Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-11960
D-Link DIR-605L formSetPortTr buffer overflow
Description: A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetPortTr of the file /goform/formSetPortTr. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. In D-Link DIR-605L 2.13B01 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Betroffen ist die Funktion formSetPortTr der Datei /goform/formSetPortTr. Dank Manipulation des Arguments curTime mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (8.7)

EPSS Score: 0.15%

Source: CVE
November 29th, 2024 (5 months ago)

CVE-2024-11620
WordPress Rank Math SEO plugin <= 1.0.231 - Arbitrary .htaccess Overwrite to Remote Code Execution (RCE) vulnerability
Description: Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO allows Code Injection.This issue affects Rank Math SEO: from n/a through 1.0.231.

CVSS: HIGH (7.2)

EPSS Score: 0.04%

Source: CVE
November 29th, 2024 (5 months ago)

CVE-2024-11599
Domain Restriction Bypass on Registration
Description: Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresses which allows an unauthenticated user to bypass email domain restrictions via carefully crafted input on email registration.

CVSS: HIGH (8.2)

EPSS Score: 0.04%

Source: CVE
November 29th, 2024 (5 months ago)

CVE-2024-53860
Potential Abuse for Sending Arbitrary Emails in sp-php-email-handler
Description: sp-php-email-handler is a PHP package for handling contact form submissions. Messages sent using this script are vulnerable to abuse, as the script allows anybody to specify arbitrary email recipients and include user-provided content in confirmation emails. This could enable malicious actors to use your server to send spam, phishing emails, or other malicious content, potentially damaging your domain's reputation and leading to blacklisting by email providers. Patched in version 1.0.0 by removing user-provided content from confirmation emails. All pre-release versions (alpha and beta) are vulnerable to this issue and should not be used. There are no workarounds for this issue. Users must upgrade to version 1.0.0 to mitigate the vulnerability.

CVSS: HIGH (8.6)

EPSS Score: 0.04%

Source: CVE
November 28th, 2024 (5 months ago)

CVE-2024-52323
Sensitive Data Exposure
Description: Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated sensitive data exposure which allows the users to retrieve sensitive tokens associated to the org-admin account.

CVSS: HIGH (8.1)

EPSS Score: 0.04%

Source: CVE
November 28th, 2024 (5 months ago)

CVE-2024-47181
Unaligned memory access in RPL option processing in Contiki-NG
Description: Contiki-NG is an open-source, cross-platform operating system for IoT devices. An unaligned memory access can be triggered in the two RPL implementations of the Contiki-NG operating system. The problem can occur when either one of these RPL implementations is enabled and connected to an RPL instance. If an IPv6 packet containing an odd number of padded bytes before the RPL option, it can cause the rpl_ext_header_hbh_update function to read a 16-bit integer from an odd address. The impact of this unaligned read is architecture-dependent, but can potentially cause the system to crash. The problem has not been patched as of release 4.9, but will be included in the next release. One can apply the changes in Contiki-NG pull request #2962 to patch the system or wait for the next release.

CVSS: HIGH (7.5)

EPSS Score: 0.04%

Source: CVE
November 28th, 2024 (5 months ago)

CVE-2024-41126
Out-of-bounds read when decoding SNMP messages in Contiki-NG
Description: Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The vulnerability exists in the os/net/app-layer/snmp/snmp-message.c module, where the snmp_message_decode function fails to check the boundary of the message buffer when reading a byte from it immediately after decoding an object identifier (OID). The problem has been patched in Contiki-NG pull request 2937. It will be included in the next release of Contiki-NG. Users are advised to either apply the patch manually or to wait for the next release. A workaround is to disable the SNMP module in the Contiki-NG build configuration.

CVSS: HIGH (8.4)

EPSS Score: 0.04%

Source: CVE
November 28th, 2024 (5 months ago)

CVE-2024-41125
Out-of-bounds read in SNMP when decoding a string in Contiki-NG
Description: Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The vulnerability exists in the os/net/app-layer/snmp/snmp-ber.c module, where the function snmp_ber_decode_string_len_buffer decodes the string length from a received SNMP packet. In one place, one byte is read from the buffer, without checking that the buffer has another byte available, leading to a possible out-of-bounds read. The problem has been patched in Contiki-NG pull request #2936. It will be included in the next release of Contiki-NG. Users are advised to apply the patch manually or to wait for the next release. A workaround is to disable the SNMP module in the Contiki-NG build configuration.

CVSS: HIGH (8.4)

EPSS Score: 0.04%

Source: CVE
November 28th, 2024 (5 months ago)

CVE-2024-36467
Authentication privilege escalation via user groups due to missing authorization checks
Description: An authenticated user with API access (e.g.: user with default User role), more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group (e.g.: Zabbix Administrators), except to groups that are disabled or having restricted GUI access.

CVSS: HIGH (7.5)

EPSS Score: 0.04%

Source: CVE
November 28th, 2024 (5 months ago)

CVE-2024-31484
Description: A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16.41), CPCI85 Central Processing/Communication (All versions < V5.30), CPCX26 Central Processing/Communication (All versions < V06.02), ETA4 Ethernet Interface IEC60870-5-104 (All versions < V10.46), ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2 (All versions < V03.27), PCCX26 Ax 1703 PE, Contr, Communication Element (All versions < V06.05). The affected devices contain an improper null termination vulnerability while parsing a specific HTTP header. This could allow an attacker to execute code in the context of the current process or lead to denial of service condition.

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
November 28th, 2024 (5 months ago)