Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 226160 entries
IDDescriptionPriorityModified date
CVE-2024-34070 Froxlor is open source server administration software. Prior to 2.1.9, a Stored Blind Cross-Site Scripting (XSS) vulnerability was identified in the Failed Login Attempts Logging Feature of the Froxlor Application. An unauthenticated User can inject malicious scripts in the loginname parameter on the Login attempt, which will then be executed when viewed by the Administrator in the System Logs. By exploiting this vulnerability, the attacker can perform various malicious actions such as forcing the Administrator to execute actions without their knowledge or consent. For instance, the attacker can force the Administrator to add a new administrator controlled by the attacker, thereby giving the attacker full control over the application. This vulnerability is fixed in 2.1.9. -- May 14, 2024
CVE-2024-34069 Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer\'s machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer\'s application that will trigger the debugger. This vulnerability is fixed in 3.0.3. -- May 6, 2024
CVE-2024-34068 Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control (GHSA-6rg3-8h8x-5xfv) that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. This would allow malicious users to potentially access resources on local networks that would otherwise be inaccessible. This issue has been addressed in version 1.11.2 and users are advised to upgrade. Users unable to upgrade may enable the `api.disable_remote_download` option as a workaround. -- May 3, 2024
CVE-2024-34067 Pterodactyl is a free, open-source game server management panel built with PHP, React, and Go. Importing a malicious egg or gaining access to wings instance could lead to cross site scripting (XSS) on the panel, which could be used to gain an administrator account on the panel. Specifically, the following things are impacted: Egg Docker images and Egg variables: Name, Environment variable, Default value, Description, Validation rules. Additionally, certain fields would reflect malicious input, but it would require the user knowingly entering such input to have an impact. To iterate, this would require an administrator to perform actions and can\'t be triggered by a normal panel user. This issue has has been addressed in version 1.11.6 and users are advised to upgrade. No workaround is available other than updating to the latest version of the panel. -- May 3, 2024
CVE-2024-34066 Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue has been addressed in version 1.11.12 and users are advised to upgrade. Users unable to upgrade may enable the `ignore_panel_config_updates` option as a workaround. -- May 3, 2024
CVE-2024-34064 Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4. -- May 6, 2024
CVE-2024-34063 vodozemac is an implementation of Olm and Megolm in pure Rust. Versions 0.5.0 and 0.5.1 of vodozemac have degraded secret zeroization capabilities, due to changes in third-party cryptographic dependencies (the Dalek crates), which moved secret zeroization capabilities behind a feature flag and defaulted this feature to off. The degraded zeroization capabilities could result in the production of more memory copies of encryption secrets and secrets could linger in memory longer than necessary. This marginally increases the risk of sensitive data exposure. This issue has been addressed in version 0.6.0 and users are advised to upgrade. There are no known workarounds for this vulnerability. -- May 3, 2024
CVE-2024-34062 tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python\'s `eval`, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All users are advised to upgrade. There are no known workarounds for this vulnerability. -- May 3, 2024
CVE-2024-34061 changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. In affected versions Input in parameter notification_urls is not processed resulting in javascript execution in the application. A reflected XSS vulnerability happens when the user input from a URL or POST data is reflected on the page without being stored, thus allowing the attacker to inject malicious content. This issue has been addressed in version 0.45.22. Users are advised to upgrade. There are no known workarounds for this vulnerability. -- May 2, 2024
CVE-2024-34060 IrisEVTXModule is an interface module for Evtx2Splunk and Iris in order to ingest Microsoft EVTX log files. The `iris-evtx-module` is a pipeline plugin of `iris-web` that processes EVTX files through IRIS web application. During the upload of an EVTX through this pipeline, the filename is not safely handled and may cause an Arbitrary File Write. This can lead to a remote code execution (RCE) when combined with a Server Side Template Injection (SSTI). This vulnerability has been patched in version 1.0.0. -- May 24, 2024
CVE-2024-34058 The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail message). -- May 17, 2024
CVE-2024-34055 Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command. -- Jun 5, 2024
CVE-2024-34051 A Reflected Cross-site scripting (XSS) vulnerability located in htdocs/compta/paiement/card.php of Dolibarr before 19.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into the facid parameter. -- Jun 4, 2024
CVE-2024-34050 Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in return uint64(b[2])<<16 | uint64(b[1])<<8 | uint64(b[0]) in reader.go. -- Apr 30, 2024
CVE-2024-34049 Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in return plmnIdString[0:3], plmnIdString[3:] in reader.go. -- Apr 30, 2024
CVE-2024-34048 O-RAN RIC I-Release e2mgr lacks array size checks in E2nodeConfigUpdateNotificationHandler. -- Apr 30, 2024
CVE-2024-34047 O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler. -- Apr 30, 2024
CVE-2024-34046 The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for message.peerInfo->sctpParams->e2tCounters[IN_SUCC][MSG_COUNTER][ProcedureCode_id_RICsubscription]->Increment(). -- Apr 30, 2024
CVE-2024-34045 The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for message.peerInfo->counters[IN_INITI][MSG_COUNTER][ProcedureCode_id_E2setup]->Increment(). -- Apr 30, 2024
CVE-2024-34044 The O-RAN E2T I-Release buildPrometheusList function can have a NULL pointer dereference because peerInfo can be NULL. -- Apr 30, 2024
CVE-2024-34043 O-RAN RICAPP kpimon-go I-Release has a segmentation violation via a certain E2AP-PDU message. -- Apr 30, 2024
CVE-2024-34033 Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten. -- May 3, 2024
CVE-2024-34032 Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed. -- May 3, 2024
CVE-2024-34031 Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed. -- May 3, 2024
CVE-2024-34029 Mattermost versions 9.5.x <= 9.5.3, 9.7.x <= 9.7.1 and 8.1.x <= 8.1.12 fail to perform a proper authorization check in the /api/v4/groups/<group-id>/channels/<channel-id>/link endpoint which allows a user to learn the members of an AD/LDAP group that is linked to a team by adding the group to a channel, even if the user has no access to the team. -- May 28, 2024
CVE-2024-34025 CyberPower PowerPanel business application code contains a hard-coded set of authentication credentials. This could result in an attacker bypassing authentication and gaining administrator privileges. -- May 16, 2024
CVE-2024-34020 A stack-based buffer overflow was found in the putSDN() function of mail.c in hcode through 2.1. -- Apr 29, 2024
CVE-2024-34011 Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758. -- Apr 29, 2024
CVE-2024-34010 Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758. -- Apr 29, 2024
CVE-2024-34009 Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized. -- Jun 3, 2024
CVE-2024-34008 Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF risk. -- Jun 3, 2024
CVE-2024-34007 The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF. -- Jun 3, 2024
CVE-2024-34006 The site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered. -- Jun 3, 2024
CVE-2024-34005 In a shared hosting environment that has been misconfigured to allow access to other users\' content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the Moodle webroot could execute a local file include. -- Jun 3, 2024
CVE-2024-34004 In a shared hosting environment that has been misconfigured to allow access to other users\' content, a Moodle user with both access to restore wiki modules and direct access to the web server outside of the Moodle webroot could execute a local file include. -- Jun 3, 2024
CVE-2024-34003 In a shared hosting environment that has been misconfigured to allow access to other users\' content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle webroot could execute a local file include. -- Jun 3, 2024
CVE-2024-34002 In a shared hosting environment that has been misconfigured to allow access to other users\' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle webroot could execute a local file include. -- Jun 3, 2024
CVE-2024-34001 Actions in the admin preset tool did not include the necessary token to prevent a CSRF risk. -- Jun 3, 2024
CVE-2024-34000 ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk. -- Jun 3, 2024
CVE-2024-33999 The referrer URL used by MFA required additional sanitizing, rather than being used directly. -- Jun 3, 2024
CVE-2024-33998 Insufficient escaping of participants\' names in the participants page table resulted in a stored XSS risk when interacting with some features. -- Jun 3, 2024
CVE-2024-33997 Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user\'s equation. -- Jun 3, 2024
CVE-2024-33996 Incorrect validation of allowed event types in a calendar web service made it possible for some users to create events with types/audiences they did not have permission to publish to. -- Jun 3, 2024
CVE-2024-33956 Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0. -- May 14, 2024
CVE-2024-33955 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Theme Freesia Freesia Empire allows Stored XSS.This issue affects Freesia Empire: from n/a through 1.4.1. -- May 14, 2024
CVE-2024-33954 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Atanas Yonkov Pliska allows Stored XSS.This issue affects Pliska: from n/a through 0.3.5. -- May 14, 2024
CVE-2024-33953 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a through 1.7.2. -- May 14, 2024
CVE-2024-33952 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Justin Tadlock Unique allows Stored XSS.This issue affects Unique: from n/a through 0.3.0. -- May 14, 2024
CVE-2024-33951 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Adam DeHaven Perfect Pullquotes allows Stored XSS.This issue affects Perfect Pullquotes: from n/a through 1.7.5. -- May 14, 2024
CVE-2024-33950 Administrator Cross Site Scripting (XSS) in Archives Calendar Widget <= 1.0.15 versions. -- May 14, 2024
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online