CVE Database

Search and browse vulnerability records from NVD

Showing 50 of 42142 CVEs

CVE ID Severity Description EPSS Published
7.5 HIGH

This affects versions of the package angular from 1.3.0; versions of the package angularjs from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. **Note:** This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).

1.9% 2024-02-10
7.8 HIGH

An issue in the HuginBase::PTools::setDestImage function of Hugin v2022.0.0 allows attackers to cause a heap buffer overflow via parsing a crafted image.

0.4% 2024-02-09
7.8 HIGH

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure.

0.3% 2024-02-09
7.8 HIGH

An issue in the HuginBase::ImageVariable<double>::linkWith function of Hugin v2022.0.0 allows attackers to cause a heap-use-after-free via parsing a crafted image.

0.3% 2024-02-09
7.8 HIGH

An issue in the HuginBase::PanoramaMemento::loadPTScript function of Hugin v2022.0.0 allows attackers to cause a heap buffer overflow via parsing a crafted image.

0.4% 2024-02-09
8.8 HIGH

Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0.

0.6% 2024-02-09
7.8 HIGH

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

1.2% 2024-02-09
7.5 HIGH

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.6. This is due to direct access of the backuply/restore_ins.php file and. This makes it possible for unauthenticated attackers to make excessive requests that result in the server running out of resources.

1.0% 2024-02-09
8.8 HIGH

An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows authenticated command injection via ftp.

1.2% 2024-02-08
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Almeida | Webdados Portugal CTT Tracking for WooCommerce portugal-ctt-tracking-woocommerce.This issue affects Portugal CTT Tracking for WooCommerce: from n/a through <= 2.1.

0.3% 2024-02-08
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magic Hills Pty Ltd Wonder Slider Lite allows Reflected XSS.This issue affects Wonder Slider Lite: from n/a through 13.9.

0.3% 2024-02-08
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc allows Reflected XSS.This issue affects WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc: from n/a through 6.5.2.

0.4% 2024-02-08
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/a through 7.5.13.

0.4% 2024-02-08
7.5 HIGH

Exposure of Data Element to Wrong Session vulnerability in Mia Technology Inc. MİA-MED allows Read Sensitive Strings Within an Executable. This issue affects MİA-MED: before 1.0.7.

0.5% 2024-02-08
7.5 HIGH

Plaintext Storage of a Password vulnerability in Mia Technology Inc. MİA-MED allows Read Sensitive Strings Within an Executable. This issue affects MİA-MED: before 1.0.7.

0.4% 2024-02-08
7.5 HIGH

Exposure of Sensitive Information Due to Incompatible Policies vulnerability in Mia Technology Inc. MİA-MED allows Collect Data as Provided by Users. This issue affects MİA-MED: before 1.0.7.

0.5% 2024-02-08
8.8 HIGH

Authorization Bypass Through User-Controlled Key vulnerability in Mia Technology Inc. MİA-MED allows Authentication Abuse. This issue affects MİA-MED: before 1.0.7.

0.6% 2024-02-08
8.2 HIGH

IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a configuration file that could allow remote access. IBM X-Force ID: 266155.

0.6% 2024-02-07
7.5 HIGH

IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977.

0.9% 2024-02-07
7.5 HIGH

IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-Force Id: 254957.

0.6% 2024-02-07
8.8 HIGH

The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

0.7% 2024-02-07
7.5 HIGH

An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.

1.6% 2024-02-06
7.2 HIGH

A post authentication command execution vulnerability exists in the web filtering functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

1.9% 2024-02-06
7.2 HIGH

A post authentication command injection vulnerability exists when configuring the web group member of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

3.4% 2024-02-06
7.2 HIGH

A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

3.4% 2024-02-06
7.2 HIGH

A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

3.4% 2024-02-06
7.2 HIGH

A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection . An attacker can make an authenticated HTTP request to trigger this vulnerability.

3.4% 2024-02-06
7.2 HIGH

A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

3.3% 2024-02-06
7.2 HIGH

A post authentication command injection vulnerability exists when setting up the PPTP global configuration of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

3.4% 2024-02-06
7.2 HIGH

A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability and gain access to an unrestricted shell.

3.4% 2024-02-06
8.2 HIGH

The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seedprod_lite_new_lpage function in all versions up to, and including, 6.15.21. This makes it possible for unauthenticated attackers to change the contents of coming-soon, maintenance pages, login and 404 pages set up with the plugin. Version 6.15.22 addresses this issue but introduces a bug affecting admin pages. We suggest upgrading to 6.15.23.

0.7% 2024-02-05
8.8 HIGH

The Instant Images – One Click Image Uploads from Unsplash, Openverse, Pixabay and Pexels plugin for WordPress is vulnerable to unauthorized arbitrary options update due to an insufficient check that neglects to verify whether the updated option belongs to the plugin on the instant-images/license REST API endpoint in all versions up to, and including, 6.1.0. This makes it possible for authors and higher to update arbitrary options. CVE-2024-33569 appears to be a duplicate of this issue.

0.8% 2024-02-05
8.1 HIGH

The File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.1 due to insufficient randomness in the backup filenames, which use a timestamp plus 4 random digits. This makes it possible for unauthenticated attackers, to extract sensitive data including site backups in configurations where the .htaccess file in the directory does not block access.

1.0% 2024-02-05
7.1 HIGH

The Index Now plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.3. This is due to missing or incorrect nonce validation on the 'reset_form' function. This makes it possible for unauthenticated attackers to delete arbitrary site options via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

0.3% 2024-02-05
8.2 HIGH

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wppb_two_factor_authentication_settings_update' function in all versions up to, and including, 3.10.8. This makes it possible for unauthenticated attackers to enable or disable the 2FA functionality present in the Premium version of the plugin for arbitrary user roles.

2.4% 2024-02-05
8.8 HIGH

The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Code Injection via the plugin's vg_display_data shortcode in all versions up to, and including, 1.2.1 due to insufficient input validation and restriction on access to that shortcode. This makes it possible for authenticated attackers with contributor-level and above permissions to call arbitrary functions and execute code.

1.1% 2024-02-05
8.8 HIGH

The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

68.0% 2024-02-05
7.2 HIGH

The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importZipFile' function in versions up to, and including, 1.0.42. This makes it possible for authenticated attackers with a role that the administrator previously granted access to the plugin (the default is editor role, but access can also be granted to contributor role), to upload arbitrary files on the affected site's server which may make remote code execution possible.

1.5% 2024-02-05
8.8 HIGH

The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 8.3.4 via the mk_check_filemanager_php_syntax AJAX function. This makes it possible for authenticated attackers, with subscriber access and above, to execute code on the server. Version 8.3.5 introduces a capability check that prevents users lower than admin from executing this function.

15.9% 2024-02-05
8.8 HIGH

The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and including, 2.0.22. This makes it possible for authenticated attackers, with subscriber-level access or higher, to edit arbitrary site options which can be used to create administrator accounts.

1.5% 2024-02-05
7.2 HIGH

The EditorsKit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'import_styles' function in versions up to, and including, 1.40.3. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

1.6% 2024-02-05
7.5 HIGH

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.

1.1% 2024-02-05
7.5 HIGH

A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.

1.1% 2024-02-05
7.5 HIGH

freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.

1.1% 2024-02-05
7.5 HIGH

freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.

1.1% 2024-02-05
7.8 HIGH

Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.

0.6% 2024-02-05
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MJS Software PT Sign Ups – Beautiful volunteer sign ups and management made easy allows Stored XSS.This issue affects PT Sign Ups – Beautiful volunteer sign ups and management made easy: from n/a through 1.0.4.

0.3% 2024-02-05
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgadbois CalculatorPro Calculators allows Reflected XSS.This issue affects CalculatorPro Calculators: from n/a through 1.1.7.

0.3% 2024-02-05
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Addons for Elementor allows Reflected XSS.This issue affects Mighty Addons for Elementor: from n/a through 1.9.3.

0.3% 2024-02-05
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Biteship Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo allows Reflected XSS.This issue affects Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo: from n/a through 2.2.24.

0.4% 2024-02-05