TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability.
Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in load_data.php via the userid parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the tracert page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A stack-based buffer overflow vulnerability exists in GStreamer's AV1 video parsing functionality that allows remote attackers to execute arbitrary code when processing specially crafted AV1 video files. The vulnerability affects all versions of GStreamer prior to the patched release and requires user interaction to exploit, though attack vectors may vary depending on implementation. With an EPSS score of 9.18% (93rd percentile), this vulnerability has a higher-than-average likelihood of exploitation in the wild, though it is not currently listed in CISA's KEV catalog.
Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allows an attacker to obtain sensitive information via the download_file.php component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A heap-based buffer overflow vulnerability in GStreamer's PGS (Presentation Graphic Stream) subtitle file parser allows remote attackers to execute arbitrary code when processing malicious subtitle files. The vulnerability affects all GStreamer installations and requires user interaction to exploit, typically by opening a media file with crafted PGS subtitles. With an EPSS score of 7.71% (92nd percentile), this vulnerability represents a significant exploitation risk in the wild.
kurwov is a fast, dependency-free library for creating Markov Chains. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A critical integer overflow vulnerability in GStreamer's MXF (Material eXchange Format) video file parser allows remote attackers to execute arbitrary code when processing specially crafted media files. The vulnerability affects all versions of GStreamer prior to the patched releases and requires user interaction (such as opening a malicious video file) to exploit, with an EPSS score of 6.53% indicating moderate real-world exploitation likelihood. While not currently listed in CISA's KEV catalog, the vulnerability has a high CVSS score of 8.8 and patches are available from the vendor.
Vditor 3.10.3 allows XSS via an attribute of an A element. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
The Gutenverse WordPress plugin before 1.9.1 does not validate the htmlTag option in various of its block before outputting it back in a page/post where the block is embed, which could allow users. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin through 1.8.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Savsoft Quiz 6.0 allows stored XSS via the index.php/quiz/insert_quiz/ quiz_name parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A stack-based buffer overflow vulnerability in GStreamer's H265 video parsing functionality allows remote attackers to execute arbitrary code when processing maliciously crafted H265 encoded video files. The vulnerability affects all GStreamer installations and requires user interaction (such as opening a malicious video file) but can lead to full system compromise in the context of the running application. With an EPSS score of 6.22% (91st percentile), this vulnerability has a higher-than-average likelihood of exploitation in the wild, and patches are available from the vendor.
A heap-based buffer overflow vulnerability exists in GStreamer's AV1 codec parsing functionality that allows remote attackers to execute arbitrary code. The vulnerability affects all versions of GStreamer prior to the patched release and requires user interaction to exploit, such as opening a malicious AV1 video file. With a CVSS score of 8.8 and patches available since the disclosure, this represents a high-risk vulnerability for applications using GStreamer for media processing.
A critical integer overflow vulnerability in GStreamer's FLAC file parsing functionality allows remote attackers to execute arbitrary code when processing malicious FLAC audio files. The vulnerability affects all versions of GStreamer prior to the patched release and requires user interaction (opening/processing a malicious file) to exploit. With an EPSS score of 5.34% (90th percentile), this vulnerability poses a significant real-world risk, though no active exploitation has been reported in KEV.
An arbitrary file upload vulnerability in Zhongcheng Kexin Ticketing Management Platform 20.04 allows attackers to execute arbitrary code via uploading a crafted file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The JsonToBinaryStream() function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SQL injection vulnerability in Gescen on the centrosdigitales.net platform. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An integer overflow vulnerability in GStreamer's RealMedia file parsing functionality allows remote attackers to execute arbitrary code when processing malicious MDPR chunks. The vulnerability affects GStreamer version 1.22.3 and potentially earlier versions, requiring user interaction to trigger but potentially exploitable through various attack vectors depending on implementation. With an EPSS score of 4.97% (90th percentile), this vulnerability poses a significant exploitation risk and has patches available from the vendor.
A heap-based buffer overflow vulnerability in GStreamer's SRT subtitle file parsing functionality allows remote attackers to execute arbitrary code when processing maliciously crafted SRT files. The vulnerability affects all versions of GStreamer and requires user interaction (such as opening a malicious subtitle file), making it particularly dangerous for media players and applications that use GStreamer for subtitle processing. With an EPSS score of 4.74% (89th percentile), this vulnerability has a higher-than-average likelihood of exploitation in the wild.
A critical integer overflow vulnerability exists in GStreamer's RealMedia file parser that allows remote code execution when processing specially crafted MDPR chunks. The vulnerability affects GStreamer version 1.22.3 and potentially earlier versions, enabling attackers to execute arbitrary code in the context of the current process through maliciously crafted RealMedia files. With an EPSS score of 4.54% (89th percentile), this vulnerability has a higher-than-average likelihood of exploitation in the wild, though it requires user interaction to trigger.
A critical integer overflow vulnerability in GStreamer's MXF (Material Exchange Format) video file parser allows remote attackers to execute arbitrary code on affected systems. The vulnerability affects all versions of GStreamer prior to the patched releases and requires user interaction (opening a malicious MXF file) to exploit, with an EPSS score of 4.28% indicating moderate real-world exploitation likelihood. While not currently listed in CISA's Known Exploited Vulnerabilities catalog, the vulnerability has a high CVSS score of 8.8 and patches are available from the vendor.
A use-after-free vulnerability in GStreamer's MXF (Material Exchange Format) video file parser allows remote attackers to execute arbitrary code when processing specially crafted MXF files. The vulnerability affects all GStreamer installations and requires user interaction such as opening a malicious video file, with an EPSS score of 4.17% indicating moderate real-world exploitation likelihood. While not currently in CISA's KEV catalog, the vulnerability has a patch available and was discovered through responsible disclosure by the Zero Day Initiative.
PWAsForFirefox is a tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available.
Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Carousel Slider WordPress plugin before 2.2.10 does not validate and escape some of its Slide options before outputting them back in the page/post where the related Slide shortcode is embed,. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the getTimeZone function. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Pterodactyl wings is the server control plane for Pterodactyl Panel. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity.
Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a SQL injection vulnerability via the tuser_Number parameter at search_user.aspx. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. Public exploit code available.
A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld Technologies Inc eScan Antivirus could allow privilege escalation for low-privileged users. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Unquoted path or search item vulnerability in SugarSync versions prior to 4.1.3 for Windows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in ShortPixel ShortPixel Critical CSS shortpixel-critical-css.0.2. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 (ships with BC Java 1.78, BC Java (LTS) 2.73.6) and before BC FIPS TLS Java 1.0.19. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mullvad VPN through 2024.1 on Android does not set a DNS server in the blocking state (after a hard failure to create a tunnel), and thus DNS traffic can leave the device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon allows Reflected XSS.2.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.