ReportizFlow
Filtered by vendor
Subscriptions
Total
12613 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0127 | 1 Nvidia | 2 Cloud Gaming Virtual Gpu, Virtual Gpu Manager | 2024-11-01 | 7.8 High |
| NVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for all supported hypervisors, where a user of the guest OS can cause an improper input validation by compromising the guest OS kernel. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. | ||||
| CVE-2024-0126 | 1 Nvidia | 3 Cloud Gaming Virtual Gpu, Gpu Display Driver, Virtual Gpu Manager | 2024-11-01 | 8.2 High |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2024-7004 | 1 Google | 1 Chrome | 2024-10-29 | 4.3 Medium |
| Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low) | ||||
| CVE-2024-20464 | 1 Cisco | 1 Ios Xe | 2024-10-24 | 8.6 High |
| A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of received IPv4 PIMv2 packets. An attacker could exploit this vulnerability by sending a crafted PIMv2 packet to a PIM-enabled interface on an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition. Note: This vulnerability can be exploited with either an IPv4 multicast or unicast packet. | ||||
| CVE-2024-48919 | 1 Cursor | 1 Cursor | 2024-10-23 | N/A |
| Cursor is a code editor built for programming with AI. Prior to Sep 27, 2024, if a user generated a terminal command via Cursor's Terminal Cmd-K/Ctrl-K feature and if the user explicitly imported a malicious web page into the Terminal Cmd-K prompt, an attacker with control over the referenced web page could have a significant chance of influencing a language model to output arbitrary commands for execution in the user's terminal. This scenario would require the user explicitly opt-in to including the contents of a compromised webpage, and it would require that the attacker display prompt injection text in the the contents of the compromised webpage. A server-side patch to not stream back newlines or control characters was released on September 27, 2024, within two hours of the issue being reported. Additionally, Cursor 0.42 includes client-side mitigations to prevent any newline or control character from being streamed into the terminal directly. It also contains a new setting, `"cursor.terminal.usePreviewBox"`, which, if set to true, streams the response into a preview box whose contents then have to be manually accepted before being inserted into the terminal. This setting is useful if you're working in a shell environment where commands can be executed without pressing enter or any control character. The patch has been applied server-side, so no additional action is needed, even on older versions of Cursor. Separately, Cursor's maintainers also recommend, as best practice, to only include trusted pieces of context in prompts. | ||||
| CVE-2024-49361 | 1 Acon | 1 Acon | 2024-10-21 | N/A |
| ACON is a widely-used library of tools for machine learning that focuses on adaptive correlation optimization. A potential vulnerability has been identified in the input validation process, which could lead to arbitrary code execution if exploited. This issue could allow an attacker to submit malicious input data, bypassing input validation, resulting in remote code execution in certain machine learning applications using the ACON library. All users utilizing ACON’s input-handling functions are potentially at risk. Specifically, machine learning models or applications that ingest user-generated data without proper sanitization are the most vulnerable. Users running ACON on production servers are at heightened risk, as the vulnerability could be exploited remotely. As of time of publication, it is unclear whether a fix is available. | ||||
| CVE-2024-6207 | 1 Rockwellautomation | 18 Compact Guardlogix 5380 Sil2 Firmware, Compact Guardlogix 5380 Sil3 Firmware, Compact Guardlogix 5380 Sil 2 and 15 more | 2024-10-21 | 7.5 High |
| CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running. | ||||
| CVE-2024-48918 | 1 Rdsai | 1 Rdslight | 2024-10-18 | N/A |
| RDS Light is a simplified version of the Reflective Dialogue System (RDS), a self-reflecting AI framework. Versions prior to 1.1.0 contain a vulnerability that involves a lack of input validation within the RDS AI framework, specifically within the user input handling code in the main module (`main.py`). This leaves the framework open to injection attacks and potential memory tampering. Any user or external actor providing input to the system could exploit this vulnerability to inject malicious commands, corrupt stored data, or affect API calls. This is particularly critical for users employing RDS AI in production environments where it interacts with sensitive systems, performs dynamic memory caching, or retrieves user-specific data for analysis. Impacted areas include developers using the RDS AI system as a backend for AI-driven applications and systems running RDS AI that may be exposed to untrusted environments or receive unverified user inputs. The vulnerability has been patched in version 1.1.0 of the RDS AI framework. All user inputs are now sanitized and validated against a set of rules designed to mitigate malicious content. Users should upgrade to version 1.1.0 or higher and ensure all dependencies are updated to their latest versions. For users unable to upgrade to the patched version, a workaround can be implemented. The user implementing the workaround should implement custom validation checks for user inputs to filter out unsafe characters and patterns (e.g., SQL injection attempts, script injections) and limit or remove features that allow user input until the system can be patched. | ||||
| CVE-2024-9348 | 1 Docker | 1 Desktop | 2024-10-17 | N/A |
| Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view. | ||||
| CVE-2024-33066 | 1 Qualcomm | 142 Csr8811, Csr8811 Firmware, Immersive Home 214 Platform and 139 more | 2024-10-16 | 9.8 Critical |
| Memory corruption while redirecting log file to any file location with any file name. | ||||
| CVE-2024-43697 | 1 Openatom | 1 Openharmony | 2024-10-16 | 3.3 Low |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. | ||||
| CVE-2024-48914 | 1 Vendure | 1 Vendure | 2024-10-16 | 9.1 Critical |
| Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data such as configuration files, environment variables, and other critical data stored on the server. In the same code path is an additional vector for crashing the server via a malformed URI. Patches are available in versions 3.0.5 and 2.3.3. Some workarounds are also available. One may use object storage rather than the local file system, e.g. MinIO or S3, or define middleware which detects and blocks requests with urls containing `/../`. | ||||
| CVE-2024-9507 | 2024-10-15 | 4.9 Medium | ||
| The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function. This makes it possible for authenticated attackers, with Administrator-level access and above, to leverage a PHP filter chain attack and read the contents of arbitrary files on the server, which can contain sensitive information. | ||||
| CVE-2024-45117 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2024-10-11 | 7.6 High |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed. | ||||
| CVE-2024-20406 | 1 Cisco | 1 Ios Xr | 2024-10-07 | 7.4 High |
| A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type. | ||||
| CVE-2024-8889 | 1 Circutor | 3 Circutor Tcp2rs Plus, Tcp2rs\+, Tcp2rs\+ Firmware | 2024-10-07 | 9.3 Critical |
| Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use. This equipment is at the end of its useful life cycle. | ||||
| CVE-2024-41849 | 1 Adobe | 1 Experience Manager | 2024-10-07 | 4.1 Medium |
| Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could lead to a security feature bypass. An low-privileged attacker could leverage this vulnerability to slightly affect the integrity of the page. Exploitation of this issue requires user interaction and scope is changed. | ||||
| CVE-2024-6436 | 1 Rockwellautomation | 1 Sequencemanager | 2024-10-03 | N/A |
| An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition. If exploited, the device would become unresponsive, and a manual restart will be required for recovery. Additionally, if exploited, there could be a loss of view for the downstream equipment sequences in the controller. Users would not be able to view the status or command the equipment sequences, however the equipment sequence would continue to execute uninterrupted. | ||||
| CVE-2024-47179 | 1 Diygod | 1 Rsshub | 2024-10-02 | 8.8 High |
| RSSHub is an RSS network. Prior to commit 64e00e7, RSSHub's `docker-test-cont.yml` workflow is vulnerable to Artifact Poisoning, which could have lead to a full repository takeover. Downstream users of RSSHub are not vulnerable to this issue, and commit 64e00e7 fixed the underlying issue and made the repository no longer vulnerable. The `docker-test-cont.yml` workflow gets triggered when the `PR - Docker build test` workflow completes successfully. It then collects some information about the Pull Request that triggered the triggering workflow and set some labels depending on the PR body and sender. If the PR also contains a `routes` markdown block, it will set the `TEST_CONTINUE` environment variable to `true`. The workflow then downloads and extracts an artifact uploaded by the triggering workflow which is expected to contain a single `rsshub.tar.zst` file. However, prior to commit 64e00e7, it did not validate and the contents were extracted in the root of the workspace overriding any existing files. Since the contents of the artifact were not validated, it is possible for a malicious actor to send a Pull Request which uploads, not just the `rsshub.tar.zst` compressed docker image, but also a malicious `package.json` file with a script to run arbitrary code in the context of the privileged workflow. As of commit 64e00e7, this scenario has been addressed and the RSSHub repository is no longer vulnerable. | ||||
| CVE-2024-45825 | 1 Rockwellautomation | 2 5015-u8ihft, 5015-u8ihft Firmware | 2024-10-02 | 7.5 High |
| CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service. | ||||