CyberAlerts

CVE-2024-4350

Concrete CMS version 9 below 9.3.3 and below 8.5.18 are vulnerable to Stored XSS in RSS Displayer

Description: Concrete CMS versions 9.0.0 to 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in RSS Displayer when user input is stored and later embedded into responses. A rogue administrator could inject malicious code into fields due to insufficient input validation. The Concrete CMS security team gave this vulnerability a CVSS v4 score of 5.1 with vector https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Thanks, m3dium for reporting. (CNA updated this risk rank on 17 Jan 2025 by lowering the AC based on CVSS 4.0 documentation that access privileges should not be considered for AC)

CVSS: MEDIUM (5.1)

EPSS Score: 0.05%

Source: CVE

January 18th, 2025 (6 months ago)

CVE-2024-42225

wifi: mt76: replace skb_put with skb_put_zero

Description: In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data

EPSS Score: 0.05%

Source: CVE

January 18th, 2025 (6 months ago)

CVE-2024-42151

bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable

Description: In the Linux kernel, the following vulnerability has been resolved: bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable Test case dummy_st_ops/dummy_init_ret_value passes NULL as the first parameter of the test_1() function. Mark this parameter as nullable to make verifier aware of such possibility. Otherwise, NULL check in the test_1() code: SEC("struct_ops/test_1") int BPF_PROG(test_1, struct bpf_dummy_ops_state *state) { if (!state) return ...; ... access state ... } Might be removed by verifier, thus triggering NULL pointer dereference under certain conditions.

EPSS Score: 0.04%

Source: CVE

January 18th, 2025 (6 months ago)

CVE-2024-41946

REXML DoS vulnerability

Description: REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability.

CVSS: MEDIUM (5.3)

EPSS Score: 0.06%

Source: CVE

January 18th, 2025 (6 months ago)

CVE-2024-39908

Denial of service in REXML

Description: REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE

January 18th, 2025 (6 months ago)

CVE-2024-38807

CVE-2024-38807: Signature Forgery Vulnerability in Spring Boot's Loader

Description: Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another.

CVSS: MEDIUM (6.3)

EPSS Score: 0.04%

Source: CVE

January 18th, 2025 (6 months ago)

CVE-2024-29415

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and...

Description: The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.

EPSS Score: 0.06%

Source: CVE

January 18th, 2025 (6 months ago)

CVE-2024-26157

ETIC Telecom Remote Access Server (RAS) Cross-site Scripting

Description: All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in get view method under view parameter. The ETIC RAS web server uses dynamic pages that get their input from the client side and reflect the input in their response to the client.

CVSS: MEDIUM (6.1)

EPSS Score: 0.04%

Source: CVE

January 18th, 2025 (6 months ago)

CVE-2024-26156

ETIC Telecom Remote Access Server (RAS) Cross-site Scripting

Description: All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in the method parameter. The ETIC RAS web server uses dynamic pages that gets their input from the client side and reflects the input in its response to the client.

CVSS: MEDIUM (4.8)

EPSS Score: 0.04%

Source: CVE

January 18th, 2025 (6 months ago)

CVE-2024-26155

ETIC Telecom Remote Access Server (RAS) Cleartext Transmission of Sensitive Information

Description: All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text credentials in the web portal. An attacker can access the ETIC RAS web portal and view the HTML code, which is configured to be hidden, thus allowing a connection to the ETIC RAS ssh server, which could enable an attacker to perform actions on the device.

CVSS: MEDIUM (6.8)

EPSS Score: 0.04%

Source: CVE

January 18th, 2025 (6 months ago)

Threat and Vulnerability Intelligence Database

Example Searches: