AtRisk June 13, 2024 Vol. XXIV

Jump to:

Internet Storm Center Spotlight
Recent CVEs
Sponsors
Read More

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html Microsoft Patch Tuesday June 2024 Published: 2024-06-11 Last Updated: 2024-06-11 19:06:06 UTC by Johannes Ullrich (Version: 1) Microsoft's June 2024 update fixes a total of 58 vulnerabilities. 7 of these vulnerabilities are associated with Chromium and Microsoft's Brave browser. Only one vulnerability is rated critical. One of the vulnerabilities had been disclosed before today. Vulnerabilities of Interest: CVE-2023-50868 NSEC closest enclosed proof can exhaust CPU: This issue became public in February. It affects not only Microsoft's DNS implementations but several other DNS servers. The vulnerability was made public by researchers from several German universities and research labs. They called it "KEYTRAP" and released a paper with details ... CVE-2024-30080 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability: MSMQ is the service that keeps on giving. The tricky part with MSMQ is that third party software often uses it. MSMQ usually listens on port port 1801/TCP. We do see a good amount of "background hum" on port 1801, and I do not see a good reason to expose it to the internet. Read the full entry: https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+June+2024/31000/ Attacker Probing for New PHP Vulnerability CVE-2024-4577 Published: 2024-06-09 Last Updated: 2024-06-09 21:03:28 UTC by Johannes Ullrich (Version: 1) Our honeypots have detected the first probes for CVE-2024-4577. This vulnerability was originally discovered by Orange Tsai on Friday (June 7th). Watchtwr labs followed up with a detailed blog post and a proof of concept exploit. Watchtwr Labs says PHP is only vulnerable if used in CGI mode in Chinese and Japanese locales. According to Orange Tsai, other locales may be vulnerable as well. In CGI mode on Windows, the web server will execute "php.exe" and pass user-supplied parameters as command line or environment variables. This may potentially lead to OS command injection, a vulnerability I just covered last week in a video. As parameters are passed from Apache to the command line, Apache will escape hyphens and render them harmless. However, an attacker may provide a "soft hyphen" (Unicode code point 0x00AD). PHP performs "best fit mapping" on characters passed on the command line, translating it to a dash. This allows an attacker to bypass the Apache escape process, and inject dashes. With that, an attacker can supply command line arguments to php.exe. A possibly choice outlined by Watchtwr is ... Read the full entry: https://isc.sans.edu/diary/Attacker+Probing+for+New+PHP+Vulnerablity+CVE20244577/30994/ Brute Force Attacks Against Watchguard VPN Endpoints Published: 2024-06-05 Last Updated: 2024-06-05 14:05:58 UTC by Johannes Ullrich (Version: 1) If you have a pulse and work in information security (or are a new scraping script without a pulse), you have probably seen reports of attacks against VPN endpoints. Running any VPN without strong authentication has been negligent for years, but in recent times, ransomware gangs, in particular, picked them off pretty quickly. One of our honeypots just saw an attacker move through, attempting to brute force a Watchguard firewall VPN. I haven't seen much written about Watchguard lately, so I figured this may be a good reminder. The requests I was seeing against one honeypot in particular ... Read the full entry: https://isc.sans.edu/diary/Brute+Force+Attacks+Against+Watchguard+VPN+Endpoints/30984/

Finding End of Support Dates: UK PTSI Regulation (2024.06.07) https://isc.sans.edu/diary/Finding+End+of+Support+Dates+UK+PTSI+Regulation/30992/

Malicious Python Script with a "Best Before" Date (2024.06.06) https://isc.sans.edu/diary/Malicious+Python+Script+with+a+Best+Before+Date/30988/

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

Product: PHPCVSS Score: 9.8** KEV since 2024-06-12 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4577ISC Diary: https://isc.sans.edu/diary/30994ISC Podcast: https://isc.sans.edu/podcastdetail/9016NVD References: - http://www.openwall.com/lists/oss-security/2024/06/07/1- https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html- https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/- https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately NVD References: https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/NVD References: https://github.com/11whoami99/CVE-2024-4577NVD References: https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jvNVD References: https://github.com/rapid7/metasploit-framework/pull/19247NVD References: https://github.com/watchtowrlabs/CVE-2024-4577NVD References: https://github.com/xcanwin/CVE-2024-4577-PHP-RCENVD References: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/NVD References: https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/NVD References: https://www.php.net/ChangeLog-8.php#8.1.29NVD References: https://www.php.net/ChangeLog-8.php#8.2.20NVD References: https://www.php.net/ChangeLog-8.php#8.3.8CVE-2024-30080 - Microsoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityProduct: Microsoft Message Queuing (MSMQ)CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30080ISC Diary: https://isc.sans.edu/diary/31000NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30080CVE-2024-29849 - Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.Product: Veeam Backup Enterprise ManagerCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29849ISC Podcast: https://isc.sans.edu/podcastdetail/9018CVE-2024-4610 - Arm Ltd Bifrost and Valhall GPU Kernel Drivers from r34p0 through r40p0 allow local non-privileged users to access already freed memory through improper GPU memory processing operations.Product: Arm Bifrost Gpu Kernel DriverCVSS Score: 5.5** KEV since 2024-06-12 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4610NVD References: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20VulnerabilitiesCVE-2024-29972 & CVE-2024-29973 - Zyxel NAS326 and NAS542 are vulnerable to command injectionProduct: Zyxel NAS326CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29972NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29973NVD References: - https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024CVE-2024-29974 - Zyxel NAS326 and NAS542 are vulnerable to remote code execution via crafted configuration file uploads.Product: Zyxel NAS326CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29974NVD References: - https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024CVE-2024-4552 - The Social Login Lite For WooCommerce plugin for WordPress is vulnerable to authentication bypass through social login, allowing unauthenticated attackers to log in as any existing user on the site, up to version 1.6.0.Product: WordPress Social Login Lite For WooCommerce pluginCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4552NVD References: - https://plugins.trac.wordpress.org/browser/social-login-lite-for-woocommerce/tags/1.6.0/woocommerce_social_login.php#L499- https://www.wordfence.com/threat-intel/vulnerabilities/id/f91d6ad6-82fc-4507-90e2-aedfff26bac5?source=cveCVE-2023-33930 - Unlimited Elements For Elementor (Free Widgets, Addons, Templates) before version 1.5.66 allows Code Injection through unrestricted upload of dangerous file types.Product: Unlimited Elements For ElementorCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33930NVD References: https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-66-unrestricted-zip-extraction-vulnerability?_s_id=cveCVE-2024-25600 - Bricks Builder by Codeer Limited is vulnerable to Code Injection from versions n/a through 1.9.6.Product: Codeer Limited Bricks BuilderCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25600NVD References: - https://github.com/Chocapikk/CVE-2024-25600- https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT- https://patchstack.com/articles/critical-rce-patched-in-bricks-builder-theme?_s_id=cve- https://patchstack.com/database/vulnerability/bricks/wordpress-bricks-theme-1-9-6-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve- https:…

Product: Microsoft Message Queuing (MSMQ) CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30080 ISC Diary: https://isc.sans.edu/diary/31000 NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30080

Product: Veeam Backup Enterprise Manager CVSS Score: 0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29849 ISC Podcast: https://isc.sans.edu/podcastdetail/9018

Product: Arm Bifrost Gpu Kernel Driver CVSS Score: 5.5 ** KEV since 2024-06-12 ** NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4610 NVD References: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

CVE-2024-29972 & CVE-2024-29973 - Zyxel NAS326 and NAS542 are vulnerable to command injection Product: Zyxel NAS326 CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29972 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29973 NVD References: - https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/ - https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024

Product: Zyxel NAS326 CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29974 NVD References: - https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/ - https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024

Product: WordPress Social Login Lite For WooCommerce plugin CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4552 NVD References: - https://plugins.trac.wordpress.org/browser/social-login-lite-for-woocommerce/tags/1.6.0/woocommerce_social_login.php#L499 - https://www.wordfence.com/threat-intel/vulnerabilities/id/f91d6ad6-82fc-4507-90e2-aedfff26bac5?source=cve

Product: Unlimited Elements For Elementor CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33930 NVD References: https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-66-unrestricted-zip-extraction-vulnerability?_s_id=cve

Product: Codeer Limited Bricks BuilderCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25600NVD References: - https://github.com/Chocapikk/CVE-2024-25600- https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT- https://patchstack.com/articles/critical-rce-patched-in-bricks-builder-theme?_s_id=cve- https://patchstack.com/database/vulnerability/bricks/wordpress-bricks-theme-1-9-6-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve- https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6CVE-2024-33560 - XStore is vulnerable to improper limitation of a pathname, allowing PHP local file inclusion from n/a through 9.3.8.Product: 8theme XStoreCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33560NVD References: https://patchstack.com/database/vulnerability/xstore/wordpress-xstore-theme-9-3-5-unauthenticated-local-file-inclusion-vulnerability?_s_id=cveCVE-2024-34551 - Stockholm: from n/a through 9.6 is vulnerable to a Path Traversal issue allowing PHP Local File Inclusion.Product: Select-Themes StockholmCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34551NVD References: https://patchstack.com/database/vulnerability/stockholm/wordpress-stockholm-theme-9-6-unauthenticated-local-file-inclusion-vulnerability?_s_id=cveCVE-2024-35629 - Wow-Company Easy Digital Downloads – Recent Purchases is vulnerable to PHP Remote File Inclusion due to improper control of filename for include/require statement.Product: Wow-Company Easy Digital DownloadsCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35629NVD References: https://patchstack.com/database/vulnerability/edd-recent-purchases/wordpress-easy-digital-downloads-recent-purchases-plugin-1-0-2-remote-file-inclusion-vulnerability?_s_id=cveCVE-2024-35700 - Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8.Product: Userpro plugin CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35700NVD References: https://patchstack.com/database/vulnerability/userpro/wordpress-userpro-plugin-5-1-8-unauthenticated-account-takeover-vulnerability?_s_id=cveCVE-2024-36400 - Nano-id is a unique string ID generator for Rust that incorrectly generated IDs with a reduced character set, leading to predictability and vulnerability in security-sensitive contexts.Product: Viz Nano IDCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36400NVD References: - https://github.com/viz-rs/nano-id/commit/a9022772b2f1ce38929b5b81eccc670ac9d3ab23- https://github.com/viz-rs/nano-id/security/advisories/GHSA-9hc7-6w9r-wj94CVE-2024-35670 - Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93.Product: Softlab Integrate Google DriveCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35670NVD References: https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cveCVE-2024-35672 - Missing Authorization vulnerability in Netgsm. This issue affects Netgsm: from n/a through 2.9.16.Product: Netgsm CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35672NVD References: https://patchstack.com/database/vulnerability/netgsm/wordpress-netgsm-plugin-2-9-16-broken-access-control-vulnerability-2?_s_id=cveCVE-2024-36604 - Tenda O3V2 v1.0.0.12(3880) is vulnerable to Blind Command Injection via stpEn parameter, enabling attackers to run arbitrary codes as root.Product: Tenda O3V2CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36604NVD References: https://exzettabyte.me/blind-command-injection-in-stp-service-on-tenda-o3v2/CVE-2024-36858 & CVE-2024-37273 - Jan v0.4.12 is vulnerable to arbitrary file upload flawsProduct: Homebrew JanCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36858NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37273NVD References: https://github.com/HackAllSec/CVEs/tree/main/Jan%20Arbitrary%20File%20Upload%20vulnerabilityCVE-2024-28103 - Action Pack does not properly handle the application configurable Permissions-Policy in non-HTML responses, leading to a vulnerability in versions prior to 6.1.7.8, 7.0.8.2, and 7.1.3.3.Product: Rubyonrails RailsCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28103NVD References: - https://github.com/rails/rails/commit/35858f1d9d57f6c4050a8d9ab754bd5d088b4523- https://github.com/rails/rails/security/advisories/GHSA-fwhr-88qx-h9g7CVE-2024-4219 - BeyondInsight is vulnerable to server-side request forgery prior to version 23.2 via HTTP-based connectors.Product: BeyondTrust BeyondInsightCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4219NVD References: https://www.beyondtrust.com/trust-center/security-advisories/BT24-05CVE-2024-36121 - Netty-incubator-codec-ohttp is vulnerable to an encryption nonce repetition attack due to err…

Product: 8theme XStore CVSS Score: 9.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33560 NVD References: https://patchstack.com/database/vulnerability/xstore/wordpress-xstore-theme-9-3-5-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve

Product: Select-Themes Stockholm CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34551 NVD References: https://patchstack.com/database/vulnerability/stockholm/wordpress-stockholm-theme-9-6-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve

Product: Wow-Company Easy Digital Downloads CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35629 NVD References: https://patchstack.com/database/vulnerability/edd-recent-purchases/wordpress-easy-digital-downloads-recent-purchases-plugin-1-0-2-remote-file-inclusion-vulnerability?_s_id=cve

Product: Userpro plugin CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35700 NVD References: https://patchstack.com/database/vulnerability/userpro/wordpress-userpro-plugin-5-1-8-unauthenticated-account-takeover-vulnerability?_s_id=cve

Product: Viz Nano ID CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36400 NVD References: - https://github.com/viz-rs/nano-id/commit/a9022772b2f1ce38929b5b81eccc670ac9d3ab23 - https://github.com/viz-rs/nano-id/security/advisories/GHSA-9hc7-6w9r-wj94

Product: Softlab Integrate Google Drive CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35670 NVD References: https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cve

Product: Netgsm CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35672 NVD References: https://patchstack.com/database/vulnerability/netgsm/wordpress-netgsm-plugin-2-9-16-broken-access-control-vulnerability-2?_s_id=cve

Product: Tenda O3V2 CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36604 NVD References: https://exzettabyte.me/blind-command-injection-in-stp-service-on-tenda-o3v2/

CVE-2024-36858 & CVE-2024-37273 - Jan v0.4.12 is vulnerable to arbitrary file upload flaws Product: Homebrew Jan CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36858 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37273 NVD References: https://github.com/HackAllSec/CVEs/tree/main/Jan%20Arbitrary%20File%20Upload%20vulnerability

Product: Rubyonrails Rails CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28103 NVD References: - https://github.com/rails/rails/commit/35858f1d9d57f6c4050a8d9ab754bd5d088b4523 - https://github.com/rails/rails/security/advisories/GHSA-fwhr-88qx-h9g7

Product: BeyondTrust BeyondInsight CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4219 NVD References: https://www.beyondtrust.com/trust-center/security-advisories/BT24-05

Product: Netty-Incubator-Codec-Ohttp CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36121 NVD References: - https://github.com/netty/netty-incubator-codec-ohttp/blob/1ddadb6473cd3be5491d114431ed4c1a9f316001/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLAEADContext.java#L112-L114 - https://github.com/netty/netty-incubator-codec-ohttp/security/advisories/GHSA-g762-h86w-8749

Product: Lylme Spage CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36675 NVD References: https://github.com/LyLme/lylme_spage/issues/92

CVE-2024-5635 & CVE-2024-5636- itsourcecode Bakery Online Ordering System 1.0 is vulnerable to critical SQL injection attacks Product: Bakery Online Ordering System Project CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5635 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5636 NVD References: - https://github.com/L1OudFd8cl09/CVE/blob/main/03_06_2024_a.md - https://vuldb.com/?ctiid.267091 - https://vuldb.com/?ctiid.267092 - https://vuldb.com/?id.267091 - https://vuldb.com/?id.267092 - https://vuldb.com/?submit.349244 - https://vuldb.com/?submit.349247

Product: ProjectDiscovery Interactsh CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5262 NVD References: - https://github.com/projectdiscovery/interactsh/pull/874 - https://zuso.ai/advisory/za-2024-01

Product: Email Subscribers by Icegram Express plugin for WordPress CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4295 NVD References: - https://plugins.trac.wordpress.org/changeset/3090845/email-subscribers/trunk/lite/includes/db/class-es-db-lists-contacts.php - https://www.wordfence.com/threat-intel/vulnerabilities/id/641123af-1ec6-4549-a58c-0a08b4678f45?source=cve

Product: Grafana OnCall CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5526 NVD References: https://grafana.com/security/security-advisories/cve-2024-5526/

Product: ABB Busch-Jaeger CVSS Score: 9.6 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4008 NVD References: https://search.abb.com/library/Download.aspx?DocumentID=9AKK108464A0803&LanguageCode=en&DocumentPartId=&Action=Launch

Product: ABB Busch-Jaeger CVSS Score: 9.2 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4009 NVD References: https://search.abb.com/library/Download.aspx?DocumentID=9AKK108464A0803&LanguageCode=en&DocumentPartId=&Action=Launch

Product: Startklar Elementor Addons plugin CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5153 NVD References: - https://plugins.trac.wordpress.org/browser/startklar-elmentor-forms-extwidgets/trunk/widgets/dropzone_form_field.php#L334 - https://www.wordfence.com/threat-intel/vulnerabilities/id/baa20290-9c01-4f8d-adeb-fbfb15b9d6a9?source=cve

Product: Bitdefender GravityZone CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4177 NVD References: - https://bitdefender.com/consumer/support/support/security-advisories/host-whitelist-parser-issue-in-gravityzone-console-on-premise-va-11554/ - https://www.cve.org/CVERecord?id=CVE-2024-4177

Product: SysAid CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36393 NVD References: https://www.gov.il/en/Departments/faq/cve_advisories

Product: SysAid CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36394 NVD References: https://www.gov.il/en/Departments/faq/cve_advisories

Product: Stock Management System Project CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36779 NVD References: https://github.com/CveSecLook/cve/issues/42

Product: Summar Mentor CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5675 NVD References: https://www.incibe.es/en/incibe-cert/notices/aviso/unreliable-data-deserialization-vulnerability-mentor

Product: Quiz and Survey Master Best Quiz, Exam and Survey Plugin for WordPress CVSS Score: 9.9 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3592 NVD References: - https://plugins.trac.wordpress.org/changeset/3097878/quiz-master-next/trunk/php/admin/options-page-questions-tab.php - https://www.wordfence.com/threat-intel/vulnerabilities/id/fc085413-db43-43e3-9b60-aeb341eed4e1?source=cve

Product: Clash for Windows CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5732 NVD References: - https://github.com/GTA12138/vul/blob/main/clash%20for%20windows.md - https://vuldb.com/?ctiid.267406 - https://vuldb.com/?id.267406 - https://vuldb.com/?submit.345469 CVE-2024-5733 - itsourcecode Online Discussion Forum 1.0 is vulnerable to a critical SQL injection flaw in register_me.php due to inadequate processing of the eaddress argument, allowing for remote exploitation with a publicly disclosed exploit (VDB-267407). Product: itsourcecode Online Discussion Forum 1.0 CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5733 NVD References: - https://github.com/kingshao0312/cve/issues/1 - https://vuldb.com/?ctiid.267407 - https://vuldb.com/?id.267407 - https://vuldb.com/?submit.351115 CVE-2024-36673 - Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable to SQL Injection in login.php due to insufficient input validation, enabling unauthorized users to inject harmful SQL queries. Product: Pharmacy/Medical Store Point Of Sale System Project CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36673 NVD References: https://github.com/CveSecLook/cve/issues/39 CVE-2024-31244 - Missing Authorization vulnerability in Bricksforge. This issue affects Bricksforge from n/a through 2.0.17. Product: Bricksforge CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31244 NVD References: https://patchstack.com/database/vulnerability/bricksforge/wordpress-bricksforge-plugin-2-0-17-unauthenticated-arbitrary-wordpress-settings-change-vulnerability?_s_id=cve CVE-2024-33565 - UkrSolution Barcode Scanner with Inventory & Order Manager is vulnerable to Missing Authorization from n/a through 1.5.3. Product: UkrSolution Barcode Scanner with Inventory & Order Manager CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33565 NVD References: https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-3-unauthenticated-broken-access-control-vulnerability?_s_id=cve CVE-2024-34762 - WPENGINE INC Advanced Custom Fields PRO is vulnerable to Path Traversal and PHP Local File Inclusion due to improper limitation of a pathname discovered during a security audit. Product: WPENGINE INC Advanced Custom Fields PRO CVSS Score: 9.9 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34762 NVD References: https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-2-10-contributor-local-file-inclusion-vulnerability?_s_id=cve CVE-2024-35677 - MegaMenu by StylemixThemes allows PHP Local File Inclusion via Path Traversal, impacting versions up to 2.3.12. Product: StylemixThemes MegaMenu CVSS Score: 9.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35677 NVD References: https://patchstack.com/database/vulnerability/stm-megamenu/wordpress-megamenu-plugin-2-3-12-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve CVE-2024-37051 - IntelliJ IDEA versions prior to 2023.1.7 may expose GitHub access token to third-party sites in JetBrains IDEs. Product: JetBrains: All JetBrains IDEs CVSS Score: 9.3 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37051 NVD References: https://www.jetbrains.com/privacy-security/issues-fixed/ CVE-2024-35746 - BuddyPress Cover has a vulnerability that allows code injection through unrestricted file uploads of dangerous types. Product: Asghar Hatampoor BuddyPress Cover CVSS Score: 10.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35746 NVD References: https://patchstack.com/database/vulnerability/bp-cover/wordpress-buddypress-cover-plugin-2-1-4-2-arbitrary-file-upload-vulnerability?_s_id=cve CVE-2024-36408 through CVE-2024-36412 - SuiteCRM SQL Injection vulnerabilities Product: SuiteCRM CVSS Scores: 9.6 - 10.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36408 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36409 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36410 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36411 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36412 NVD References: - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-2g8f-gjrr-x5cg - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-pxq4-vw23-v73f - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-7jj8-m2wj-m6xq - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-9rvr-mcrf-p4p7 - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-xjx2-38hv-5hh8 CVE-2024-36415 - SuiteCRM is vulnerable to remote code execution due to a flaw in uploaded file verification prior to versions 7.14.4 and 8.6.1. Product: SuiteCRM CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36415 NVD References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-c82f-58jv-jfrh CVE-2024-3549 - The Blog2Social plugin for WordPress is vulnerable to SQL Injection, allowing authenticated attackers to extract sensitive data from the database. Product: Blog2Social Social Media Auto Post & Scheduler CVSS Score: 9.9 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3549 NVD References: - https://plugins.trac.wordpress.org/changeset/3069574/blog2social/trunk/includes/B2S/Post/Item.php - https://www.wordfence.com/threat-intel/vulnerabilities/id/3b472eb8-9808-4a50-b2b4-0b0b3256053f?source=cve CVE-2024-36266 - PowerSys (All versions < V3.11) is vulnerable to authentication bypass, potentially granting local attackers administrative privileges on managed remote devices. Product: Power Measurement PowerSys CVSS Score: 9.3 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36266 NVD References: https://cert-portal.siemens.com/productcert/html/ssa-024584.html CVE-2024-2012 & CVE-2024-2013 - FOXMAN-UN/UNEM server/API Gateway component authentication bypass vulnerabilities Product: FOXMAN-UN/UNEM server/API Gateway CVSS Scores: 9.1 - 10.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2013 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2012 NVD References: https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true CVE-2024-35213 - QNX SDP versions 6.6, 7.0, and 7.1 are vulnerable to improper input validation in the SGI Image Codec, potentially enabling a denial-of-service attack or code execution by an attacker. Product: QNX SDP CVSS Score: 9.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35213 NVD References: https://support.blackberry.com/pkb/s/article/139914 CVE-2024-37301 - Document Merge Service is vulnerable to remote code execution via server-side template injection in versions 6.5.1 and prior, allowing for full system takeover with no available patch or workaround. Product: Fossun Document Merge Service CVSS Score: 9.9 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37301 NVD References: https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6 CVE-2024-35225 - Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them, with versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 vulnerable to a reflected cross-site scripting (XSS) issue in the `/proxy` endpoint. Product: Jupyter Server Proxy CVSS Score: 9.6 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35225 NVD References: - https://github.com/jupyterhub/jupyter-server-proxy/blob/62a290f08750f7ae55a0c29ca339c9a39a7b2a7b/jupyter_server_proxy/handlers.py#L328 - https://github.com/jupyterhub/jupyter-server-proxy/commit/7abc9dc5bbb0b4b440548a5375261b8b8192fc22 - https://github.com/jupyterhub/jupyter-server-proxy/commit/ff78128087e73fb9d0909e1366f8bf051e8ea878 - https://github.com/jupyterhub/jupyter-server-proxy/security/advisories/GHSA-fvcq-4x64-hqxr CVE-2023-50868 - The Closest Encloser Proof aspect of the DNS protocol allows remote attackers to cause a denial of service by consuming CPU for SHA-1 computations in a random subdomain attack. Product: No vendor name or vulnerable product is mentioned in the given vulnerability description. CVSS Score: 0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50868 ISC Diary: https://isc.sans.edu/diary/31000

Product: Pharmacy/Medical Store Point Of Sale System Project CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36673 NVD References: https://github.com/CveSecLook/cve/issues/39

Product: Bricksforge CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31244 NVD References: https://patchstack.com/database/vulnerability/bricksforge/wordpress-bricksforge-plugin-2-0-17-unauthenticated-arbitrary-wordpress-settings-change-vulnerability?_s_id=cve

Product: UkrSolution Barcode Scanner with Inventory & Order Manager CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33565 NVD References: https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-3-unauthenticated-broken-access-control-vulnerability?_s_id=cve

Product: WPENGINE INC Advanced Custom Fields PRO CVSS Score: 9.9 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34762 NVD References: https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-2-10-contributor-local-file-inclusion-vulnerability?_s_id=cve

Product: StylemixThemes MegaMenu CVSS Score: 9.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35677 NVD References: https://patchstack.com/database/vulnerability/stm-megamenu/wordpress-megamenu-plugin-2-3-12-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve

Product: JetBrains: All JetBrains IDEs CVSS Score: 9.3 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37051 NVD References: https://www.jetbrains.com/privacy-security/issues-fixed/

Product: Asghar Hatampoor BuddyPress Cover CVSS Score: 10.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35746 NVD References: https://patchstack.com/database/vulnerability/bp-cover/wordpress-buddypress-cover-plugin-2-1-4-2-arbitrary-file-upload-vulnerability?_s_id=cve

Product: SuiteCRM CVSS Scores: 9.6 - 10.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36408 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36409 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36410 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36411 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36412 NVD References: - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-2g8f-gjrr-x5cg - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-pxq4-vw23-v73f - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-7jj8-m2wj-m6xq - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-9rvr-mcrf-p4p7 - https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-xjx2-38hv-5hh8

Product: SuiteCRM CVSS Score: 9.1 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36415 NVD References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-c82f-58jv-jfrh

Product: Blog2Social Social Media Auto Post & Scheduler CVSS Score: 9.9 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3549 NVD References: - https://plugins.trac.wordpress.org/changeset/3069574/blog2social/trunk/includes/B2S/Post/Item.php - https://www.wordfence.com/threat-intel/vulnerabilities/id/3b472eb8-9808-4a50-b2b4-0b0b3256053f?source=cve

Product: Power Measurement PowerSys CVSS Score: 9.3 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36266 NVD References: https://cert-portal.siemens.com/productcert/html/ssa-024584.html

CVE-2024-2012 & CVE-2024-2013 - FOXMAN-UN/UNEM server/API Gateway component authentication bypass vulnerabilities Product: FOXMAN-UN/UNEM server/API Gateway CVSS Scores: 9.1 - 10.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2013 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2012 NVD References: https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true

Product: QNX SDP CVSS Score: 9.0 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35213 NVD References: https://support.blackberry.com/pkb/s/article/139914

Product: Fossun Document Merge Service CVSS Score: 9.9 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37301 NVD References: https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6

Product: Jupyter Server Proxy CVSS Score: 9.6 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35225 NVD References: - https://github.com/jupyterhub/jupyter-server-proxy/blob/62a290f08750f7ae55a0c29ca339c9a39a7b2a7b/jupyter_server_proxy/handlers.py#L328 - https://github.com/jupyterhub/jupyter-server-proxy/commit/7abc9dc5bbb0b4b440548a5375261b8b8192fc22 - https://github.com/jupyterhub/jupyter-server-proxy/commit/ff78128087e73fb9d0909e1366f8bf051e8ea878 - https://github.com/jupyterhub/jupyter-server-proxy/security/advisories/GHSA-fvcq-4x64-hqxr

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Vulcan Cyber

Palo Alto Networks Cortex

Microsoft

HPE Aruba Networking

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

The Consensus Security Vulnerability Alert

Share

Internet Storm Center Spotlight

Internet Storm Center Entries

Recent CVEs

CVE-2024-4577 - PHP versions 8.1.*, 8.2.*, and 8.3.* on Windows using Apache and PHP-CGI are vulnerable to character substitution leading to potential source code exposure and arbitrary code execution.

CVE-2024-30080 - Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVE-2024-29849 - Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.

CVE-2024-4610 - Arm Ltd Bifrost and Valhall GPU Kernel Drivers from r34p0 through r40p0 allow local non-privileged users to access already freed memory through improper GPU memory processing operations.

CVE-2024-29972 & CVE-2024-29973 - Zyxel NAS326 and NAS542 are vulnerable to command injection

CVE-2024-29974 - Zyxel NAS326 and NAS542 are vulnerable to remote code execution via crafted configuration file uploads.

CVE-2024-4552 - The Social Login Lite For WooCommerce plugin for WordPress is vulnerable to authentication bypass through social login, allowing unauthenticated attackers to log in as any existing user on the site, up to version 1.6.0.

CVE-2023-33930 - Unlimited Elements For Elementor (Free Widgets, Addons, Templates) before version 1.5.66 allows Code Injection through unrestricted upload of dangerous file types.

CVE-2024-25600 - Bricks Builder by Codeer Limited is vulnerable to Code Injection from versions n/a through 1.9.6.

CVE-2024-33560 - XStore is vulnerable to improper limitation of a pathname, allowing PHP local file inclusion from n/a through 9.3.8.

CVE-2024-34551 - Stockholm: from n/a through 9.6 is vulnerable to a Path Traversal issue allowing PHP Local File Inclusion.

CVE-2024-35629 - Wow-Company Easy Digital Downloads – Recent Purchases is vulnerable to PHP Remote File Inclusion due to improper control of filename for include/require statement.

CVE-2024-35700 - Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8.

CVE-2024-36400 - Nano-id is a unique string ID generator for Rust that incorrectly generated IDs with a reduced character set, leading to predictability and vulnerability in security-sensitive contexts.

CVE-2024-35670 - Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93.

CVE-2024-35672 - Missing Authorization vulnerability in Netgsm. This issue affects Netgsm: from n/a through 2.9.16.

CVE-2024-36604 - Tenda O3V2 v1.0.0.12(3880) is vulnerable to Blind Command Injection via stpEn parameter, enabling attackers to run arbitrary codes as root.

CVE-2024-36858 & CVE-2024-37273 - Jan v0.4.12 is vulnerable to arbitrary file upload flaws

CVE-2024-28103 - Action Pack does not properly handle the application configurable Permissions-Policy in non-HTML responses, leading to a vulnerability in versions prior to 6.1.7.8, 7.0.8.2, and 7.1.3.3.

CVE-2024-4219 - BeyondInsight is vulnerable to server-side request forgery prior to version 23.2 via HTTP-based connectors.

CVE-2024-36121 - Netty-incubator-codec-ohttp is vulnerable to an encryption nonce repetition attack due to errors in the BoringSSLAEADContext implementation.

CVE-2024-36675 - LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function.

CVE-2024-5635 & CVE-2024-5636 - itsourcecode Bakery Online Ordering System 1.0 is vulnerable to critical SQL injection attacks

CVE-2024-5262 - ProjectDiscovery Interactsh's smb server vulnerability allows remote attackers to access files or directories and read/write any contents in the directory and subdirectories where interactsh-server is located through anonymous login.

CVE-2024-4295 - The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection in versions up to 5.7.20, allowing unauthenticated attackers to extract sensitive information from the database.

CVE-2024-5526 - Grafana OnCall versions 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery (SSRF) issue in the webhook functionality, which was resolved in version 1.5.2.

CVE-2024-4008 - ABB, Busch-Jaeger, FTS Display, and BCU have a vulnerability that allows attackers to take control through access to the local KNX Bus-System.

CVE-2024-4009 - ABB, Busch-Jaeger, FTS Display and BCU have a vulnerability that allows attackers to capture and replay KNX telegram on the local KNX Bus-System.

CVE-2024-5153 - The Startklar Elementor Addons plugin for WordPress up to 1.7.15 allows unauthenticated attackers to copy and delete files on the server via a Directory Traversal vulnerability in the 'dropzone_hash' parameter.

CVE-2024-4177 - GravityZone Update Server is susceptible to a server-side request forgery due to a host whitelist parser issue, impacting versions before 6.38.1-2 running on premise.

CVE-2024-36393 - SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE-2024-36394 - SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2024-36779 - Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php.

CVE-2024-5675 - Mentor - Employee Portal version 3.83.35 is vulnerable to data deserialization attacks, enabling malicious code execution via injection into the "ViewState" field.

CVE-2024-3592 - The Quiz And Survey Master plugin for WordPress is vulnerable to SQL Injection through the 'question_id' parameter, allowing authenticated attackers to access sensitive data in versions up to 9.0.1.

CVE-2024-5732 - Clash up to 0.20.1 on Windows is vulnerable to improper authentication due to a critical flaw in the Proxy Port component.

CVE-2024-36673 - Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable to SQL Injection in login.php due to insufficient input validation, enabling unauthorized users to inject harmful SQL queries.

CVE-2024-31244 - Missing Authorization vulnerability in Bricksforge. This issue affects Bricksforge from n/a through 2.0.17.

CVE-2024-33565 - UkrSolution Barcode Scanner with Inventory &amp; Order Manager is vulnerable to Missing Authorization from n/a through 1.5.3.

CVE-2024-34762 - WPENGINE INC Advanced Custom Fields PRO is vulnerable to Path Traversal and PHP Local File Inclusion due to improper limitation of a pathname discovered during a security audit.

CVE-2024-35677 - MegaMenu by StylemixThemes allows PHP Local File Inclusion via Path Traversal, impacting versions up to 2.3.12.

CVE-2024-37051 - IntelliJ IDEA versions prior to 2023.1.7 may expose GitHub access token to third-party sites in JetBrains IDEs.

CVE-2024-35746 - BuddyPress Cover has a vulnerability that allows code injection through unrestricted file uploads of dangerous types.

CVE-2024-36408 through CVE-2024-36412 - SuiteCRM SQL Injection vulnerabilities

CVE-2024-36415 - SuiteCRM is vulnerable to remote code execution due to a flaw in uploaded file verification prior to versions 7.14.4 and 8.6.1.

CVE-2024-3549 - The Blog2Social plugin for WordPress is vulnerable to SQL Injection, allowing authenticated attackers to extract sensitive data from the database.

CVE-2024-36266 - PowerSys (All versions &lt; V3.11) is vulnerable to authentication bypass, potentially granting local attackers administrative privileges on managed remote devices.

CVE-2024-2012 & CVE-2024-2013 - FOXMAN-UN/UNEM server/API Gateway component authentication bypass vulnerabilities

CVE-2024-35213 - QNX SDP versions 6.6, 7.0, and 7.1 are vulnerable to improper input validation in the SGI Image Codec, potentially enabling a denial-of-service attack or code execution by an attacker.

CVE-2024-37301 - Document Merge Service is vulnerable to remote code execution via server-side template injection in versions 6.5.1 and prior, allowing for full system takeover with no available patch or workaround.

CVE-2023-50868 - The Closest Encloser Proof aspect of the DNS protocol allows remote attackers to cause a denial of service by consuming CPU for SHA-1 computations in a random subdomain attack.

Sponsors

Vulcan Cyber

Palo Alto Networks Cortex

Microsoft

HPE Aruba Networking

CVE-2024-4577 - PHP versions 8.1., 8.2., and 8.3.* on Windows using Apache and PHP-CGI are vulnerable to character substitution leading to potential source code exposure and arbitrary code execution.

CVE-2024-33565 - UkrSolution Barcode Scanner with Inventory & Order Manager is vulnerable to Missing Authorization from n/a through 1.5.3.

CVE-2024-36266 - PowerSys (All versions < V3.11) is vulnerable to authentication bypass, potentially granting local attackers administrative privileges on managed remote devices.