Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-37302
Synapse denial of service through media disk space consumption
Description: Synapse is an open-source Matrix homeserver. Synapse versions before 1.106 are vulnerable to a disk fill attack, where an unauthenticated adversary can induce Synapse to download and cache large amounts of remote media. The default rate limit strategy is insufficient to mitigate this. This can lead to a denial of service, ranging from further media uploads/downloads failing to completely unavailability of the Synapse process, depending on how Synapse was deployed. Synapse 1.106 introduces a new "leaky bucket" rate limit on remote media downloads to reduce the amount of data a user can request at a time. This does not fully address the issue, but does limit an unauthenticated user's ability to request large amounts of data to be cached.

CVSS: HIGH (7.5)

EPSS Score: 0.04%

Source: CVE
December 4th, 2024 (5 months ago)

CVE-2024-11978
Interinfo DreamMaker - Arbitrary File Reading through Path Traversal
Description: DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.

CVSS: HIGH (7.5)

EPSS Score: 0.04%

Source: CVE
December 4th, 2024 (5 months ago)

CVE-2024-11667
A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series...
🚨 Marked as known exploited on December 3rd, 2024 (5 months ago).
Description: A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL.

CVSS: HIGH (7.5)

EPSS Score: 18.85%

Source: CVE
December 4th, 2024 (5 months ago)

CVE-2024-11391
Advanced File Manager <= 5.2.10 - Authenticated (Subscriber+) Arbitrary File Upload
Description: The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.10. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an Administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE
December 4th, 2024 (5 months ago)

CVE-2024-11003
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This...
Description: Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps.

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
December 4th, 2024 (5 months ago)

CVE-2024-10074
Liteos_a has an use after free vulnerability
Description: in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
December 4th, 2024 (5 months ago)

CVE-2023-4751
Heap-based Buffer Overflow in vim/vim
Description: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.

CVSS: HIGH (7.8)

EPSS Score: 0.08%

Source: CVE
December 4th, 2024 (5 months ago)

CVE-2023-4607
An authenticated XCC user can change permissions for any user through a crafted API command.
Description: An authenticated XCC user can change permissions for any user through a crafted API command.

CVSS: HIGH (7.5)

EPSS Score: 0.09%

Source: CVE
December 4th, 2024 (5 months ago)

CVE-2023-44186
Junos OS and Junos OS Evolved: RPD crash when attempting to send a very long AS PATH to a non-4-byte-AS capable BGP neighbor
Description: An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and processing of these BGP updates will create a sustained Denial of Service (DoS) condition. This issue is hit when the router has Non-Stop Routing (NSR) enabled, has a non-4-byte-AS capable BGP neighbor, receives a BGP update message with a prefix that includes a long AS PATH containing large number of 4-byte ASes, and has to advertise the prefix towards the non-4-byte-AS capable BGP neighbor. Note: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability. This issue affects: Juniper Networks Junos OS: * All versions prior to 20.4R3-S8; * 21.1 versions 21.1R1 and later; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1, 22.4R3. Juniper Networks Junos OS Evolved * All versions prior to 20.4R3-S8-EVO; * 21.1 versions 21.1R1-EVO and later; * 21.2 versions prior to 21.2R3-S6-EVO; * 21.3 versions prior to 21.3R3-S5-EVO; * 21.4 versions prior to 21.4R3-S5-EVO; * 22.1 versions prior to 22...

CVSS: HIGH (7.5)

EPSS Score: 0.08%

Source: CVE
December 4th, 2024 (5 months ago)

CVE-2023-4257
Unchecked user input length in the Zephyr WiFi shell module
Description: Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows.

CVSS: HIGH (7.6)

EPSS Score: 0.11%

Source: CVE
December 4th, 2024 (5 months ago)