Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-12828
Webmin CGI Command Injection Remote Code Execution Vulnerability
Description: Webmin CGI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of CGI requests. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22346.

CVSS: CRITICAL (9.9)

EPSS Score: 0.04%

Source: CVE
December 31st, 2024 (4 months ago)

CVE-2024-10044
SSRF in POST /worker_generate_stream API endpoint in lm-sys/fastchat
Description: A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's credentials to perform unauthorized web actions or access unauthorized web resources by combining it with the POST /register_worker endpoint.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
December 31st, 2024 (4 months ago)

CVE-2023-34095
cpdb-libs vulnerable to buffer overflows via scanf
Description: cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends (CPDB) project. In versions 1.0 through 2.0b4, cpdb-libs is vulnerable to buffer overflows via improper use of `scanf(3)`. cpdb-libs uses the `fscanf()` and `scanf()` functions to parse command lines and configuration files, dropping the read string components into fixed-length buffers, but does not limit the length of the strings to be read by `fscanf()` and `scanf()` causing buffer overflows when a string is longer than 1023 characters. A patch for this issue is available at commit f181bd1f14757c2ae0f17cc76dc20421a40f30b7. As all buffers have a length of 1024 characters, the patch limits the maximum string length to be read to 1023 by replacing all occurrences of `%s` with `%1023s` in all calls of the `fscanf()` and `scanf()` functions.

CVSS: CRITICAL (9.8)

EPSS Score: 1.44%

Source: CVE
December 31st, 2024 (4 months ago)

CVE-2024-11349
AdForest <= 5.1.6 - Authentication Bypass
Description: The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the sb_login_user_with_otp_fun() function. This makes it possible for unauthenticated attackers to log in as arbitrary users, including administrators.

CVSS: CRITICAL (9.8)

EPSS Score: 0.09%

Source: CVE
December 29th, 2024 (4 months ago)

CVE-2023-2986
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This...
Description: The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated attackers to log in as users who have abandoned the cart, who are typically customers. Further security hardening was introduced in version 5.15.1 that ensures sites are no longer vulnerable through historical check-out links, and additional hardening was introduced in version 5.15.2 that ensured null key values wouldn't permit the authentication bypass.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
December 29th, 2024 (4 months ago)

CVE-2024-56732
HarfBuzz heap-buffer-overflow on hb_cairo_glyphs_from_buffer
Description: HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
December 28th, 2024 (4 months ago)

CVE-2023-34251
Grav Server Side Template Injection vulnerability
Description: Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template injection. Remote code execution is possible by embedding malicious PHP code on the administrator screen by a user with page editing privileges. Version 1.7.42 contains a fix for this issue.

CVSS: CRITICAL (10.0)

EPSS Score: 1.07%

Source: CVE
December 28th, 2024 (4 months ago)

CVE-2024-52046
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
Description: The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions. Tracked as CVE-2024-52046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and 2.2.X. "The ObjectSerializationDecoder in Apache MINA uses Java's

CVSS: CRITICAL (10.0)

EPSS Score: 0.04%

Source: TheHackerNews
December 27th, 2024 (4 months ago)

CVE-2024-12652
Intumit SmartRobot′s Conversational AI Platform - Improper Control of Generation of Code ('Code Injection')
Description: A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
December 27th, 2024 (4 months ago)

CVE-2024-52046
[org.apache.mina:mina-core] Apache MINA Deserialization RCE Vulnerability
Description: The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows attackers to exploit the deserialization process by sending specially crafted malicious serialized data, potentially leading to remote code execution (RCE) attacks. This issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4. It's also important to note that an application using MINA core library will only be affected if the IoBuffer#getObject() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the ObjectSerializationCodecFactory class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library. Upgrading will&nbsp; not be enough: you also need to explicitly allow the classes the decoder will accept in the ObjectSerializationDecoder instance, using one of the three new methods: 1. &nbsp; &nbsp;&nbsp; * Accept class names where the supplied ClassNameMatcher matches for deserialization, unless they are otherwise rejected. * @param classNameMatcher the matcher to use * / public void accept(ClassNameMatcher classNameMatcher) 2. * Accept class names that match the supplied pattern for deserialization, unless they are otherwise rejected. * @param patter...

CVSS: CRITICAL (10.0)

EPSS Score: 0.04%

Source: Github Advisory Database (Maven)
December 26th, 2024 (4 months ago)