modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run arbitrary PHP code because an unprotected endpoint allows them to write this code to the config.inc.php file (executed on every page load)....
A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy (Beta) 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directories to include Everyone full control permissions by...
An issue exists in GalaxyClientService.exe in GOG Galaxy (Beta) 2.0.67.2 through 2.0.71.2 that could allow authenticated users to overwrite and corrupt critical system files via a combination of an NTFS Junction and an RPC...
simple-dhcp-server through ec976d2 allows remote attackers to cause a denial of service (daemon crash) by sending a DHCP packet without any option fields, which causes free_packet in dhcp_packet.c to dereference a NULL pointer. Date...
marshall in dhcp_packet.c in simple-dhcp-server through ec976d2 allows remote attackers to cause a denial of service by sending a malicious DHCP packet. The crash is caused by a type confusion bug that results in...
emdns_resolve_raw in emdns.c in emdns through fbd1eef calls strlen with an input that may not be ‘’ terminated, leading to a stack-based buffer over-read. This can be triggered by a remote adversary that can...
Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component. Date published : 2024-04-29 https://github.com/yukino-hiki/CVE/blob/main/4/There%20is%20a%20stored%20xss%20at%20the%20friendship%20link.md
EMS SQL Manager 3.6.2 (build 55333) for Oracle allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed. Date published : 2024-04-29 CVE-2023-51710
IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT->GetVariable() function. Attackers with access to local NVRAM variables can exploit this by modifying these variables on...
In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a password value. Date published : 2024-04-29 https://invent.kde.org/pim/libksieve/-/commit/6b460ba93ac4ac503ba039d0b788ac7595120db1 https://invent.kde.org/pim/libksieve/-/tags/v23.03.80
Open Networking Foundation SD-RAN onos-kpimon 0.4.7 allows out-of-bounds array access in the processIndicationFormat1 function. Date published : 2024-04-29 https://github.com/onosproject/onos-kpimon/pull/120
Open Networking Foundation SD-RAN ONOS onos-kpimon 0.4.7 allows blocking of the errCh channel within the Start function of the monitoring package. Date published : 2024-04-29 https://github.com/onosproject/onos-kpimon/pull/120
An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4.380.8591 allows local attackers to cause a denial of service via crafted GET request. Date published : 2024-04-29 https://gitlab.com/donnm/cves/-/blob/master/dos_rtac51u_httpd.md
Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows infinite repetition of the processing of an error (in the Subscribe function implementation for the subscribed indication stream). Date published : 2024-04-29 https://github.com/onosproject/onos-ric-sdk-go/issues/133