CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-40500
https://notcve.org/view.php?id=CVE-2024-40500
12 Aug 2024 — Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component. • https://github.com/nitipoom-jar/CVE-2024-40500 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43249 – WordPress Bit Form Pro plugin <= 2.6.4 - Authenticated Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-43249
12 Aug 2024 — This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43261 – WordPress Compute Links plugin <= 1.2.1 - Remote File Inclusion vulnerability
https://notcve.org/view.php?id=CVE-2024-43261
12 Aug 2024 — Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hamed Naderfar Compute Links allows PHP Remote File Inclusion.This issue affects Compute Links: from n/a through 1.2.1. The Compute Links plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 1.2.1. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in <... • https://patchstack.com/database/vulnerability/compute-links/wordpress-compute-links-plugin-1-2-1-remote-file-inclusion-vulnerability? • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7589 – OpenSSH pre-authentication async signal safety issue
https://notcve.org/view.php?id=CVE-2024-7589
11 Aug 2024 — This signal handler executes in the context of the sshd(8)'s privileged code, which is not sandboxed and runs with full root privileges. ... The faulty code in this case is from the integration of blacklistd in OpenSSH in FreeBSD. As a result of calling functions that are not async-signal-safe in the privileged sshd(8) context, a race condition exists that a determined attacker may be able to exploit to allow an unauthenticated remote code execution as root. • https://security.freebsd.org/advisories/FreeBSD-SA-24:08.openssh.asc • CWE-364: Signal Handler Race Condition •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42469 – CometVisu Backend for openHAB affected by RCE through path traversal
https://notcve.org/view.php?id=CVE-2024-42469
09 Aug 2024 — If the overwritten file is a shell script that is executed at a later time, this vulnerability can allow remote code execution by an attacker. • https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42467 – CometVisu Backend for openHAB affected by SSRF/XSS
https://notcve.org/view.php?id=CVE-2024-42467
09 Aug 2024 — Furthermore, this proxy-feature can also be exploited as a Cross-Site Scripting (XSS) vulnerability, as an attacker is able to re-route a request to their server and return a page with malicious JavaScript code. Since the browser receives this data directly from the openHAB CometVisu UI, this JavaScript code will be executed with the origin of the CometVisu UI. ... This issue may lead up to Remote Code Execution (RCE) when chained with other vulnerabil... • https://github.com/openhab/openhab-webui/blob/1c03c60f84388b9d7da0231df2d4ebb1e17d3fcf/bundles/org.openhab.ui.cometvisu/src/main/java/org/openhab/ui/cometvisu/internal/backend/rest/ProxyResource.java#L83 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-32765 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2024-32765
09 Aug 2024 — We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP TS-464 NAS devices. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of admin. • https://www.qnap.com/en/security-advisory/qsa-24-14 • CWE-291: Reliance on IP Address for Authentication CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-31315 – hw: amd: SMM Lock Bypass
https://notcve.org/view.php?id=CVE-2023-31315
09 Aug 2024 — Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. ... This issue can lead to arbitrary code execution. ... A privileged local attacker could possibly use this issue to further escalate their privileges and execute arbitrary code within the processor's firmware layer. • https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29831 – Apache DolphinScheduler: RCE by arbitrary js execution
https://notcve.org/view.php?id=CVE-2024-29831
09 Aug 2024 — Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. If you are using the switch task plugin, please upgrade to version 3.2.2. • https://lists.apache.org/thread/x1ch0x5om3srtbnp7rtsvdszho3mdrq0 • CWE-20: Improper Input Validation •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22123 – Zabbix Arbitrary File Read
https://notcve.org/view.php?id=CVE-2024-22123
09 Aug 2024 — Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbix_server will try to communicate with it as modem. As a result, log file will be broken with AT commands and small part for log file content will be leaked to UI. • https://support.zabbix.com/browse/ZBX-25013 • CWE-94: Improper Control of Generation of Code ('Code Injection') •