CVE Catalog

A vulnerability exists in The Ultimate WordPress Toolkit – WP Extended plugin for WordPress, in all versions through 3.0.11. The issue arises from a lack of proper capability checks on several functions, allowing authenticated attackers with subscriber-level access or higher to import and activate arbitrary code snippets. This vulnerability could be exploited to execute the imported code, potentially leading to stored cross-site scripting.

A remote code execution vulnerability exists in the Ultimate WordPress Toolkit - WP Extended plugin, specifically in version 3.0.11. The issue arises from a lack of proper capability checks in the 'wpext_handle_snippet_update' function. This vulnerability allows authenticated attackers with Subscriber-level access and above to execute arbitrary code on the server, provided that an admin has created at least one code snippet.

A vulnerability has been identified in the window management module of Huawei's HarmonyOS. This issue arises from improper permission control, which could be exploited to affect the confidentiality of services. The vulnerability is present in multiple versions of HarmonyOS, including 4.2.0, 4.0.0, 3.0.0, 3.1.0, as well as various EMUI versions.

A vulnerability exists in the notification module of Huawei devices running HarmonyOS 5.0.0, due to variables not being properly initialized. This issue could lead to a degradation of service availability.

A vulnerability allowing instruction authentication bypass has been identified in the Findnetwork module of Huawei's HarmonyOS 5.0.0. This vulnerability may lead to abnormal feature performance.

A cross-process screen stack vulnerability has been identified in the UIExtension module of Huawei HarmonyOS 5.0.0. This vulnerability may lead to unauthorized access to service confidentiality.

A cross-process screen stack vulnerability has been identified in the UIExtension module of Huawei HarmonyOS 5.0.0. This vulnerability may lead to unauthorized access to service confidentiality.

A vulnerability exists in the NFC service module of Huawei's HarmonyOS and EMUI operating systems, specifically in versions HarmonyOS 2.0.0, 2.1.0, 3.0.0, 3.1.0, EMUI 12.0.0, 13.0.0, and 14.0.0. This vulnerability arises from native APIs not being properly implemented, which could lead to abnormal performance of certain features.

A race condition vulnerability has been identified in the Bastet module of Huawei's HarmonyOS. This vulnerability affects several different versions and ranges, including HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.0.0, HarmonyOS3.1.0, HarmonyOS2.0.0, HarmonyOS2.1.0, EMUI 14.0.0, EMUI 13.0.0, and EMUI 12.0.0. Successful exploitation of this vulnerability may impact service confidentiality.

A permission control vulnerability has been identified in the Connectivity module of Huawei's HarmonyOS. This vulnerability affects several versions of HarmonyOS, including 4.2.0, 4.0.0, 3.0.0, 3.1.0, as well as EMUI 14.0.0 and EMUI 13.0.0. Successful exploitation of this vulnerability may cause features to function abnormally.

An access control vulnerability has been identified in the identity authentication module of Huawei HarmonyOS 5.0.0. This vulnerability could be exploited to affect the confidentiality of services.

A vulnerability exists in the HUKS module of Huawei's HarmonyOS, specifically in versions 4.2.0, 4.0.0, 3.1.0, and EMUI 14.0.0. This vulnerability arises from improper protection of memory addresses, which could be exploited to affect the operating system's availability.

An input validation vulnerability has been identified in the widget framework module of Huawei HarmonyOS 5.0.0. This vulnerability arises because input parameters are not properly verified, which could lead to issues with the system's availability.

A race condition vulnerability has been identified in the distributed notification module of Huawei's HarmonyOS 5.0.0. This vulnerability can lead to abnormal feature performance.

A denial-of-service vulnerability has been identified in the management program of TXOne Networks Portable Inspector and Portable Inspector Pro Edition, both through version 1.0.0. This vulnerability arises from improper input validation, allowing remote attackers to crash the management service. While this creates a denial-of-service situation, it can be resolved by restarting the management service.

A denial-of-service vulnerability due to uncontrolled resource consumption has been identified in Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0. This vulnerability allows a remote attacker with low privileges to disrupt service, potentially causing system downtime or unresponsiveness.

A vulnerability has been identified in the ANS system service module of Huawei's HarmonyOS. This vulnerability arises from improper authentication, which could lead to abnormal feature performance. Affected versions include HarmonyOS 3.0.0, 3.1.0, 2.0.0, 2.1.0, EMUI 13.0.0, and EMUI 12.0.0.

A vulnerability has been identified in the Gallery module of Huawei's HarmonyOS, specifically in versions 3.0.0, 3.1.0, 2.0.0, 2.1.0, EMUI 13.0.0, and EMUI 12.0.0. This vulnerability arises from improper permission control, which could be exploited to affect the availability of the service.

A path traversal vulnerability has been identified in the Medialibrary module of Huawei's HarmonyOS. This vulnerability affects several versions, including HarmonyOS 3.0.0, 2.0.0, 2.1.0, EMUI 13.0.0, and EMUI 12.0.0. Successful exploitation of this vulnerability could lead to unauthorized access to files, allowing attackers to read or modify data outside of the intended directory structure, thereby impacting the integrity and confidentiality of the system.

A cross-process screen stack vulnerability has been identified in the UIExtension module of Huawei's HarmonyOS 5.0.0. This vulnerability may lead to unauthorized access to service confidentiality.

A cross-process screen stack vulnerability has been identified in the UIExtension module of Huawei HarmonyOS 5.0.0. This vulnerability may lead to unauthorized access to service confidentiality.

A use-after-free vulnerability has been identified in the device node access module of Huawei's HarmonyOS. This vulnerability can lead to service exceptions, causing disruptions in device functionality. It affects multiple versions of HarmonyOS, including 4.2.0, 4.0.0, and EMUI 14.0.0.

A command injection vulnerability has been identified in Aviatrix Controller versions prior to 7.1.4191 and 7.2.4996. The issue arises from improper sanitization of user-controlled input, which allows an unauthenticated attacker to execute arbitrary commands on the server. Exploitation can be achieved by sending shell metacharacters through specific API parameters, bypassing command validation and appending malicious payloads to the executed commands.

An information disclosure vulnerability has been identified in IBM Db2 for Linux, UNIX, and Windows, specifically in version 11.5. This vulnerability allows sensitive information to be inadvertently included in a log file under certain conditions. The issue also affects Db2 Connect Server.

A stack-based buffer overflow vulnerability has been identified in the GemaltoKeyHandle.cpp file of Apple Smart Card Services. This issue affects several macOS versions and has been addressed in the SCSSU-201801 security update.

A critical vulnerability exists in WeGIA versions prior to 3.2.8, specifically in the file upload endpoint '/WeGIA/html/socio/sistema/controller/controla_xlsx.php'. This vulnerability allows for the upload of malicious files, such as .phar files, without proper validation. Once uploaded, these files can be executed on the server, leading to remote code execution.

A Cross-Site Scripting (XSS) vulnerability exists in WeGIA versions prior to 3.2.6, specifically within the file upload feature of the 'controla_xlsx.php' endpoint. The vulnerability arises because the endpoint allows the upload of files without adequate validation, enabling the inclusion of malicious JavaScript. This could result in the execution of arbitrary scripts in the context of the user's browser, potentially leading to information theft, session hijacking, and other client-side attacks.

A vulnerability in pgAgent versions prior to 4.2.3 allows local attackers to disrupt scheduled tasks by pre-creating directories used for executing batch job scripts. The issue arises from the use of a poorly seeded random number generator for directory name generation, which creates a window of opportunity for interference.

A reflected cross-site scripting vulnerability has been identified in IceWarp Server version 10.2.1. The issue arises in the meta parameter, allowing attackers to inject malicious scripts that are executed immediately when the crafted URL is visited. This could lead to session hijacking, cookie theft, or other attacks.

A Server-Side Request Forgery (SSRF) vulnerability has been identified in I, Librarian versions prior to and including 5.11.1. The issue arises from improper input validation in the file classes/security/validation.php, allowing attackers to manipulate server-side requests.

A vulnerability exists in Bangkok Medical Software HOSxP XE version 4.64.11.3 due to a hardcoded encryption key and initialization vector (IV) in the HOSxPXE4.exe and HOS-WIN32.INI components. This flaw allows attackers to decrypt sensitive information, including privileged database credentials, potentially compromising the entire patient health database in affected deployments. The vulnerability arises from the use of a static key-IV pair with a predictable encryption algorithm, enabling unauthorized access to application secrets.

A vulnerability allowing XML External Entity (XXE) injection has been identified in Intersec Geosafe versions 2022.12, 2022.13, and 2022.14. This vulnerability enables attackers to read arbitrary files under the privileges of the running process, make Server-Side Request Forgery (SSRF) requests, or cause a Denial of Service (DoS) through unspecified vectors.

A vulnerability allowing authenticated users to access arbitrary database fields has been identified in SuiteCRM versions through 7.12.7. This issue arises from improper handling of user permissions, enabling unauthorized data access.

A deserialization vulnerability allowing authenticated users to execute arbitrary code has been identified in SuiteCRM versions through 7.12.7. This issue arises from the ability to upload malicious files using CRM functions, which can then be exploited through deserialization to achieve code execution.

A file upload vulnerability has been identified in Ovidentia version 8.3. The issue arises because the application does not properly restrict the types of files that can be uploaded. Users can exploit this by uploading a .png file containing PHP code, renaming it to a .php extension, and then accessing it through a specific URI. This flaw allows for remote code execution on the server.

A privilege escalation vulnerability has been identified in EyesOfNetwork (EON) versions through 5.3.11. This issue arises because Nmap can be executed with root privileges, allowing an attacker to gain complete control over the server.

A stack buffer overflow vulnerability has been identified in PX4-Autopilot version 1.14.3, specifically within the MAVLink receiver module. This vulnerability arises from improper validation of the size of the 'serial_control_mavlink.count' and 'serial_control_mavlink.data' fields. When a MAVLink message of type 'SERIAL_CONTROL' is received, the vulnerability can be exploited, leading to a program crash and a denial-of-service condition during software simulation.

A cross-site scripting (XSS) vulnerability has been identified in code-projects Online Book Shop version 1.0. The issue resides in the file /subcat.php, where the parameter catnm is not properly validated before being output, allowing for injection of malicious scripts. This vulnerability can be exploited remotely and requires user interaction.

A vulnerability in the Motorola SM56 Modem WDM Driver, specifically in the SmSerl64.sys file, version 6.12.23.0, allows low-privileged users to map physical memory through specially crafted IOCTL requests. This vulnerability can be exploited for privilege escalation, leading to code execution with elevated rights and unauthorized information disclosure. Additionally, these signed drivers could potentially bypass the Microsoft driver-signing policy to execute malicious code.

A vulnerability in the SUNIX Parallel Driver x64 version 10.1.0.0 has been identified in the driver file snxppamd.sys. This vulnerability allows low-privileged users to read and write arbitrary I/O ports by sending specially crafted IOCTL requests. Exploitation of this vulnerability could lead to privilege escalation, execution of code with elevated rights, and unauthorized information disclosure. Additionally, these signed drivers could be misused to circumvent the Microsoft driver-signing policy, enabling the deployment of malicious software.

A vulnerability in the SUNIX Serial Driver x64 version 10.1.0.0 has been identified in the driver file snxpsamd.sys. This vulnerability allows low-privileged users to read and write to arbitrary I/O ports by sending specially crafted IOCTL requests. The issue can be exploited for privilege escalation, enabling code execution with elevated rights, and unauthorized information disclosure. Additionally, these signed drivers could potentially circumvent the Microsoft driver-signing policy to execute malicious code.

A vulnerability in the snxpcamd.sys driver of the SUNIX Multi I/O Card, version 10.1.0.0, allows low-privileged users to perform arbitrary read and write operations on I/O ports. This is achieved by sending specially crafted IOCTL requests. The vulnerability could be exploited for privilege escalation, executing code with elevated rights, and unauthorized information access. Additionally, since these drivers are signed, they could potentially circumvent the Microsoft driver-signing policy to introduce malicious software.

Multiple command injection vulnerabilities have been identified in the web interface of the HPE Aruba Networking 501 Wireless Client Bridge, specifically in versions through V2.1.1.0-B0030. These vulnerabilities allow authenticated users to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.

Multiple command injection vulnerabilities have been identified in the web interface of the HPE Aruba Networking 501 Wireless Client Bridge, specifically in version 2.1.1.0-B0030 and below. These vulnerabilities allow authenticated users to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.

A file upload bypass vulnerability has been identified in AdPortal version 3.0.39. This vulnerability allows remote attackers to execute arbitrary code by exploiting the file upload functionality.

A cross-site scripting (XSS) vulnerability has been identified in iPublish Media Solutions AdPortal version 3.0.39. This vulnerability allows remote attackers to inject malicious scripts that could be executed in the context of the user's browser. The issue arises from the shippingAsBilling parameter in the updateuserinfo.html file, which can be exploited to escalate privileges.

A server-side template injection vulnerability has been identified in AdPortal version 3.0.39. This vulnerability allows remote attackers to execute arbitrary code by manipulating the shippingAsBilling and firstname parameters in the updateuserinfo.html file.

An authorization bypass vulnerability has been identified in AIMS eCrew, affecting multiple functions. This issue allows for unauthorized actions or access by bypassing authentication mechanisms. The vulnerability has been addressed in version JUN23 #190.

A privilege escalation vulnerability exists in the Splunk App for SOAR, specifically in versions 1.0.67 and earlier. The issue arises because the Splunk documentation for these versions recommended granting the 'admin_all_objects' capability to the 'splunk_app_soar' role. This could result in improper access control, allowing low-privileged users without 'admin' roles to gain elevated permissions.

A DOM-based cross-site scripting vulnerability has been identified in the Ali Alpha Price Table For Elementor plugin, affecting versions through 1.0.8. This issue arises from improper input sanitization during web page generation, allowing malicious actors to inject and execute harmful scripts on the site.