ReportizFlow
Filtered by vendor
Subscriptions
Total
753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27937 | 1 Glpi-project | 1 Glpi | 2025-01-02 | 6.5 Medium |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the email address of all GLPI users. This issue has been patched in version 10.0.13. | ||||
| CVE-2024-27930 | 1 Glpi-project | 1 Glpi | 2025-01-02 | 6.5 Medium |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sensitive fields data from items on which he has read access. This issue has been patched in version 10.0.13. | ||||
| CVE-2023-32022 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2025-01-01 | 7.6 High |
| Windows Server Service Security Feature Bypass Vulnerability | ||||
| CVE-2023-21549 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 11 more | 2025-01-01 | 8.8 High |
| Windows SMB Witness Service Elevation of Privilege Vulnerability | ||||
| CVE-2024-43460 | 1 Microsoft | 1 Dynamics 365 Business Central | 2025-01-01 | 8.1 High |
| Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network. | ||||
| CVE-2024-38231 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-01-01 | 6.5 Medium |
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability | ||||
| CVE-2024-43482 | 1 Microsoft | 1 Outlook | 2025-01-01 | 6.5 Medium |
| Microsoft Outlook for iOS Information Disclosure Vulnerability | ||||
| CVE-2024-30061 | 1 Microsoft | 1 Dynamics 365 | 2024-12-31 | 7.3 High |
| Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | ||||
| CVE-2024-21402 | 1 Microsoft | 1 365 Apps | 2024-12-31 | 7.1 High |
| Microsoft Outlook Elevation of Privilege Vulnerability | ||||
| CVE-2024-56802 | 2024-12-31 | N/A | ||
| Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2. | ||||
| CVE-2024-6840 | 1 Redhat | 3 Ansible Automation Platform, Ansible Automation Platform Developer, Ansible Automation Platform Inside | 2024-12-31 | 6.6 Medium |
| An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `automountServiceAccountToken: true`, resulting in privilege escalation to a service account. | ||||
| CVE-2024-45805 | 2024-12-27 | 4.3 Medium | ||
| OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT). This is due to inadequate access control for support information (http://<opencti_domain>/storage/get/support/UUID/UUID.zip), and that the UUID is available to general users using an attached query (logs query). This vulnerability is fixed in 6.3.0. | ||||
| CVE-2024-8509 | 1 Redhat | 1 Migration Toolkit Virtualization | 2024-12-27 | 7.5 High |
| A vulnerability was found in Forklift Controller. There is no verification against the authorization header except to ensure it uses bearer authentication. Without an Authorization header and some form of a Bearer token, a 401 error occurs. The presence of a token value provides a 200 response with the requested information. | ||||
| CVE-2024-56335 | 2024-12-24 | 7.6 High | ||
| vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. In affected versions an attacker is capable of updating or deleting groups from an organization given a few conditions: 1. The attacker has a user account in the server. 2. The attacker's account has admin or owner permissions in an unrelated organization. 3. The attacker knows the target organization's UUID and the target group's UUID. Note that this vulnerability is related to group functionality and as such is only applicable for servers who have enabled the `ORG_GROUPS_ENABLED` setting, which is disabled by default. This attack can lead to different situations: 1. Denial of service, the attacker can limit users from accessing the organization's data by removing their membership from the group. 2. Privilege escalation, if the attacker is part of the victim organization, they can escalate their own privileges by joining a group they wouldn't normally have access to. For attackers that aren't part of the organization, this shouldn't lead to any possible plain-text data exfiltration as all the data is encrypted client side. This vulnerability is patched in Vaultwarden `1.32.7`, and users are recommended to update as soon as possible. If it's not possible to update to `1.32.7`, some possible workarounds are: 1. Disabling `ORG_GROUPS_ENABLED`, which would disable groups functionality on the server. 2. Disabling `SIGNUPS_ALLOWED`, which would not allow an attacker to create new accounts on the server. | ||||
| CVE-2024-12901 | 2024-12-24 | 5.3 Medium | ||
| A vulnerability classified as critical was found in FoxCMS up to 1.2. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/Site.php of the component API Endpoint. The manipulation of the argument password leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-53071 | 1 Linux | 1 Linux Kernel | 2024-12-19 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthor_device_mmap_io() implementation has two issues: 1. For mapping DRM_PANTHOR_USER_FLUSH_ID_MMIO_OFFSET, panthor_device_mmap_io() bails if VM_WRITE is set, but does not clear VM_MAYWRITE. That means userspace can use mprotect() to make the mapping writable later on. This is a classic Linux driver gotcha. I don't think this actually has any impact in practice: When the GPU is powered, writes to the FLUSH_ID seem to be ignored; and when the GPU is not powered, the dummy_latest_flush page provided by the driver is deliberately designed to not do any flushes, so the only thing writing to the dummy_latest_flush could achieve would be to make *more* flushes happen. 2. panthor_device_mmap_io() does not block MAP_PRIVATE mappings (which are mappings without the VM_SHARED flag). MAP_PRIVATE in combination with VM_MAYWRITE indicates that the VMA has copy-on-write semantics, which for VM_PFNMAP are semi-supported but fairly cursed. In particular, in such a mapping, the driver can only install PTEs during mmap() by calling remap_pfn_range() (because remap_pfn_range() wants to **store the physical address of the mapped physical memory into the vm_pgoff of the VMA**); installing PTEs later on with a fault handler (as panthor does) is not supported in private mappings, and so if you try to fault in such a mapping, vmf_insert_pfn_prot() splats when it hits a BUG() check. Fix it by clearing the VM_MAYWRITE flag (userspace writing to the FLUSH_ID doesn't make sense) and requiring VM_SHARED (copy-on-write semantics for the FLUSH_ID don't make sense). Reproducers for both scenarios are in the notes of my patch on the mailing list; I tested that these bugs exist on a Rock 5B machine. Note that I only compile-tested the patch, I haven't tested it; I don't have a working kernel build setup for the test machine yet. Please test it before applying it. | ||||
| CVE-2024-51479 | 2024-12-17 | 7.5 High | ||
| Next.js is a React framework for building full-stack web applications. In affected versions if a Next.js application is performing authorization in middleware based on pathname, it was possible for this authorization to be bypassed for pages directly under the application's root directory. For example: * [Not affected] `https://example.com/` * [Affected] `https://example.com/foo` * [Not affected] `https://example.com/foo/bar`. This issue is patched in Next.js `14.2.15` and later. If your Next.js application is hosted on Vercel, this vulnerability has been automatically mitigated, regardless of Next.js version. There are no official workarounds for this vulnerability. | ||||
| CVE-2024-23665 | 1 Fortinet | 1 Fortiweb | 2024-12-17 | 5.6 Medium |
| Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated attacker to perform unauthorized ADOM operations via crafted requests. | ||||
| CVE-2024-23667 | 1 Fortinet | 1 Fortiwebmanager | 2024-12-17 | 7.6 High |
| An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI. | ||||
| CVE-2024-23670 | 1 Fortinet | 1 Fortiwebmanager | 2024-12-17 | 7.6 High |
| An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI. | ||||