of the Java Servlet, JavaServer Pages, and other Java EE technologies. This particular vulnerability arises from a Time-of-check Time-of-use (TOCTOU) race condition during ...

## What is CVE-2024-56145? CVE-2024-56145 is a vulnerability found in Craft CMS, a popular content management system designed for creating custom digital experiences. This vulnerability specifically affects users who have enabled the `register_argc_argv` setting in their php.ini configuration. I...

An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.

## What is CVE-2024-35176? CVE-2024-35176 is a vulnerability identified in the REXML gem, an XML parsing toolkit utilized within the Ruby programming language ecosystem. This vulnerability arises from improper handling of untrusted XML input, specifically when parsing documents containing numer...

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include th...

Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export For WooCommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through 1.5.

The Collapsing Categories plugin for WordPress contains a critical SQL Injection vulnerability due to insufficient input validation on the 'taxonomy' parameter in the /wp-json/collapsing-categories/v1/get REST API endpoint. Versions up to and including 3.0.8 are affected, allowing unauthenticated...

## What is CVE-2024-6387? CVE-2024-6387 is a vulnerability found in OpenSSH's server (sshd), an essential component widely used for secure remote login and other secure network services. This particular flaw arises from a race condition in signal handling, which can lead to unsafe behaviors when...

The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5 via the rtw_pgaepb_dwnld_pdf() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, ...

An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, rel...

A logic issue was addressed with improved state management.

## What is CVE-2024-40725? CVE-2024-40725 is a vulnerability in the Apache HTTP Server version 2.4.61, which is widely used as a web server for delivering content over the internet. This vulnerability arises from a partial fix related to content-type configurations that disregard the use of cert...

Windows Kernel Elevation of Privilege Vulnerability

Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A

## What is CVE-2024-53677? CVE-2024-53677 is a security vulnerability in Apache Struts, a widely used framework for building Java web applications. This flaw lies within the file upload logic of the framework, which can be exploited by malicious actors. If successfully exploited, it could allow ...

## What is CVE-2024-49112? CVE-2024-49112 is a vulnerability identified within the Windows Lightweight Directory Access Protocol (LDAP) implementation, which is crucial for managing and accessing directory information services. This vulnerability poses the risk of remote code execution, allowing...

## What is CVE-2024-49112? CVE-2024-49112 is a vulnerability identified within the Windows Lightweight Directory Access Protocol (LDAP) implementation, which is crucial for managing and accessing directory information services. This vulnerability poses the risk of remote code execution, allowing...

## What is CVE-2024-45337? CVE-2024-45337 is an authorization bypass vulnerability affecting the ServerConfig.PublicKeyCallback in the Golang.org/x/crypto library. This library is widely utilized in applications that implement SSH communication. The vulnerability arises because the PublicKeyCall...

## What is CVE-2024-45337? CVE-2024-45337 is an authorization bypass vulnerability affecting the ServerConfig.PublicKeyCallback in the Golang.org/x/crypto library. This library is widely utilized in applications that implement SSH communication. The vulnerability arises because the PublicKeyCall...

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could ...

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2024-12356 represents a critical command injection vulnerability found in BeyondTrust's Privileged Remote Access and Remote Support products. This flaw enables unauthenticated attackers to inject malicious commands that are executed with the privileges of a site user. Such exploitation poses ...

An Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH CloudPanel v2.0.0 to v2.4.2 allows low-privilege users to bypass access controls and gain unauthorized access to sensitive configuration files and administrative functionality.

A high-severity vulnerability has been discovered in Kubernetes, potentially allowing attackers to execute arbitrary commands outside of container boundaries.The vulnerability tracked as CVE-2024-10220 with a CVSS score of 8.1, affects Kubernetes clusters running specific versions of kubelet. The...

## What is CVE-2024-53677? CVE-2024-53677 is a security vulnerability in Apache Struts, a widely used framework for building Java web applications. This flaw lies within the file upload logic of the framework, which can be exploited by malicious actors. If successfully exploited, it could allow ...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through 1.0.0.

## What is CVE-2024-49112? CVE-2024-49112 is a vulnerability identified within the Windows Lightweight Directory Access Protocol (LDAP) implementation, which is crucial for managing and accessing directory information services. This vulnerability poses the risk of remote code execution, allowing...

Microsoft Exchange Server Remote Code Execution Vulnerability

Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.

CVE-2024-53376 is a critical remote code execution vulnerability affecting CyberPanel versions before 2.3.8. This flaw allows authenticated users to execute arbitrary commands on the server by manipulating the phpSelection field in the websites/submitWebsiteCreation URI. The vulnerability arises ...

## What is CVE-2024-0582? CVE-2024-0582 is a vulnerability identified in the Linux kernel's io_uring functionality, which is designed for high-performance input/output operations. This flaw relates to how a user registers a buffer ring using the IORING_REGISTER_PBUF_RING method and subsequently ...

CVE-2023-45866 is a Bluetooth vulnerability affecting the BlueZ software, which can lead to the injection of HID messages by unauthenticated devices. This vulnerability could potentially impact Linux-based systems and Ubuntu 22.04LTS. Apple has released patches to fix 12 vulnerabilities on variou...

Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router (this does not affect the app router). When this crafted request is sent it could coerce Nex...

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.

## What is CVE-2024-53677? CVE-2024-53677 is a security vulnerability in Apache Struts, a widely used framework for building Java web applications. This flaw lies within the file upload logic of the framework, which can be exploited by malicious actors. If successfully exploited, it could allow ...

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafte...

The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and a missing capability check on the ibk_restore_migrate_check() function in all versions up to, and including, 2.3.3. This makes it possible for unau...

http4k is a functional toolkit for Kotlin HTTP applications. Prior to version 5.41.0.0, there is a potential XXE (XML External Entity Injection) vulnerability when http4k handling malicious XML contents within requests, which might allow attackers to read local sensitive information on server, tr...

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can ...

The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation due to a missing capability check on the tp_install() function in all versions up to, and including, 1.1.1. This makes it possible for una...

Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. ...

## What is CVE-2024-53677? CVE-2024-53677 is a security vulnerability in Apache Struts, a widely used framework for building Java web applications. This flaw lies within the file upload logic of the framework, which can be exploited by malicious actors. If successfully exploited, it could allow ...

## What is CVE-2024-4956? CVE-2024-4956 is a vulnerability identified in Sonatype Nexus Repository 3, a widely utilized repository management software that facilitates the storage and retrieval of software artifacts. This vulnerability allows an unauthenticated attacker to perform a path travers...