CyberAlerts

CVE-2024-49360

Description: Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. An authenticated user (**UserA**) with no privileges is authorized to read all files created in sandbox belonging to other users in the sandbox folders `C:\Sandbox\UserB\xxx`. An authenticated attacker who can use `explorer.exe` or `cmd.exe` outside any sandbox can read other users' files in `C:\Sandbox\xxx`. By default in Windows 7+, the `C:\Users\UserA` folder is not readable by **UserB**. All files edited or created during the sandbox processing are affected by the vulnerability. All files in C:\Users are safe. If `UserB` runs a cmd in a sandbox, he will be able to access `C:\Sandox\UserA`. In addition, if **UserB** create a folder `C:\Sandbox\UserA` with malicious ACLs, when **UserA** will user the sandbox, Sandboxie doesn't reset ACLs ! This issue has not yet been fixed. Users are advised to limit access to their systems using Sandboxie.

CVSS: CRITICAL (9.2)

EPSS Score: 0.04%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2024-46909

WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability

Description: In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account.

CVSS: CRITICAL (9.8)

EPSS Score: 0.07%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2024-46908

WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability

Description: In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.

CVSS: HIGH (8.8)

EPSS Score: 0.06%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2024-46907

WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability

Description: In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.

CVSS: HIGH (8.8)

EPSS Score: 0.06%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2024-46906

WhatsUp Gold GetSqlWhereClause SQL Injection Privilege Escalation Vulnerability

Description: In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.

CVSS: HIGH (8.8)

EPSS Score: 0.06%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2024-46905

WhatsUp Gold GetOrderByClause SQL Injection Privilege Escalation Vulnerability

Description: In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.

CVSS: HIGH (8.8)

EPSS Score: 0.06%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2024-46054

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload...

Description: OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files.

CVSS: LOW (0.0)

EPSS Score: 0.05%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2024-44949

parisc: fix a possible DMA corruption

Description: In the Linux kernel, the following vulnerability has been resolved: parisc: fix a possible DMA corruption ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be possible that two unrelated 16-byte allocations share a cache line. If one of these allocations is written using DMA and the other is written using cached write, the value that was written with DMA may be corrupted. This commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 - that's the largest possible cache line size. As different parisc microarchitectures have different cache line size, we define arch_slab_minalign(), cache_line_size() and dma_get_cache_alignment() so that the kernel may tune slab cache parameters dynamically, based on the detected cache line size.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2024-43053

Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host

Description: Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2024-43052

Improper Input Validation in Video Analytics and Processing

Description: Memory corruption while processing API calls to NPU with invalid input.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE

December 3rd, 2024 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-49360	Path traversal in Sandboxie Description: Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. An authenticated user (UserA) with no privileges is authorized to read all files created in sandbox belonging to other users in the sandbox folders `C:\Sandbox\UserB\xxx`. An authenticated attacker who can use `explorer.exe` or `cmd.exe` outside any sandbox can read other users' files in `C:\Sandbox\xxx`. By default in Windows 7+, the `C:\Users\UserA` folder is not readable by UserB. All files edited or created during the sandbox processing are affected by the vulnerability. All files in C:\Users are safe. If `UserB` runs a cmd in a sandbox, he will be able to access `C:\Sandox\UserA`. In addition, if UserB create a folder `C:\Sandbox\UserA` with malicious ACLs, when UserA will user the sandbox, Sandboxie doesn't reset ACLs ! This issue has not yet been fixed. Users are advised to limit access to their systems using Sandboxie. CVSS: CRITICAL (9.2) EPSS Score: 0.04% Source: CVE December 3rd, 2024 (5 months ago)
CVE-2024-46909	WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability Description: In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. CVSS: CRITICAL (9.8) EPSS Score: 0.07% Source: CVE December 3rd, 2024 (5 months ago)
CVE-2024-46908	WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability Description: In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. CVSS: HIGH (8.8) EPSS Score: 0.06% Source: CVE December 3rd, 2024 (5 months ago)
CVE-2024-46907	WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability Description: In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. CVSS: HIGH (8.8) EPSS Score: 0.06% Source: CVE December 3rd, 2024 (5 months ago)
CVE-2024-46906	WhatsUp Gold GetSqlWhereClause SQL Injection Privilege Escalation Vulnerability Description: In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. CVSS: HIGH (8.8) EPSS Score: 0.06% Source: CVE December 3rd, 2024 (5 months ago)
CVE-2024-46905	WhatsUp Gold GetOrderByClause SQL Injection Privilege Escalation Vulnerability Description: In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account. CVSS: HIGH (8.8) EPSS Score: 0.06% Source: CVE December 3rd, 2024 (5 months ago)
CVE-2024-46054	OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload... Description: OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files. CVSS: LOW (0.0) EPSS Score: 0.05% Source: CVE December 3rd, 2024 (5 months ago)
CVE-2024-44949	parisc: fix a possible DMA corruption Description: In the Linux kernel, the following vulnerability has been resolved: parisc: fix a possible DMA corruption ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be possible that two unrelated 16-byte allocations share a cache line. If one of these allocations is written using DMA and the other is written using cached write, the value that was written with DMA may be corrupted. This commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 - that's the largest possible cache line size. As different parisc microarchitectures have different cache line size, we define arch_slab_minalign(), cache_line_size() and dma_get_cache_alignment() so that the kernel may tune slab cache parameters dynamically, based on the detected cache line size. CVSS: LOW (0.0) EPSS Score: 0.04% Source: CVE December 3rd, 2024 (5 months ago)
CVE-2024-43053	Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host Description: Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information. CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE December 3rd, 2024 (5 months ago)
CVE-2024-43052	Improper Input Validation in Video Analytics and Processing Description: Memory corruption while processing API calls to NPU with invalid input. CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE December 3rd, 2024 (5 months ago)