The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2020-10655 | The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server\'s WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | HIGH | Jan 8, 2021 | n/a |
| CVE-2020-10656 | The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server\'s WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | HIGH | Jan 8, 2021 | n/a |
| CVE-2020-10657 | The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console\'s ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | MEDIUM | Jan 8, 2021 | n/a |
| CVE-2021-27900 | The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an authorization check on several pages in the Web Console. This enables a view-only user to change any configuration setting and delete any registered agents. All versions before 7.11.1 are affected. | MEDIUM | Apr 7, 2021 | n/a |
| CVE-2021-22158 | The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console. The vulnerability requires admin user privileges and knowledge of the XML file\'s encryption key to successfully exploit. All versions before 7.11 are affected. | MEDIUM | Apr 7, 2021 | n/a |
| CVE-2021-46785 | The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier. | MEDIUM | May 13, 2022 | n/a |
| CVE-2018-6465 | The PropertyHive plugin before 1.4.15 for WordPress has XSS via the body parameter to includes/admin/views/html-preview-applicant-matches-email.php. | Medium | Feb 15, 2018 | n/a |
| CVE-2024-3607 | The PropertyHive plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_key_date() function in all versions up to, and including, 2.0.12. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary posts | -- | May 2, 2024 | n/a |
| CVE-2021-24906 | The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin (and therefore the protection offered) via a crafted request | MEDIUM | Feb 4, 2022 | n/a |
| CVE-2023-3139 | The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a redirection of a crafted URL, bypassing the protection offered. | -- | Jul 5, 2023 | n/a |
| CVE-2018-7185 | The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the other side of an interleaved association causing the victim ntpd to reset its association. | Medium | Feb 27, 2018 | SR0541,SR0630 (VxWorks 7) |
| CVE-2024-24786 | The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. | -- | Mar 5, 2024 | n/a |
| CVE-2021-27784 | The provided HCL Launch Container images contain non-unique HTTPS certificates and a database encryption key. The fix provides directions and tools to replace the non-unique keys and certificates. This does not affect the standard installer packages. | -- | Nov 2, 2022 | n/a |
| CVE-2017-9325 | The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs. | MEDIUM | Jul 11, 2019 | n/a |
| CVE-2024-1137 | The Proxy and Client components of TIBCO Software Inc.\'s TIBCO ActiveSpaces - Enterprise Edition contain a vulnerability that theoretically allows an Active Spaces client to passively observe data traffic to other clients. Affected releases are TIBCO Software Inc.\'s TIBCO ActiveSpaces - Enterprise Edition: versions 4.4.0 through 4.9.0. | -- | Mar 12, 2024 | n/a |
| CVE-2019-15537 | The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php. | HIGH | Aug 28, 2019 | n/a |
| CVE-2016-7976 | The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams. | MEDIUM | Aug 8, 2017 | n/a |
| CVE-2019-7412 | The PS PHPCaptcha WP plugin before v1.2.0 for WordPress mishandles sanitization of input values. | High | Feb 6, 2019 | n/a |
| CVE-2017-15269 | The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. These can be performed using nmap -b and allow performing scans via the FTP server. | MEDIUM | Nov 15, 2017 | n/a |
| CVE-2017-15270 | The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface (GUI) view and create arbitrary entries to a certain extent. Special characters such as '' and ',' and ' ' are not escaped and can be used to add new entries to the log. | MEDIUM | Nov 16, 2017 | n/a |
| CVE-2017-15272 | The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password ITsILLEGAL; however, this password is not required to extract the data. Cleartext is used for a user password. | LOW | Nov 15, 2017 | n/a |
| CVE-2021-24558 | The pspin_duplicate_post_save_as_new_post function of the Project Status WordPress plugin through 1.6 does not sanitise, validate or escape the post GET parameter passed to it before outputting it in an error message when the related post does not exist, leading to a reflected XSS issue | LOW | Aug 27, 2021 | n/a |
| CVE-2016-6887 | The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular expontiation, which might allow remote attackers to predict the secret key via a CRT attack. | MEDIUM | Jan 17, 2017 | n/a |
| CVE-2016-8671 | The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular expontiation, which might allow remote attackers to predict the secret key via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6887. | MEDIUM | Jan 17, 2017 | n/a |
| CVE-2016-6885 | The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation. | MEDIUM | Jan 17, 2017 | n/a |
| CVE-2016-6886 | The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret key during RSA key exchange. | MEDIUM | Jan 17, 2017 | n/a |
| CVE-2014-2906 | The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name. | MEDIUM | Feb 3, 2020 | n/a |
| CVE-2022-23730 | The public API error causes for the attacker to be able to bypass API access control. | HIGH | Mar 11, 2022 | n/a |
| CVE-2023-0215 | The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected. | LOW | Feb 9, 2023 | 23.03 (VxWorks 7) |
| CVE-2018-3747 | The public node module versions <= 1.0.3 allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript. | MEDIUM | Jul 3, 2018 | n/a |
| CVE-2021-35947 | The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL. | MEDIUM | Sep 8, 2021 | n/a |
| CVE-2017-16904 | The Public tologin feature in admin.php in LvyeCMS through 3.1 allows XSS via a crafted username that is mishandled during later log viewing by an administrator. | MEDIUM | Nov 20, 2017 | n/a |
| CVE-2018-11686 | The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php. | HIGH | Jul 5, 2019 | n/a |
| CVE-2021-25032 | The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin\'s settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a result, unauthenticated attackers could update arbitrary blog options, such as the default role and make any new registered user with an administrator role. | HIGH | Jan 10, 2022 | n/a |
| CVE-2022-3366 | The PublishPress Capabilities WordPress plugin before 2.5.2, PublishPress Capabilities Pro WordPress plugin before 2.5.2 unserializes the content of imported files, which could lead to PHP object injection attacks by administrators, on multisite WordPress configurations. Successful exploitation in this case requires other plugins with a suitable gadget chain to be present on the site. | -- | Nov 1, 2022 | n/a |
| CVE-2023-4970 | The PubyDoc WordPress plugin through 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | -- | Nov 24, 2023 | n/a |
| CVE-2018-25083 | The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name. | -- | Mar 31, 2023 | n/a |
| CVE-2016-3108 | The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack. | LOW | Jun 8, 2017 | n/a |
| CVE-2016-3696 | The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users to obtain the CA key. | Low | Jun 22, 2017 | n/a |
| CVE-2024-27894 | The Pulsar Functions Worker includes a capability that permits authenticated users to create functions where the function\'s implementation is referenced by a URL. The supported URL schemes include file, http, and https. When a function is created using this method, the Functions Worker will retrieve the implementation from the URL provided by the user. However, this feature introduces a vulnerability that can be exploited by an attacker to gain unauthorized access to any file that the Pulsar Functions Worker process has permissions to read. This includes reading the process environment which potentially includes sensitive information, such as secrets. Furthermore, an attacker could leverage this vulnerability to use the Pulsar Functions Worker as a proxy to access the content of remote HTTP and HTTPS endpoint URLs. This could also be used to carry out denial of service attacks. This vulnerability also applies to the Pulsar Broker when it is configured with functionsWorkerEnabled=true. This issue affects Apache Pulsar versions from 2.4.0 to 2.10.5, from 2.11.0 to 2.11.3, from 3.0.0 to 3.0.2, from 3.1.0 to 3.1.2, and 3.2.0. 2.10 Pulsar Function Worker users should upgrade to at least 2.10.6. 2.11 Pulsar Function Worker users should upgrade to at least 2.11.4. 3.0 Pulsar Function Worker users should upgrade to at least 3.0.3. 3.1 Pulsar Function Worker users should upgrade to at least 3.1.3. 3.2 Pulsar Function Worker users should upgrade to at least 3.2.1. Users operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions. The updated versions of Pulsar Functions Worker will, by default, impose restrictions on the creation of functions using URLs. For users who rely on this functionality, the Function Worker configuration provides two configuration keys: additionalEnabledConnectorUrlPatterns and additionalEnabledFunctionsUrlPatterns. These keys allow users to specify a set of URL patterns that are permitted, enabling the creation of functions using URLs that match the defined patterns. This approach ensures that the feature remains available to those who require it, while limiting the potential for unauthorized access and exploitation. | -- | Mar 12, 2024 | n/a |
| CVE-2018-15749 | The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability. | LOW | Sep 6, 2018 | n/a |
| CVE-2018-15726 | The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability. | MEDIUM | Sep 6, 2018 | n/a |
| CVE-2018-15865 | The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerability. | MEDIUM | Sep 6, 2018 | n/a |
| CVE-2018-16263 | The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | MEDIUM | Feb 3, 2020 | n/a |
| CVE-2017-8943 | The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | MEDIUM | May 15, 2017 | n/a |
| CVE-2016-9686 | The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is resolved in Puppet Enterprise 2016.4.3 and 2016.5.2. | MEDIUM | Feb 8, 2017 | n/a |
| CVE-2016-2787 | The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors. | MEDIUM | Feb 13, 2017 | n/a |
| CVE-2024-3595 | The Pure Chat – Live Chat Plugin & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the purechatwid and purechatwname parameter in all versions up to, and including, 2.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber access or above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | -- | May 14, 2024 | n/a |
| CVE-2022-31524 | The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | MEDIUM | Jul 15, 2022 | n/a |
| CVE-2018-18656 | The PureVPN client before 6.1.0 for Windows stores Login Credentials (username and password) in cleartext. The location of such files is %PROGRAMDATA%\\purevpn\\config\\login.conf. Additionally, all local users can read this file. | LOW | Oct 26, 2018 | n/a |
