A vulnerability has been found in code-projects Online Class and Exam Scheduling System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, was found in code-projects Online Class and Exam Scheduling System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in code-projects Online Class and Exam Scheduling System 1.0.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2 and classified as critical.java. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
ComfyUI-Impact-Pack is vulnerable to Path Traversal. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A buffer overflow vulnerability in GStreamer's media discovery component allows remote attackers to read sensitive stack memory and potentially crash applications. The flaw occurs when processing media files with more than 64 audio channels, causing the format_channel_mask function to read beyond array bounds. With a CVSS score of 9.1 and network-based attack vector requiring no authentication, this represents a critical risk for applications using GStreamer for media processing, though no active exploitation or public proof-of-concept has been reported.
An out-of-bounds read vulnerability exists in GStreamer's MP4 demuxer that allows remote attackers to read up to 8 bytes beyond allocated memory boundaries when processing malformed MP4 files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication by serving a malicious MP4 file, potentially exposing sensitive memory contents or causing application crashes. A proof-of-concept file (GHSL-2024-245_crash1.mp4) has been publicly disclosed, and while not currently in CISA's KEV catalog, the vulnerability has a critical CVSS score of 9.1.
A use-after-free vulnerability in GStreamer's Matroska demuxer allows remote attackers to cause denial of service or potentially disclose sensitive information by sending specially crafted Matroska media files. The vulnerability affects GStreamer versions prior to 1.24.10 and can be triggered without authentication when processing CodecPrivate elements in Matroska streams. No active exploitation has been reported (not in KEV), and no public proof-of-concept exists, though the network-accessible nature and low complexity make it a credible threat.
An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to read 4 bytes of memory beyond buffer boundaries when processing specially crafted WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can lead to information disclosure or application crashes when parsing malicious media files. While no active exploitation has been reported and the vulnerability is not listed in CISA's KEV catalog, the network-based attack vector and lack of authentication requirements make this a significant security concern for applications using GStreamer for media processing.
An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to crash applications or potentially leak sensitive memory contents when processing maliciously crafted WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication through network-accessible media processing applications. While no active exploitation has been observed in the wild (not in KEV), the vulnerability has a high CVSS score of 9.1 and detailed technical analysis is publicly available.
An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to crash applications or potentially leak sensitive memory contents when processing malformed WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication through network-accessible applications using the library. While no public exploits or KEV listings exist, the high CVSS score of 9.1 reflects the potential for both denial of service and information disclosure impacts.
An out-of-bounds read vulnerability exists in GStreamer's qtdemux component that allows reading 4 bytes beyond allocated memory boundaries when processing media files. The vulnerability affects GStreamer versions prior to 1.24.10 and can be exploited remotely without authentication to potentially expose sensitive information or cause application crashes. With a CVSS score of 9.1 and network-based attack vector, this represents a significant risk for applications using GStreamer for media processing, though no active exploitation or public proof-of-concept has been reported.
A critical out-of-bounds read vulnerability exists in GStreamer's AVI subtitle parsing functionality, allowing remote attackers to read sensitive memory contents and potentially crash applications. The vulnerability affects GStreamer versions prior to 1.24.10 and can be triggered when processing maliciously crafted AVI files with subtitle chunks. With a CVSS score of 9.1 and requiring no authentication or user interaction for exploitation, this represents a severe risk for applications using GStreamer for media processing.
A vulnerability classified as problematic was found in ClassCMS 4.8. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Habitica is an open-source habit-building program. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Habitica is an open-source habit-building program. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the exception-handling alternate stack can be exhausted, leading to heap-based out-of-bounds writes in enable(). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The LearnPress WordPress plugin before 4.2.7.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The LuckyWP Table of Contents WordPress plugin before 2.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Popup Builder WordPress plugin before 4.3.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.10 via the 'theme' attribute of the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Drag & Drop Builder. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The LearnPress WordPress plugin before 4.2.7.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the admin_upload() function in all versions up to, and including, 4.07. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The HQ Rental Software plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.29. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The de:branding plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the debranding_save() function in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
python-libarchive through 4.2.1 allows directory traversal (to create files) in extract in zip.py for ZipFile.extractall and ZipFile.extract. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows IP Routing Management Snapin Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
GFI Archiver Store Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
GFI Archiver Core Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Ajax Search Lite WordPress plugin before 4.12.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SiYuan is a personal knowledge management system. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
SiYuan is a personal knowledge management system. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
SiYuan is a personal knowledge management system. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
The issue was addressed with improved checks. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.