CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2020-24736 – sqlite: Crash due to misuse of window functions.
https://notcve.org/view.php?id=CVE-2020-24736
Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script. A flaw was found in SQLite. A buffer overflow vulnerability allows a local attacker to cause a denial of service via a crafted script. • https://security.netapp.com/advisory/ntap-20230526-0005 https://www.sqlite.org/src/info/4feb3159c6bc3f7e33959 https://access.redhat.com/security/cve/CVE-2020-24736 https://bugzilla.redhat.com/show_bug.cgi?id=2186385 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-43441
https://notcve.org/view.php?id=CVE-2022-43441
A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious input to trigger this vulnerability. • https://github.com/TryGhost/node-sqlite3/security/advisories/GHSA-jqv5-7xpx-qj74 https://talosintelligence.com/vulnerability_reports/TALOS-2022-1645 • CWE-913: Improper Control of Dynamically-Managed Code Resources CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26510
https://notcve.org/view.php?id=CVE-2023-26510
Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by editors until published by an editor. NOTE: the vendor's position is that this behavior has no security impact. • https://ghost.org/docs/security https://gist.github.com/yurahod/2e11eabbe4b92ef1d44b08e37023ecfb https://gist.github.com/yurahod/828d5e6a077c12f3f74c6485d1c7f0e7 • CWE-862: Missing Authorization •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 3CVE-2022-47197
https://notcve.org/view.php?id=CVE-2022-47197
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can send an HTTP request to inject Javascript in a post to trick an administrator into visiting the post.A stored XSS vulnerability exists in the `codeinjection_foot` for a post. Existe una vulnerabilidad predeterminada insegura en la funcionalidad de creación posterior de Ghost Foundation Ghost 5.9.4. Las instalaciones predeterminadas de Ghost permiten a los usuarios que no son administradores inyectar Javascript arbitrario en las publicaciones, lo que permite escalar privilegios al administrador a través de XSS. • https://github.com/miguelc49/CVE-2022-47197-2 https://github.com/miguelc49/CVE-2022-47197-1 https://talosintelligence.com/vulnerability_reports/TALOS-2022-1686 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-453: Insecure Default Variable Initialization •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-47196
https://notcve.org/view.php?id=CVE-2022-47196
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can send an HTTP request to inject Javascript in a post to trick an administrator into visiting the post.A stored XSS vulnerability exists in the `codeinjection_head` for a post. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1686 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-453: Insecure Default Variable Initialization CWE-1188: Initialization of a Resource with an Insecure Default •