In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between April 05-06, 2024.
During this period, The National Vulnerability Database published 94, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 5
High: 22
Medium: 17
Low: 9
Severity Not Assigned: 41
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-29672
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Directory Traversal vulnerability in zly2006 Reden before v.0.2.514 allows a remote attacker to execute arbitrary code via the DEBUG_RTC_REQUEST_SYNC_DATA in KeyCallbacks.kt.
References: https://gist.github.com/apple502j/193358682885fe1a6708309ce934e4ed
https://github.com/zly2006/reden-is-what-we-made/commit/44c5320f0a1ccaa764dd91df6a12e747f81fe63a
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-2115
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.0.0. This is due to missing or incorrect nonce validation on the filter_users functions. This makes it possible for unauthenticated attackers to elevate their privileges to that of a teacher via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References: https://plugins.trac.wordpress.org/changeset/3061953/learnpress/tags/4.0.1/inc/admin/class-lp-admin.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/342a4482-f5d3-4cc9-a998-e3abac7142cf?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-3217
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' and 'attribute_id' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
References: https://plugins.trac.wordpress.org/browser/wpdirectorykit/trunk/application/controllers/Wdk_frontendajax.php#L72
https://plugins.trac.wordpress.org/changeset/3064842/wpdirectorykit/trunk/application/controllers/Wdk_frontendajax.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/09b315e6-d973-467d-8b8d-4b7b4a7ca3f8?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-6522
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 2.7
Description: Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3914.
References: https://www.usom.gov.tr/bildirim/tr-24-0276
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-6523
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse.This issue affects Extreme XDS: before 3914.
References: https://www.usom.gov.tr/bildirim/tr-24-0276
CWE-ID: CWE-639
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-31083
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
References: https://access.redhat.com/security/cve/CVE-2024-31083
https://bugzilla.redhat.com/show_bug.cgi?id=2272000
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-31218
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Webhood is a self-hosted URL scanner used analyzing phishing and malicious sites. Webhood's backend container images in versions 0.9.0 and earlier are subject to Missing Authentication for Critical Function vulnerability. This vulnerability allows an unauthenticated attacker to send a HTTP request to the database (Pocketbase) admin API to create an admin account. The Pocketbase admin API does not check for authentication/authorization when creating an admin account when no admin accounts have been added. In its default deployment, Webhood does not create a database admin account. Therefore, unless users have manually created an admin account in the database, an admin account will not exist in the deployment and the deployment is vulnerable. Versions starting from 0.9.1 are patched. The patch creates a randomly generated admin account if admin accounts have not already been created i.e. the vulnerability is exploitable in the deployment. As a workaround, users can disable access to URL path starting with `/api/admins` entirely. With this workaround, the vulnerability is not exploitable via network.
References: https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9
https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-31220
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface outside of localhost may be affected, depending on firewall configuration. To exploit vulnerability, attacker could make an http/s request to the `node_modules` endpoint if user exposed Sunshine config web server to internet or attacker is on the LAN. Version 0.18.0 contains a patch for this issue. As a workaround, one may block access to Sunshine via firewall.
References: https://github.com/LizardByte/Sunshine/releases/tag/v0.18.0
https://github.com/LizardByte/Sunshine/security/advisories/GHSA-6rg7-7m3w-w5wc
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-48426
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: u-boot bug that allows for u-boot shell and interrupt over UART
References: https://source.android.com/docs/security/bulletin/chromecast/2023-12-01
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-3347
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Airline Ticket Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file activate_jet_details_form_handler.php. The manipulation of the argument jet_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259451.
References: https://github.com/thisissuperann/Vul/blob/main/Airline-Ticket-Reservation-System-01.md
https://vuldb.com/?ctiid.259451
https://vuldb.com/?id.259451
https://vuldb.com/?submit.310184
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-3348
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability classified as critical has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected is an unknown function of the file booking/index.php. The manipulation of the argument log_email/log_pword leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259452.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-01
https://vuldb.com/?ctiid.259452
https://vuldb.com/?id.259452
https://vuldb.com/?submit.310216
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-3349
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability classified as critical was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/login.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259453 was assigned to this vulnerability.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-02
https://vuldb.com/?ctiid.259453
https://vuldb.com/?id.259453
https://vuldb.com/?submit.310217
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-22004
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application
References: https://support.google.com/product-documentation/answer/14580222?hl=en&ref_topic=12974021&sjid=10751611047462550096-NA
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-31848
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application.
References: https://www.tenable.com/security/research/tra-2024-09
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-31849
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A path traversal vulnerability exists in the Java version of CData Connect < 23.4.8846 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application.
References: https://www.tenable.com/security/research/tra-2024-09
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-31850
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: A path traversal vulnerability exists in the Java version of CData Arc < 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions.
References: https://www.tenable.com/security/research/tra-2024-09
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-31851
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: A path traversal vulnerability exists in the Java version of CData Sync < 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions.
References: https://www.tenable.com/security/research/tra-2024-09
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-3350
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected by this issue is some unknown functionality of the file admin/mod_room/index.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259454 is the identifier assigned to this vulnerability.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-03
https://vuldb.com/?ctiid.259454
https://vuldb.com/?id.259454
https://vuldb.com/?submit.310218
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-3351
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. This affects an unknown part of the file admin/mod_roomtype/index.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259455.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-04
https://vuldb.com/?ctiid.259455
https://vuldb.com/?id.259455
https://vuldb.com/?submit.310219
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-0081
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description:
NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service.
References: https://github.com/NVIDIA/NeMo/security/advisories/GHSA-x392-p65g-4rxx
CWE-ID: CWE-770
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-3352
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/mod_comments/index.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259456.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-05
https://vuldb.com/?ctiid.259456
https://vuldb.com/?id.259456
https://vuldb.com/?submit.310220
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-3353
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/mod_reports/index.php. The manipulation of the argument categ/end leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259457 was assigned to this vulnerability.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-06
https://vuldb.com/?ctiid.259457
https://vuldb.com/?id.259457
https://vuldb.com/?submit.310221
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-3354
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file admin/mod_users/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-259458 is the identifier assigned to this vulnerability.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-07
https://vuldb.com/?ctiid.259458
https://vuldb.com/?id.259458
https://vuldb.com/?submit.310222
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-27911
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password.
References: https://iknow.lenovo.com.cn/detail/420425
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-27912
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets.
References: https://iknow.lenovo.com.cn/detail/420425
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-3355
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/mod_users/controller.php?action=add. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259459.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-09
https://vuldb.com/?ctiid.259459
https://vuldb.com/?id.259459
https://vuldb.com/?submit.310224
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-3356
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/mod_settings/controller.php?action=add. The manipulation of the argument type leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259460.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-10
https://vuldb.com/?ctiid.259460
https://vuldb.com/?id.259460
https://vuldb.com/?submit.310225
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between April 05-06, 2024.
During this period, The National Vulnerability Database published 94, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 5
High: 22
Medium: 17
Low: 9
Severity Not Assigned: 41
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-29672
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Directory Traversal vulnerability in zly2006 Reden before v.0.2.514 allows a remote attacker to execute arbitrary code via the DEBUG_RTC_REQUEST_SYNC_DATA in KeyCallbacks.kt.
References: https://gist.github.com/apple502j/193358682885fe1a6708309ce934e4ed
https://github.com/zly2006/reden-is-what-we-made/commit/44c5320f0a1ccaa764dd91df6a12e747f81fe63a
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-2115
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.0.0. This is due to missing or incorrect nonce validation on the filter_users functions. This makes it possible for unauthenticated attackers to elevate their privileges to that of a teacher via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References: https://plugins.trac.wordpress.org/changeset/3061953/learnpress/tags/4.0.1/inc/admin/class-lp-admin.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/342a4482-f5d3-4cc9-a998-e3abac7142cf?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-3217
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' and 'attribute_id' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
References: https://plugins.trac.wordpress.org/browser/wpdirectorykit/trunk/application/controllers/Wdk_frontendajax.php#L72
https://plugins.trac.wordpress.org/changeset/3064842/wpdirectorykit/trunk/application/controllers/Wdk_frontendajax.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/09b315e6-d973-467d-8b8d-4b7b4a7ca3f8?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-6522
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 2.7
Description: Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3914.
References: https://www.usom.gov.tr/bildirim/tr-24-0276
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-6523
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse.This issue affects Extreme XDS: before 3914.
References: https://www.usom.gov.tr/bildirim/tr-24-0276
CWE-ID: CWE-639
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-31083
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
References: https://access.redhat.com/security/cve/CVE-2024-31083
https://bugzilla.redhat.com/show_bug.cgi?id=2272000
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-31218
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Webhood is a self-hosted URL scanner used analyzing phishing and malicious sites. Webhood's backend container images in versions 0.9.0 and earlier are subject to Missing Authentication for Critical Function vulnerability. This vulnerability allows an unauthenticated attacker to send a HTTP request to the database (Pocketbase) admin API to create an admin account. The Pocketbase admin API does not check for authentication/authorization when creating an admin account when no admin accounts have been added. In its default deployment, Webhood does not create a database admin account. Therefore, unless users have manually created an admin account in the database, an admin account will not exist in the deployment and the deployment is vulnerable. Versions starting from 0.9.1 are patched. The patch creates a randomly generated admin account if admin accounts have not already been created i.e. the vulnerability is exploitable in the deployment. As a workaround, users can disable access to URL path starting with `/api/admins` entirely. With this workaround, the vulnerability is not exploitable via network.
References: https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9
https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-31220
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface outside of localhost may be affected, depending on firewall configuration. To exploit vulnerability, attacker could make an http/s request to the `node_modules` endpoint if user exposed Sunshine config web server to internet or attacker is on the LAN. Version 0.18.0 contains a patch for this issue. As a workaround, one may block access to Sunshine via firewall.
References: https://github.com/LizardByte/Sunshine/releases/tag/v0.18.0
https://github.com/LizardByte/Sunshine/security/advisories/GHSA-6rg7-7m3w-w5wc
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-48426
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: u-boot bug that allows for u-boot shell and interrupt over UART
References: https://source.android.com/docs/security/bulletin/chromecast/2023-12-01
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-3347
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Airline Ticket Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file activate_jet_details_form_handler.php. The manipulation of the argument jet_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259451.
References: https://github.com/thisissuperann/Vul/blob/main/Airline-Ticket-Reservation-System-01.md
https://vuldb.com/?ctiid.259451
https://vuldb.com/?id.259451
https://vuldb.com/?submit.310184
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-3348
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability classified as critical has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected is an unknown function of the file booking/index.php. The manipulation of the argument log_email/log_pword leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259452.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-01
https://vuldb.com/?ctiid.259452
https://vuldb.com/?id.259452
https://vuldb.com/?submit.310216
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-3349
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability classified as critical was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/login.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259453 was assigned to this vulnerability.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-02
https://vuldb.com/?ctiid.259453
https://vuldb.com/?id.259453
https://vuldb.com/?submit.310217
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-22004
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application
References: https://support.google.com/product-documentation/answer/14580222?hl=en&ref_topic=12974021&sjid=10751611047462550096-NA
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-31848
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application.
References: https://www.tenable.com/security/research/tra-2024-09
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-31849
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A path traversal vulnerability exists in the Java version of CData Connect < 23.4.8846 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application.
References: https://www.tenable.com/security/research/tra-2024-09
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-31850
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: A path traversal vulnerability exists in the Java version of CData Arc < 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions.
References: https://www.tenable.com/security/research/tra-2024-09
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-31851
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: A path traversal vulnerability exists in the Java version of CData Sync < 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions.
References: https://www.tenable.com/security/research/tra-2024-09
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-3350
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected by this issue is some unknown functionality of the file admin/mod_room/index.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259454 is the identifier assigned to this vulnerability.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-03
https://vuldb.com/?ctiid.259454
https://vuldb.com/?id.259454
https://vuldb.com/?submit.310218
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-3351
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. This affects an unknown part of the file admin/mod_roomtype/index.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259455.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-04
https://vuldb.com/?ctiid.259455
https://vuldb.com/?id.259455
https://vuldb.com/?submit.310219
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-0081
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description:
NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service.
References: https://github.com/NVIDIA/NeMo/security/advisories/GHSA-x392-p65g-4rxx
CWE-ID: CWE-770
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-3352
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/mod_comments/index.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259456.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-05
https://vuldb.com/?ctiid.259456
https://vuldb.com/?id.259456
https://vuldb.com/?submit.310220
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-3353
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/mod_reports/index.php. The manipulation of the argument categ/end leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259457 was assigned to this vulnerability.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-06
https://vuldb.com/?ctiid.259457
https://vuldb.com/?id.259457
https://vuldb.com/?submit.310221
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-3354
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file admin/mod_users/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-259458 is the identifier assigned to this vulnerability.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-07
https://vuldb.com/?ctiid.259458
https://vuldb.com/?id.259458
https://vuldb.com/?submit.310222
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-27911
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password.
References: https://iknow.lenovo.com.cn/detail/420425
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-27912
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets.
References: https://iknow.lenovo.com.cn/detail/420425
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-3355
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/mod_users/controller.php?action=add. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259459.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-09
https://vuldb.com/?ctiid.259459
https://vuldb.com/?id.259459
https://vuldb.com/?submit.310224
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-3356
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/mod_settings/controller.php?action=add. The manipulation of the argument type leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259460.
References: https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-10
https://vuldb.com/?ctiid.259460
https://vuldb.com/?id.259460
https://vuldb.com/?submit.310225
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found