Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a privilege escalation vulnerability that may allow an authenticated user with limited access privileges to gain unauthorized administrator-level privileges through exploitation of specific system interfaces.
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format (CPF) parser, specifically in CreateCommonPacketFormatStructure() in source/src/enet_encap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled item_count value that is not consistently v...
@tmlmobilidade/utils has prototype pollution in its setValueAtPath
parse-nested-form-data has Prototype Pollution via `__proto__` in FormData field names
async-http-client: Cookie header not stripped on cross-origin redirect
Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is reachable without authentication and forwards an attacker-controlled URL into a WebhookDispatcher that ...
iskorotkov/avro: CPU Exhaustion in Decoder
CI4MS: Stored XSS in Pages Module Content via Broken html_purify Validation Rule
iskorotkov/avro: Integer Overflow in Decoder
brace-expansion: Large numeric range defeats documented `max` DoS protection
CI4MS Fileeditor allows deletion and rename of critical application files due to missing extension allowlist on destructive operations
An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd
An attacker in a privileged network position may be able to leak sensitive information. A path handling issue was addressed with improved validation. This issue is fixed in PCC Release 5E290.3.
ngrok v4.3.3 and 5.0.0-beta.2 is vulnerable to Command Injection.
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x02...
CI4MS: Stored XSS in Blog Content via Broken `html_purify` Validation Rule
Statamic CMS: Server-Side Request Forgery via Glide
ImageMagick: Heap Buffer Over-Read in IPTC encoder
Dify version 1.14.1 and prior contain an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the /console/api...
Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unenc...