The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2024-34706 | Valtimo is an open source business process and case management platform. When opening a form in Valtimo, the access token (JWT) of the user is exposed to `api.form.io` via the the `x-jwt-token` header. An attacker can retrieve personal information from this token, or use it to execute requests to the Valtimo REST API on behalf of the logged-in user. This issue is caused by a misconfiguration of the Form.io component. The following conditions have to be met in order to perform this attack: An attacker needs to have access to the network traffic on the `api.form.io` domain; the content of the `x-jwt-token` header is logged or otherwise available to the attacker; an attacker needs to have network access to the Valtimo API; and an attacker needs to act within the time-to-live of the access token. The default TTL in Keycloak is 5 minutes. Versions 10.8.4, 11.1.6 and 11.2.2 have been patched. | -- | May 14, 2024 |
| CVE-2024-34704 | era-compiler-solidity is the ZKsync compiler for Solidity. The problem occurred during instruction selection in the `DAGCombine` phase while visiting the XOR operation. The issue arises when attempting to fold the expression `!(x cc y)` into `(x !cc y)`. To perform this transformation, the second operand of XOR should be a constant representing the true value. However, it was incorrectly assumed that -1 represents the true value, when in fact, 1 is the correct representation, so this transformation for this case should be skipped. This vulnerability is fixed in 1.4.1. | -- | May 14, 2024 |
| CVE-2024-34701 | CreateWiki is Miraheze\'s MediaWiki extension for requesting & creating wikis. It is possible for users to be considered as the requester of a specific wiki request if their local user ID on any wiki in a wiki farm matches the local ID of the requester at the wiki where the wiki request was made. This allows them to go to that request entry\'s on Special:RequestWikiQueue on the wiki where their local user ID matches and take any actions that the wiki requester is allowed to take from there. Commit 02e0f298f8d35155c39aa74193cb7b867432c5b8 fixes the issue. Important note about the fix: This vulnerability has been fixed by disabling access to the REST API and special pages outside of the wiki configured as the global wiki in `$wgCreateWikiGlobalWiki` in a user\'s MediaWiki settings. As a workaround, it is possible to disable the special pages outside of one\'s own global wiki by doing something similar to `miraheze/mw-config` commit e5664995fbb8644f9a80b450b4326194f20f9ddc that is adapted to one\'s own setup. As for the REST API, before the fix, there wasn\'t any REST endpoint that allowed one to make writes. Regardless, it is possible to also disable it outside of the global wiki by using `$wgCreateWikiDisableRESTAPI` and `$wgConf` in the configuration for one\'s own wiki farm.. | -- | May 14, 2024 |
| CVE-2024-34699 | GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in `v0.20.1`. | -- | May 14, 2024 |
| CVE-2024-34698 | FreeScout is a free, self-hosted help desk and shared mailbox. Versions of FreeScout prior to 1.8.139 contain a Prototype Pollution vulnerability in the `/public/js/main.js` source file. The Prototype Pollution arises because the `getQueryParam` Function recursively merges an object containing user-controllable properties into an existing object (For URL Query Parameters Parsing), without first sanitizing the keys. This can allow an attacker to inject a property with a key `__proto__`, along with arbitrarily nested properties. The merge operation assigns the nested properties to the `params` object\'s prototype instead of the target object itself. As a result, the attacker can pollute the prototype with properties containing harmful values, which are then inherited by user-defined objects and subsequently used by the application dangerously. The vulnerability lets an attacker control properties of objects that would otherwise be inaccessible. If the application subsequently handles an attacker-controlled property in an unsafe way, this can potentially be chained with other vulnerabilities like DOM-based XSS, Open Redirection, Cookie Manipulation, Link Manipulation, HTML Injection, etc. Version 1.8.139 contains a patch for the issue. | -- | May 14, 2024 |
| CVE-2024-34697 | FreeScout is a free, self-hosted help desk and shared mailbox. A stored HTML Injection vulnerability has been identified in the Email Receival Module of the Freescout Application. The vulnerability allows attackers to inject malicious HTML content into emails sent to the application\'s mailbox. This vulnerability arises from improper handling of HTML content within incoming emails, allowing attackers to embed malicious HTML code in the context of the application\'s domain. Unauthenticated attackers can exploit this vulnerability to inject malicious HTML content into emails. This could lead to various attacks such as form hijacking, application defacement, or data exfiltration via CSS injection. Although unauthenticated attackers are limited to HTML injection, the consequences can still be severe. Version 1.8.139 implements strict input validation and sanitization mechanisms to ensure that any HTML content received via emails is properly sanitized to prevent malicious HTML injections. | -- | May 14, 2024 |
| CVE-2024-34695 | WOWS Karma is a reputation system for Wargaming\'s World of Warships. A user is able to click multiple times on create on a post creation prompt before the modal closes, which triggers sending several post creation API requests at once. Due to timing, sending multiple posts simultaneously requests bypasses the cooldown validation, however are not refreshing a user\'s metrics more than once, due to concurrent karma updates. This issue is fixed in 0.17.4.1. | -- | May 14, 2024 |
| CVE-2024-34687 | SAP NetWeaver Application Server for ABAP and ABAP Platform do not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker can control code that is executed within a user’s browser, which could result in modification, deletion of data, including accessing or deleting files, or stealing session cookies which an attacker could use to hijack a user’s session. Hence, this could have impact on Confidentiality, Integrity and Availability of the system. | -- | May 14, 2024 |
| CVE-2024-34574 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Wpsoul Table Maker allows Stored XSS.This issue affects Table Maker: from n/a through 1.9.1. | -- | May 8, 2024 |
| CVE-2024-34573 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Pootlepress Pootle Pagebuilder – WordPress Page builder allows Stored XSS.This issue affects Pootle Pagebuilder – WordPress Page builder: from n/a through 5.7.1. | -- | May 8, 2024 |
| CVE-2024-34572 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in ThemePrix Fancy Elementor Flipbox fancy-elementor-flipbox allows Stored XSS.This issue affects Fancy Elementor Flipbox: from n/a through 2.4.2. | -- | May 8, 2024 |
| CVE-2024-34571 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in ThemeGrill Himalayas allows Stored XSS.This issue affects Himalayas: from n/a through 1.3.0. | -- | May 8, 2024 |
| CVE-2024-34570 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through 1.4.3. | -- | May 8, 2024 |
| CVE-2024-34569 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Katie Seaborn Zotpress allows Stored XSS.This issue affects Zotpress: from n/a through 7.3.9. | -- | May 8, 2024 |
| CVE-2024-34568 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Themeqx LetterPress allows Stored XSS.This issue affects LetterPress: from n/a through 1.2.1. | -- | May 8, 2024 |
| CVE-2024-34566 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a through 3.3.0. | -- | May 8, 2024 |
| CVE-2024-34565 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Debug Info allows Stored XSS.This issue affects Debug Info: from n/a through 1.3.10. | -- | May 8, 2024 |
| CVE-2024-34564 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in LogicHunt Inc. Counter Up allows Stored XSS.This issue affects Counter Up: from n/a through 2.2.1. | -- | May 8, 2024 |
| CVE-2024-34563 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in GoldAddons Gold Addons for Elementor allows Stored XSS.This issue affects Gold Addons for Elementor: from n/a through 1.2.9. | -- | May 8, 2024 |
| CVE-2024-34562 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.0. | -- | May 8, 2024 |
| CVE-2024-34561 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Stored XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin: from n/a through 3.71. | -- | May 8, 2024 |
| CVE-2024-34560 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in GOMO gee Search Plus allows Stored XSS.This issue affects gee Search Plus: from n/a through 1.4.4. | -- | May 8, 2024 |
| CVE-2024-34559 | Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0. | -- | May 14, 2024 |
| CVE-2024-34558 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in realmag777 WOLF allows Stored XSS.This issue affects WOLF: from n/a through 1.0.8.2. | -- | May 8, 2024 |
| CVE-2024-34557 | Cross-Site Request Forgery (CSRF) vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.5.4. | -- | May 14, 2024 |
| CVE-2024-34556 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.5.4. | -- | May 14, 2024 |
| CVE-2024-34555 | Unrestricted Upload of File with Dangerous Type vulnerability in URBAN BASE Z-Downloads.This issue affects Z-Downloads: from n/a through 1.11.3. | -- | May 14, 2024 |
| CVE-2024-34553 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Select-Themes Stockholm Core allows Reflected XSS.This issue affects Stockholm Core: from n/a through 2.4.1. | -- | May 8, 2024 |
| CVE-2024-34550 | Insertion of Sensitive Information into Log File vulnerability in AlexaCRM Dynamics 365 Integration.This issue affects Dynamics 365 Integration: from n/a through 1.3.17. | -- | May 14, 2024 |
| CVE-2024-34549 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic WP Job Manager.This issue affects WP Job Manager: from n/a through 2.2.2. | -- | May 14, 2024 |
| CVE-2024-34548 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8. | -- | May 8, 2024 |
| CVE-2024-34547 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.1.34. | -- | May 8, 2024 |
| CVE-2024-34546 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in HabibCoder Sticky Social Link allows Stored XSS.This issue affects Sticky Social Link: from n/a through 1.0.0. | -- | May 8, 2024 |
| CVE-2024-34538 | Mateso PasswordSafe through 8.13.9.26689 has Weak Cryptography. | -- | May 6, 2024 |
| CVE-2024-34534 | A SQL injection vulnerability in Cybrosys Techno Solutions Text Commander module (aka text_commander) 16.0 through 16.0.1 allows a remote attacker to gain privileges via the data parameter to models/ir_model.py:IrModel::chech_model. | -- | May 7, 2024 |
| CVE-2024-34533 | A SQL injection vulnerability in ZI PT Solusi Usaha Mudah Analytic Data Query module (aka izi_data) 11.0 through 17.x before 17.0.3 allows a remote attacker to gain privileges via a query to IZITools::query_check, IZITools::query_fetch, or IZITools::query_execute. | -- | May 7, 2024 |
| CVE-2024-34532 | A SQL injection vulnerability in Yvan Dotet PostgreSQL Query Deluxe module (aka query_deluxe) 17.x before 17.0.0.4 allows a remote attacker to gain privileges via the query parameter to models/querydeluxe.py:QueryDeluxe::get_result_from_query. | -- | May 7, 2024 |
| CVE-2024-34529 | Nebari through 2024.4.1 prints the temporary Keycloak root password. | -- | May 6, 2024 |
| CVE-2024-34528 | WordOps through 3.20.0 has a wo/cli/plugins/stack_pref.py TOCTOU race condition because the conf_path os.open does not use a mode parameter during file creation. | -- | May 6, 2024 |
| CVE-2024-34527 | spaces_plugin/app.py in SolidUI 0.4.0 has an unnecessary print statement for an OpenAI key. The printed string might be logged. | -- | May 6, 2024 |
| CVE-2024-34525 | FileCodeBox 2.0 stores a OneDrive password and AWS key in a cleartext env file. | -- | May 6, 2024 |
| CVE-2024-34524 | In XLANG OpenAgents through fe73ac4, the allowed_file protection mechanism can be bypassed by using an incorrect file extension for the nature of the file content. | -- | May 6, 2024 |
| CVE-2024-34523 | AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | -- | May 7, 2024 |
| CVE-2024-34519 | Avantra Server 24.x before 24.0.7 and 24.1.x before 24.1.1 mishandles the security of dashboards, aka XAN-5367. If a user can create a dashboard with an auto-login user, data disclosure may occur. Access control can be bypassed when there is a shared dashboard, and its auto-login user has privileges that a dashboard visitor should not have. | -- | May 5, 2024 |
| CVE-2024-34517 | The Cypher component in Neo4j before 5.19.0 mishandles IMMUTABLE privileges. | -- | May 7, 2024 |
| CVE-2024-34515 | image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to file_exists(). | -- | May 5, 2024 |
| CVE-2024-34511 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-1561. Reason: This candidate is a duplicate of CVE-2024-1561. Notes: All CVE users should reference CVE-2024-1561 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | -- | May 5, 2024 |
| CVE-2024-34510 | Gradio before 4.20 allows credential leakage on Windows. | -- | May 5, 2024 |
| CVE-2024-34509 | dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. | -- | May 5, 2024 |
| CVE-2024-34508 | dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. | -- | May 5, 2024 |
