CVE Catalog

A vulnerability allowing improper restriction of XML external entity references has been identified in Omron NB-Series NX-Designer. This issue could enable attackers to disclose confidential data on a computer.

A path traversal vulnerability has been identified in Omron NJ/NX-series Machine Automation Controllers. This vulnerability allows an attacker to gain unauthorized access and execute unauthorized code remotely on the affected controller products.

A vulnerability allowing information exposure has been identified in the Event Monster WordPress plugin, specifically in versions through 1.4.3. The issue arises during the export of the Visitors List, where a CSV file is generated in the wp-content directory with a hardcoded filename that is publicly accessible. This flaw enables unauthenticated attackers to retrieve personal data of event attendees, including their first and last names, email addresses, and phone numbers.

A vulnerability exists in Eaton XC-303 PLCs running firmware versions prior to 3.5.16 and 3.5.17 Build 712, allowing an attacker with network access to log in as root via SSH. The root password, hardcoded in the firmware, is 'Etn602'. This issue arises because versions 3.5.16 and below use the insecure 'crypt' algorithm to hash the root password, leaving it susceptible to brute-force attacks. Exploiting this vulnerability enables persistent access to the device, as it lacks secure boot functionality.

A vulnerability allowing authorization bypass has been identified in OpenFGA versions 1.3.8 prior to 1.8.3, including the Helm chart versions openfga-0.1.38 prior to openfga-0.2.19 and Docker versions 1.3.8 prior to 1.8.2. This vulnerability arises when the Check API or ListObjects API is called with a model that includes conditions, and OpenFGA is configured with caching enabled. Under these circumstances, it is possible to bypass authorization by manipulating contextual tuples that include conditions.

A vulnerability exists in the Notary Project's notation-go library, specifically in versions 1.2.0-beta.1 through 1.3.0-rc.1. During the generation of timestamp signatures, the library failed to verify the revocation status of the certificates used. This oversight could allow an attacker to exploit the vulnerability through a Man-in-the-Middle attack, using a compromised or revoked certificate to create a malicious countersignature. Such a countersignature would be accepted and stored by the notation-go library, potentially leading to denial-of-service scenarios in CI/CD environments where signature verification is disrupted by the presence of revoked certificates.

A denial-of-service vulnerability has been identified in the Notary Project's notation-go library, specifically in version 1.3.0-rc.1. The issue arises during the Certificate Revocation List (CRL) based revocation check, where the CRL cache update process can fail and cause an unexpected program crash. This failure occurs because the os.Rename method, used to move a temporary file from the operating system's temporary directory to the notation cache directory, is not compatible with certain operating system limitations, particularly on Linux distributions like RedHat that use a specific mount point for temporary files. As a result, the revocation check process repeatedly crashes, aborting the signature verification process.

A vulnerability exists in the Bitdefender Virus Scanner binary for macOS, allowing dynamic library injection (DYLD injection) that bypasses Apple Mobile File Integrity (AMFI). This issue arises from the lack of Hardened Runtime or Library Validation signing and affects Bitdefender Virus Scanner versions prior to 3.18.

A cross-site scripting (XSS) vulnerability exists in Selesta Visual Access Manager versions prior to 4.42.2. The issue can be exploited through the '/common/autocomplete.php' endpoint.

A cross site scripting (XSS) vulnerability exists in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. The issue can be exploited through the 'vam/vam_visits.php' page.

A vulnerability allowing authenticated attackers to write arbitrary files has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This issue arises from the ability to manipulate POST parameters on the 'common/vam_Sql.php' page.

A cross-site scripting (XSS) vulnerability has been identified in Selesta Visual Access Manager versions prior to 4.42.2. The issue arises in the 'monitor/s_monitor_map.php' file, where user input is not properly sanitized, allowing for the injection of malicious scripts that could be executed in the context of the user's browser.

A cross-site scripting (XSS) vulnerability exists in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. The issue can be exploited through the 'vam/vam_ep.php' page.

A cross-site scripting (XSS) vulnerability exists in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. The issue can be exploited through the 'monitor/s_scheduledfile.php' page.

A SQL injection vulnerability has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This issue allows authenticated attackers to exploit multiple POST parameters in the /vam/vam_visits.php file.

A vulnerability exists in Selesta Visual Access Manager (VAM) versions prior to 4.42.2, where an authenticated user can access the administrative page '/common/vam_Sql.php'. This page permits the execution of arbitrary SQL queries, potentially leading to unauthorized data manipulation or disclosure.

A SQL injection vulnerability has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This vulnerability allows authenticated attackers to manipulate a GET parameter in the '/monitor/s_terminal.php' page, potentially leading to unauthorized data access or modification.

A SQL injection vulnerability has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This vulnerability allows authenticated attackers to inject malicious SQL queries through multiple POST parameters of the 'vam_anagraphic.php' page.

A SQL injection vulnerability has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This issue allows authenticated attackers to exploit multiple POST parameters in the '/monitor/s_scheduledfile.php' endpoint.

A SQL injection vulnerability has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This vulnerability allows authenticated attackers to manipulate SQL queries through multiple POST parameters of the 'vam_ep.php' page.

A SQL injection vulnerability has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This vulnerability allows authenticated attackers to manipulate SQL queries through multiple POST parameters of the 'vam_eps.php' page.

A SQL injection vulnerability has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This vulnerability allows authenticated attackers to inject malicious SQL queries through multiple GET parameters in the 'vam_i_command.php' file.

A SQL injection vulnerability has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This issue allows authenticated attackers to exploit a GET parameter in '/common/ajaxfunction.php' to manipulate SQL queries and potentially access or modify database information.

A SQL injection vulnerability has been identified in Selesta Visual Access Manager (VAM) versions prior to 4.42.2. This vulnerability allows authenticated attackers to inject malicious SQL queries through multiple parameters in the '/monitor/s_normalizedtrans.php' page.

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in Pat Infinite Solutions HelpdeskAdvanced versions through 11.0.33. The issue arises in the WSCView function, where an attacker can exploit the vulnerability by sending a crafted request that the user inadvertently approves.

A cross site scripting (XSS) vulnerability has been identified in Pat Infinite Solutions HelpdeskAdvanced versions through 11.0.33. The issue arises in the Filter/FilterEditor function, where user input is not properly sanitized, allowing for the injection of malicious scripts that could be executed in the context of the user's browser.

A directory traversal vulnerability has been identified in Pat Infinite Solutions HelpdeskAdvanced versions through 11.0.33. The issue arises in the Navigator/Index function, allowing attackers to traverse directories and potentially access restricted files.

A vulnerability in Pat Infinite Solutions HelpdeskAdvanced versions through 11.0.33 allows low privileged users to delete admin users. This is achieved by sending a request to the 'WSCView/Delete' function, indicating a flaw in access control mechanisms that could be exploited to undermine administrative user roles.

A cross-site scripting (XSS) vulnerability has been identified in Pat Infinite Solutions HelpdeskAdvanced versions through 11.0.33. The issue arises in the WSCView/Save function, where user input is not properly sanitized, allowing for the injection of malicious scripts.

A directory traversal vulnerability has been identified in Pat Infinite Solutions HelpdeskAdvanced versions through 11.0.33. This vulnerability allows authenticated users to send SOAP requests to the WSConnector service, creating arbitrary files on the system.

A vulnerability allowing low privileged users to edit their own Access Control List (ACL) rules has been identified in Pat Infinite Solutions HelpdeskAdvanced versions 11.0.33 and prior. This issue arises from incorrect access control, which enables users to send requests to the 'AclList/SaveAclRules' administrative function and modify their ACL rules.

A directory traversal vulnerability has been identified in Pat Infinite Solutions HelpdeskAdvanced versions through 11.0.33. This vulnerability can be exploited via the WSCView/Save function, allowing attackers to traverse directories and potentially access restricted files.

A directory traversal vulnerability has been identified in Pat Infinite Solutions HelpdeskAdvanced versions through 11.0.33. This vulnerability arises in the Email/SaveAttachment function, allowing attackers to traverse directories and potentially access unauthorized files.

A directory traversal vulnerability has been identified in Pat Infinite Solutions HelpdeskAdvanced versions through 11.0.33. The issue arises in the Attachment/DownloadTempFile function, allowing unauthorized access to files outside the intended directory.

A reflected cross-site scripting vulnerability has been identified in the WeGIA application, specifically within the 'editar_permissoes.php' endpoint. This issue arises because the application does not properly validate and sanitize user inputs in the 'msg_c' parameter, allowing attackers to inject malicious scripts. These scripts are then executed in the context of the user's browser. The vulnerability affects WeGIA versions prior to 3.2.6.

A stored cross-site scripting vulnerability has been identified in the WeGIA application, specifically within the 'adicionar_cargo.php' endpoint. This issue allows attackers to inject malicious scripts into the 'cargo' parameter, which are then stored on the server. The injected scripts are executed automatically when the affected page is accessed by users, creating a significant security risk. The vulnerability arises from the application's failure to properly validate and sanitize user inputs, enabling the injection of harmful scripts that can compromise user data and systems.

A reflected cross-site scripting vulnerability has been identified in the WeGIA application, specifically within the 'editar_socio.php' endpoint. This issue allows attackers to inject malicious scripts through the 'socio' parameter. The vulnerability arises because the application does not properly validate and sanitize user inputs, enabling the injection of harmful payloads that are executed in the context of the user's browser.

A stored cross-site scripting vulnerability has been identified in the WeGIA application, specifically within the 'dependente_parentesco_adicionar.php' endpoint. This issue allows attackers to inject malicious scripts into the 'descricao' parameter, which are then stored on the server. The injected scripts are executed automatically when the affected page is accessed by users, creating a significant security risk. The vulnerability arises from inadequate validation and sanitization of user inputs, enabling the injection of harmful scripts that can compromise user data and systems.

A reflected cross-site scripting vulnerability has been identified in the WeGIA application, specifically within the Cadastro_Atendido.php endpoint. This issue arises because the application does not properly validate or sanitize user inputs in the cpf parameter, allowing attackers to inject malicious scripts. These scripts are then executed in the context of the user's browser. The vulnerability affects WeGIA versions prior to 3.2.6.

A stored cross-site scripting vulnerability has been identified in the WeGIA application, specifically within the 'dependente_editarInfoPessoal.php' endpoint. This issue allows attackers to inject malicious scripts into the 'nome' and 'SobrenomeForm' parameters. The injected scripts are stored on the server and executed automatically when the affected page is accessed by users, creating a significant security risk. The vulnerability arises from the application's failure to properly validate and sanitize user inputs, enabling the injection of harmful scripts that could be executed in the context of the user's browser, potentially compromising their data and system.

A stored cross-site scripting vulnerability has been identified in the WeGIA application, specifically within the 'informacao_adicional.php' endpoint. This issue allows attackers to inject malicious scripts into the 'descricao' parameter, which are then stored on the server. The injected scripts are executed automatically when the affected page is accessed by users, creating a significant security risk. The vulnerability arises from the application's failure to properly validate and sanitize user inputs, enabling the injection of harmful scripts that can compromise user data and systems.

A vulnerability exists in Codidact QPixel, a community knowledge-sharing software, where suggested edits in private or limited-visibility categories can be accessed by unprivileged or anonymous users through the suggested edit queue. This issue affects all versions of QPixel and has not been patched yet. Users are advised not to rely on private categories for sensitive information.

A heap-buffer overflow vulnerability has been identified in Vim versions prior to 9.1.1003. The issue arises when visual mode is active and the ':all' command is executed, causing Vim to improperly manage the visual selection. This mismanagement can lead to accessing memory beyond the intended buffer line, creating a heap-buffer overflow. The vulnerability requires user interaction, as visual mode must be enabled when the ':all' command is used.

A vulnerability exists in the Next.js project boilerplate 'next-forge' due to the inclusion of a sensitive token, BASEHUB_TOKEN, in the file 'apps/web/.env.example'. This token should not be used and any access it may have granted should be revoked.

A cross-site scripting (XSS) vulnerability exists in the Jte (Java Template Engine) HTML templates rendered with 'OwaspHtmlTemplateOutput' in versions through 3.1.15. The issue arises when templates include 'script' tags or script attributes containing JavaScript template strings (backticks). The 'javaScriptBlock' and 'javaScriptAttribute' methods in the 'Escape' class fail to properly escape backticks and dollar signs, which are crucial for JavaScript template string interpolation. As a result, malicious JavaScript can be injected and executed.

A vulnerability in NamelessMC versions through 2.1.2 allows for password resets and subsequent account takeovers. This issue arises when a user with 'admincp.core.emails' or 'admincp.users.edit' permissions manually validates another user. Unlike accounts validated via email, which receive a NULL reset code, manually validated accounts are assigned an empty reset code. An attacker can exploit this by requesting a password reset with the empty code, effectively taking over the account.

A cross-site scripting (XSS) vulnerability has been identified in NamelessMC versions through 2.1.2. This issue allows users to inject JavaScript into an additional field, which is executed when a staff member views the user's profile in the staff panel. Consequently, an attacker could run JavaScript on the staff member's computer.

A vulnerability allowing open redirect has been identified in Venki Supravizio BPM versions through 18.1.1. This open redirect can be exploited to perform reflected cross-site scripting (XSS) attacks.

A vulnerability in Venki Supravizio BPM versions through 18.0.1 allows authenticated attackers with Application Administrator access to leak NTLM hashes, potentially leading to privilege escalation on the underlying host system.

A denial-of-service vulnerability has been identified in Samsung mobile processors and modems, specifically in the Exynos 5G modem and processor series, including Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W1000, Modem 5123, Modem 5300, and Modem 5400. The issue arises because the User Equipment (UE) does not limit the number of attempts for the Radio Resource Control (RRC) Setup procedure in 5G Standalone (SA) mode. This oversight can be exploited to create a battery-drain attack, causing unnecessary power consumption and potentially leading to premature device shutdown.