Total
31149 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8253 | 1 Pickplugins | 1 Post Grid | 2024-09-25 | 8.8 High |
| The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in all versions 2.2.87 to 2.2.90. This is due to the plugin not properly restricting what user meta values can be updated and ensuring a form is active. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta to become an administrator. | ||||
| CVE-2024-46942 | 1 Opendaylight | 2 Md-sal, Model-driven Service Abstraction Layer | 2024-09-25 | 9.1 Critical |
| In OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment. | ||||
| CVE-2024-8853 | 1 Medialibs | 1 Webo-facto | 2024-09-25 | 9.8 Critical |
| The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a username that contains '-wfuser'. | ||||
| CVE-2024-46983 | 1 Antfin | 1 Sofa-hessian | 2024-09-25 | 9.8 Critical |
| sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the SOFA Hessian blacklist protection mechanism, and this gadget chain only relies on JDK and does not rely on any third-party components. This issue is fixed by an update to the blacklist, users can upgrade to sofahessian version 3.5.5 to avoid this issue. Users unable to upgrade may maintain a blacklist themselves in the directory `external/serialize.blacklist`. | ||||
| CVE-2024-45807 | 1 Envoyproxy | 1 Envoy | 2024-09-25 | 7.5 High |
| Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's 1.31 is using `oghttp` as the default HTTP/2 codec, and there are potential bugs around stream management in the codec. To resolve this Envoy will switch off the `oghttp2` by default. The impact of this issue is that envoy will crash. This issue has been addressed in release version 1.31.2. All users are advised to upgrade. There are no known workarounds for this issue. | ||||
| CVE-2024-45752 | 1 Pixlone | 1 Logiops | 2024-09-25 | 8.5 High |
| logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction. | ||||
| CVE-2024-40838 | 1 Apple | 1 Macos | 2024-09-25 | 3.3 Low |
| A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15. A malicious app may be able to access notifications from the user's device. | ||||
| CVE-2024-44124 | 1 Apple | 2 Ipados, Iphone Os | 2024-09-25 | 6.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A malicious Bluetooth input device may bypass pairing. | ||||
| CVE-2024-40856 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-09-25 | 7.5 High |
| An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, tvOS 18, macOS Sequoia 15. An attacker may be able to force a device to disconnect from a secure network. | ||||
| CVE-2024-40860 | 1 Apple | 1 Macos | 2024-09-25 | 5.5 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | ||||
| CVE-2024-40863 | 1 Apple | 2 Ipados, Iphone Os | 2024-09-25 | 5.5 Medium |
| This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to leak sensitive user information. | ||||
| CVE-2024-44125 | 1 Apple | 1 Macos | 2024-09-25 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. A malicious application may be able to leak sensitive user information. | ||||
| CVE-2024-44128 | 1 Apple | 1 Macos | 2024-09-25 | 5.5 Medium |
| This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An Automator Quick Action workflow may be able to bypass Gatekeeper. | ||||
| CVE-2024-44129 | 1 Apple | 1 Macos | 2024-09-25 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS Sequoia 15. An app may be able to leak sensitive user information. | ||||
| CVE-2024-44135 | 1 Apple | 1 Macos | 2024-09-25 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access protected files within an App Sandbox container. | ||||
| CVE-2024-44176 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-09-25 | 5.5 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. Processing an image may lead to a denial-of-service. | ||||
| CVE-2024-47000 | 1 Zitadel | 1 Zitadel | 2024-09-24 | 8.1 High |
| Zitadel is an open source identity management platform. ZITADEL's user account deactivation mechanism did not work correctly with service accounts. Deactivated service accounts retained the ability to request tokens, which could lead to unauthorized access to applications and resources. Versions 2.62.1, 2.61.1, 2.60.2, 2.59.3, 2.58.5, 2.57.5, 2.56.6, 2.55.8, and 2.54.10 have been released which address this issue. Users are advised t upgrade. Users unable to upgrade may instead of deactivating the service account, consider creating new credentials and replacing the old ones wherever they are used. This effectively prevents the deactivated service account from being utilized. Be sure to revoke all existing authentication keys associated with the service account and to rotate the service account's password. | ||||
| CVE-2024-46999 | 1 Zitadel | 1 Zitadel | 2024-09-24 | 7.3 High |
| Zitadel is an open source identity management platform. ZITADEL's user grants deactivation mechanism did not work correctly. Deactivated user grants were still provided in token, which could lead to unauthorized access to applications and resources. Additionally, the management and auth API always returned the state as active or did not provide any information about the state. Versions 2.62.1, 2.61.1, 2.60.2, 2.59.3, 2.58.5, 2.57.5, 2.56.6, 2.55.8, and 2.54.10 have been released which address this issue. Users are advised to upgrade. Users unable to upgrade may explicitly remove the user grants to make sure the user does not get access anymore. | ||||
| CVE-2024-45810 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2024-09-24 | 6.5 Medium |
| Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstance, e.g., websocket upgrade, and requests mirroring. The http async client will crash during the `sendLocalReply()` in http async client, one reason is http async client is duplicating the status code, another one is the destroy of router is called at the destructor of the async stream, while the stream is deferred deleted at first. There will be problems that the stream decoder is destroyed but its reference is called in `router.onDestroy()`, causing segment fault. This will impact ext_authz if the `upgrade` and `connection` header are allowed, and request mirrorring. This issue has been addressed in versions 1.31.2, 1.30.6, 1.29.9, and 1.28.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-44183 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-09-24 | 5.5 Medium |
| A logic error was addressed with improved error handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. An app may be able to cause a denial-of-service. | ||||