SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
eLabFTW is an open source electronic lab notebook manager for research teams. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
The affected product is vulnerable to a unsanitized extract folder for system configuration. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.
The affected product is vulnerable to improper input validation in the restore file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.
The affected product’s code base doesn’t properly control arguments for specific functions, which could lead to a stack overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
The affected product uses a hard-coded blowfish key for encryption/decryption processes. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
A specific function code receives a raw pointer supplied by the user and deallocates this pointer. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
The affected product does not properly control the allocation of resources. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In sanitizeSbn of NotificationManagerService.java, there is a possible way to keep service running in foreground and keep granted permissions due to Bypass of Background Service Restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In multiple methods of AAudioService, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Many of the services used by the affected product do not specify full paths for the DLLs they are loading. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.