A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.

The CVE-2023-50164 vulnerability in Apache Struts enables remote code execution and is being actively exploited by threat actors. It affects a wide range of systems, including those used by Fortune 500 companies and various industries. The vulnerability requires specific conditions for exploitati...

A critical vulnerability, CVE-2024-0012, affects Palo Alto Networks PAN-OS software, with an authentication bypass allowing unauthenticated attackers to gain administrator privileges. This could lead to administrative actions, configuration tampering, and other vulnerabilities being exploited. An...

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are affected by a critical authentication bypass vulnerability, tracked as CVE-2024-10924, with a high CVSS score of 9.8. This vulnerability can allow unauthenticated attackers to log in as any existing user on the si...

Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the ...

angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of pr...

An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system....

A critical vulnerability, CVE-2024-0012, affects Palo Alto Networks PAN-OS software, with an authentication bypass allowing unauthenticated attackers to gain administrator privileges. This could lead to administrative actions, configuration tampering, and other vulnerabilities being exploited. An...

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are affected by a critical authentication bypass vulnerability, tracked as CVE-2024-10924, with a high CVSS score of 9.8. This vulnerability can allow unauthenticated attackers to log in as any existing user on the si...

Windows Task Scheduler Elevation of Privilege Vulnerability

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are affected by a critical authentication bypass vulnerability, tracked as CVE-2024-10924, with a high CVSS score of 9.8. This vulnerability can allow unauthenticated attackers to log in as any existing user on the si...

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are affected by a critical authentication bypass vulnerability, tracked as CVE-2024-10924, with a high CVSS score of 9.8. This vulnerability can allow unauthenticated attackers to log in as any existing user on the si...

The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level ac...

A critical remote code execution vulnerability, identified as CVE-2024-38063, has been discovered in the Windows TCP/IP stack by Microsoft. This vulnerability, rated with a CVSSv3 score of 9.8, can be exploited remotely by sending specially crafted IPv6 packets to the target, requiring no user in...

The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5 via the rtw_pgaepb_dwnld_pdf() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, ...

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network...

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are affected by a critical authentication bypass vulnerability, tracked as CVE-2024-10924, with a high CVSS score of 9.8. This vulnerability can allow unauthenticated attackers to log in as any existing user on the si...

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A shortcut may output sensitive user data without consent.

The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scri...

The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scri...

The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' function. This makes it possible for unauthenticated attackers to log in as any existing user on th...

The vulnerability labeled as CVE-2024-8856 affects the WP Time Capsule plugin for WordPress, allowing unauthenticated attackers to upload arbitrary files, potentially leading to remote code execution. This flaw has a severe impact, with a CVSS score of 9.8, and affects versions of the plugin up t...

Umbrel is a home server OS for self-hosting. The login functionality of Umbrel before version 1.2.2 contains a reflected cross-site scripting (XSS) vulnerability in use-auth.tsx. An attacker can specify a malicious redirect query parameter to trigger the vulnerability. If a JavaScript URL is pass...

A critical remote code execution vulnerability, identified as CVE-2024-38063, has been discovered in the Windows TCP/IP stack by Microsoft. This vulnerability, rated with a CVSSv3 score of 9.8, can be exploited remotely by sending specially crafted IPv6 packets to the target, requiring no user in...

A critical vulnerability, CVE-2024-10914, has been found in D-Link network-attached storage devices that have reached end-of-life. This vulnerability allows attackers to execute arbitrary shell commands remotely using crafted HTTP GET requests. The flaw affects multiple models of D-Link NAS devic...

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received relat...

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions up to, and including, 4.1.16. This makes it possi...

The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and escape the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IG_ES_Subscribers_Query' class in all versions up to, and including, 5.7.14 due to insufficient escapi...

Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose the following infor...

An arbitrary code execution vulnerability, CVE-2024-7954, was identified in the SPIP's porte_plume plugin, allowing remote unauthenticated attackers to execute arbitrary PHP code by sending a specially crafted HTTP request. The Cyble Sensor Intelligence report also highlighted other active vulner...

inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token. This attack can be exploitable when an attacker crafts a JWT token with a valid header usi...

CVE-2024-52301 is a critical vulnerability in the Laravel web application framework that allows attackers to change the environment used by the framework when handling requests. This can lead to unauthorized access, privilege escalation, data tampering, and potential further system compromise. Th...

The mediapool feature of the Redaxo Core CMS application v 5.17.1 is vulnerable to Cross Site Scripting(XSS) which allows a remote attacker to escalate privileges

Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. Note: This was originally claimed to be resolved in 4.1.3. However, third parti...

The Contact Form 7 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘active-tab’ parameter in all versions up to, and including, 5.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

A critical vulnerability identified as CVE-2024-47575 in Fortinet's FortiManager tool has been actively exploited by an unknown threat actor known as UNC5820, impacting over 50 systems across various industries. This vulnerability, rated 9.8 out of 10 on the CVSS, allows remote attackers to execu...

Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High)

Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied o...

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are affected by a critical authentication bypass vulnerability, tracked as CVE-2024-10924, with a high CVSS score of 9.8. This vulnerability can allow unauthenticated attackers to log in as any existing user on the si...

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit th...

Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run ...

common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper vali...

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 al...

In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVe...

Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.

CVE-2024-5910 is a critical vulnerability in the Palo Alto Networks Expedition Migration Tool, with a high CVSS score of 9.3. It allows for attackers with network access to Expedition to take over the admin account due to missing authentication for a critical function. This puts configuration sec...