Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 175576 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2024-38507 In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible -- Jun 18, 2024 n/a
CVE-2024-38506 In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows -- Jun 18, 2024 n/a
CVE-2024-38505 In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site -- Jun 18, 2024 n/a
CVE-2024-38504 In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles -- Jun 18, 2024 n/a
CVE-2024-38470 zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at /own.php. -- Jun 17, 2024 n/a
CVE-2024-38469 zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at /pay.php. -- Jun 17, 2024 n/a
CVE-2024-38468 Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API. -- Jun 16, 2024 n/a
CVE-2024-38467 Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API. -- Jun 16, 2024 n/a
CVE-2024-38466 Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password. -- Jun 16, 2024 n/a
CVE-2024-38465 Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error. -- Jun 16, 2024 n/a
CVE-2024-38462 iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106 reference. -- Jun 16, 2024 n/a
CVE-2024-38461 irodsServerMonPerf in iRODS before 4.3.2 attempts to proceed with use of a path even if it is not a directory. -- Jun 16, 2024 n/a
CVE-2024-38460 In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs, etc). -- Jun 16, 2024 n/a
CVE-2024-38459 langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444. -- Jun 16, 2024 n/a
CVE-2024-38458 Xenforo before 2.2.16 allows code injection. -- Jun 16, 2024 n/a
CVE-2024-38457 Xenforo before 2.2.16 allows CSRF. -- Jun 16, 2024 n/a
CVE-2024-38454 ExpressionEngine before 7.4.11 allows XSS. -- Jun 16, 2024 n/a
CVE-2024-38449 A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and possibly earlier versions allows remote authenticated attackers to browse parent directories and read the content of files outside the scope of the application. -- Jun 17, 2024 n/a
CVE-2024-38448 htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may be used. -- Jun 16, 2024 n/a
CVE-2024-38443 C/sorting/binary_insertion_sort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements. -- Jun 16, 2024 n/a
CVE-2024-38441 Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to \'\\0\' in FPMapName in afp_mapname in etc/afp/directory.c. -- Jun 16, 2024 n/a
CVE-2024-38440 Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of incorrectly using FPLoginExt in BN_bin2bn in etc/uams/uams_dhx_pam.c. -- Jun 16, 2024 n/a
CVE-2024-38439 Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[PASSWDLEN] to \'\\0\' in FPLoginExt in login in etc/uams/uams_pam.c. -- Jun 16, 2024 n/a
CVE-2024-38428 url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. -- Jun 16, 2024 n/a
CVE-2024-38427 In International Color Consortium DemoIccMAX before 85ce74e, a logic flaw in CIccTagXmlProfileSequenceId::ParseXml in IccXML/IccLibXML/IccTagXml.cpp results in unconditionally returning false. -- Jun 16, 2024 n/a
CVE-2024-38396 An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature (enabled by default), allows an attacker to inject arbitrary code into the terminal, a different vulnerability than CVE-2024-38395. -- Jun 16, 2024 n/a
CVE-2024-38395 In iTerm2 before 3.5.2, the Terminal may report window title setting is not honored, and thus remote code execution might occur but is not trivially exploitable. -- Jun 16, 2024 n/a
CVE-2024-38394 Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel\'s underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules and filesystem implementations. NOTE: the GSD supplier indicates that consideration of a mitigation for this within GSD would be in the context of a new feature, not a CVE. -- Jun 16, 2024 n/a
CVE-2024-38351 Pocketbase is an open source web backend written in go. In affected versions a malicious user may be able to compromise other user accounts. In order to be exploited users must have both OAuth2 and Password auth methods enabled. A possible attack scenario could be: 1. a malicious actor register with the targeted user\'s email (it is unverified), 2. at some later point in time the targeted user stumble on your app and decides to sign-up with OAuth2 (_this step could be also initiated by the attacker by sending an invite email to the targeted user_), 3. on successful OAuth2 auth we search for an existing PocketBase user matching with the OAuth2 user\'s email and associate them, 4. because we haven\'t changed the password of the existing PocketBase user during the linking, the malicious actor has access to the targeted user account and will be able to login with the initially created email/password. To prevent this for happening we now reset the password for this specific case if the previously created user wasn\'t verified (an exception to this is if the linking is explicit/manual, aka. when you send `Authorization:TOKEN` with the OAuth2 auth call). Additionally to warn existing users we now send an email alert in case the user has logged in with password but has at least one OAuth2 account linked. The flow will be further improved with ongoing refactoring and we will start sending emails for unrecognized device logins (OTP and MFA is already implemented and will be available with the next v0.23.0 release in the near future). For the time being users are advised to update to version 0.22.14. There are no known workarounds for this vulnerability. -- Jun 18, 2024 n/a
CVE-2024-38348 CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Staff Info module via the searvalu parameter. -- Jun 18, 2024 n/a
CVE-2024-38347 CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Room Information module via the id parameter. -- Jun 18, 2024 n/a
CVE-2024-38313 In certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual website address This vulnerability affects Firefox for iOS < 127. -- Jun 13, 2024 n/a
CVE-2024-38312 When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127. -- Jun 13, 2024 n/a
CVE-2024-38295 ALCASAR before 3.6.1 allows still_connected.php remote code execution. -- Jun 13, 2024 n/a
CVE-2024-38294 ALCASAR before 3.6.1 allows email_registration_back.php remote code execution. -- Jun 13, 2024 n/a
CVE-2024-38293 ALCASAR before 3.6.1 allows CSRF and remote code execution in activity.php. -- Jun 13, 2024 n/a
CVE-2024-38285 Logs storing credentials are insufficiently protected and can be decoded through the use of open source tools. -- Jun 13, 2024 n/a
CVE-2024-38284 Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls. -- Jun 13, 2024 n/a
CVE-2024-38283 Sensitive customer information is stored in the device without encryption. -- Jun 13, 2024 n/a
CVE-2024-38282 Utilizing default credentials, an attacker is able to log into the camera\'s operating system which could allow changes to be made to the operations or shutdown the camera requiring a physical reboot of the system. -- Jun 13, 2024 n/a
CVE-2024-38281 An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device. -- Jun 13, 2024 n/a
CVE-2024-38280 An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text. -- Jun 13, 2024 n/a
CVE-2024-38279 The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes. -- Jun 13, 2024 n/a
CVE-2024-38277 A unique key should be generated for a user\'s QR login key and their auto-login key, so the same key cannot be used interchangeably between the two. -- Jun 18, 2024 n/a
CVE-2024-38276 Incorrect CSRF token checks resulted in multiple CSRF risks. -- Jun 18, 2024 n/a
CVE-2024-38275 The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs. -- Jun 18, 2024 n/a
CVE-2024-38274 Insufficient escaping of calendar event titles resulted in a stored XSS risk in the event deletion prompt. -- Jun 18, 2024 n/a
CVE-2024-38273 Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access. -- Jun 18, 2024 n/a
CVE-2024-38083 Microsoft Edge (Chromium-based) Spoofing Vulnerability -- Jun 13, 2024 n/a
CVE-2024-37904 Minder is an open source Software Supply Chain Security Platform. Minder\'s Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the `github.com/go-git/go-git/v5` library on lines `L55-L89`. The Git provider does the following on the lines `L56-L62`. First, it sets the `CloneOptions`, specifying the url, the depth etc. It then validates the options. It then sets up an in-memory filesystem, to which it clones and Finally, it clones the repository. The `(g *Git) Clone()` method is vulnerable to a DoS attack: A Minder user can instruct Minder to clone a large repository which will exhaust memory and crash the Minder server. The root cause of this vulnerability is a combination of the following conditions: 1. Users can control the Git URL which Minder clones, 2. Minder does not enforce a size limit to the repository, 3. Minder clones the entire repository into memory. This issue has been addressed in commit `7979b43` which has been included in release version v0.0.52. Users are advised to upgrade. There are no known workarounds for this vulnerability. -- Jun 18, 2024 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online