Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-53911
Description: An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.

CVSS: CRITICAL (9.8)

EPSS Score: 0.07%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-53910
Description: An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.

CVSS: CRITICAL (9.8)

EPSS Score: 0.07%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-53909
Description: An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.

CVSS: CRITICAL (9.8)

EPSS Score: 0.07%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-53849
Several stack buffer overflows and pointer overflows in editorconfig-core-c
Description: editorconfig-core-c is theEditorConfig core library written in C (for use by plugins supporting EditorConfig parsing). In affected versions several overflows may occur in switch case '[' when the input pattern contains many escaped characters. The added backslashes leave too little space in the output pattern when processing nested brackets such that the remaining input length exceeds the output capacity. This issue has been addressed in release version 0.12.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS: MEDIUM (4.8)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-53844
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in labsai/eddi
Description: E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. A path traversal vulnerability exists in the backup export functionality of EDDI, as implemented in `RestExportService.java`. This vulnerability allows an attacker to access sensitive files on the server by manipulating the `botFilename` parameter in requests. The application fails to sanitize user input, enabling malicious inputs such as `..%2f..%2fetc%2fpasswd` to access arbitrary files. However, the **severity of this vulnerability is significantly limited** because EDDI typically runs within a **Docker container**, which provides additional layers of isolation and restricted permissions. As a result, while this vulnerability exposes files within the container, it does not inherently threaten the underlying host system or other containers. A patch is required to sanitize and validate the botFilename input parameter. Users should ensure they are using version 5.4 which contains this patdch. For temporary mitigation, access to the vulnerable endpoint should be restricted through firewall rules or authentication mechanisms.

CVSS: MEDIUM (6.3)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-53843
Reflected XSS Vulnerability in Authentication Flow URL Handling in @dapperduckling/keycloak-connector-server
Description: @dapperduckling/keycloak-connector-server is an opinionated series of libraries for Node.js applications and frontend clients to interface with keycloak. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the authentication flow of the application. This issue arises due to improper sanitization of the URL parameters, allowing the URL bar's contents to be injected and reflected into the HTML page. An attacker could craft a malicious URL to execute arbitrary JavaScript in the browser of a victim who visits the link. Any application utilizing this authentication library is vulnerable. Users of the application are at risk if they can be lured into clicking on a crafted malicious link. The vulnerability has been patched in version 2.5.5 by ensuring proper sanitization and escaping of user input in the affected URL parameters. Users are strongly encouraged to upgrade. If upgrading is not immediately possible, users can implement the following workarounds: 1. Employ a Web Application Firewall (WAF) to block malicious requests containing suspicious URL parameters. or 2. Apply input validation and escaping directly within the application’s middleware or reverse proxy layer, specifically targeting the affected parameters.

CVSS: HIGH (8.1)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-53675
Description: An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.

CVSS: HIGH (7.3)

EPSS Score: 0.09%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-53674
Description: An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.

CVSS: HIGH (7.3)

EPSS Score: 0.09%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-53673
Description: A java deserialization vulnerability in HPE Remote Insight Support allows an unauthenticated attacker to execute code.

CVSS: HIGH (8.1)

EPSS Score: 0.07%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-53620
Description: A cross-site scripting (XSS) vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter.

CVSS: MEDIUM (4.8)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)