In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between May 06-07, 2024.
During this period, The National Vulnerability Database published 159, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 2
High: 29
Medium: 44
Low: 17
Severity Not Assigned: 67
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-49675
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An unauthenticated local attacker may trick a user to open corrupted project files to execute arbitrary code or crash the system due to an out-of-bounds write vulnerability.
References: https://cert.vde.com/en/advisories/VDE-2024-024
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-3576
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.7
Description: The NPort 5100A Series prior to version 1.6 is affected by web server XSS vulnerability. The vulnerability is caused by not correctly neutralizing user-controllable input before placing it in output. Malicious users may use the vulnerability to get sensitive information and escalate privileges.
References: https://www.moxa.com/en/support/product-support/security-advisory/mpsa-246328-nport-5100a-series-store-xss-vulnerability
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-4547
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field
References: https://www.tenable.com/security/research/tra-2024-13
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-4548
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateHDMWYC' message, which is split into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field.
References: https://www.tenable.com/security/research/tra-2024-13
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-4549
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A denial of service vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior. When processing an 'ICS Restart!' message, CEBC.exe restarts the system.
References: https://www.tenable.com/security/research/tra-2024-13
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-33119
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-367
Common Platform Enumerations (CPE): Not Found
7. CVE-2023-43529
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-617
Common Platform Enumerations (CPE): Not Found
8. CVE-2023-43531
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption while verifying the serialized header when the key pairs are generated.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-824
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-21471
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-21474
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption when size of buffer from previous call is used without validation or re-initialization.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-21475
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory corruption when the payload received from firmware is not as per the expected protocol size.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-823
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-21476
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory corruption when the channel ID passed by user is not validated and further used.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-21477
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-126
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-21480
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: Memory corruption while playing audio file having large-sized input buffer.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-23351
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-23354
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption when the IOCTL call is interrupted by a signal.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-32972
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version `1.13.15` and onwards.
References: https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15
https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-32982
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Litestar and Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit path traversal flaws, enabling unauthorized access to sensitive files outside the designated directories. Such access can lead to the disclosure of sensitive information or potentially compromise the server. The vulnerability is located in the file path handling mechanism within the static content serving function, specifically at `litestar/static_files/base.py`. This vulnerability is fixed in versions 2.8.3, 2.7.2, and 2.6.4.
References: https://github.com/litestar-org/litestar/blob/main/litestar/static_files/base.py#L70
https://github.com/litestar-org/litestar/commit/57e706e7effdc182fc9a2af5981bc88afb21851b
https://github.com/litestar-org/litestar/security/advisories/GHSA-83pv-qr33-2vcf
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-34069
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger. This vulnerability is fixed in 3.0.3.
References: https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692
https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-34089
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.2
Description: An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. 6.14 P3 (6.14.0.3) is also a fixed release.
References: https://archerirm.com
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-34090
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.2
Description: An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. The login banner in the Archer Control Panel (ACP) did not previously escape content appropriately. 6.14 P3 (6.14.0.3) is also a fixed release.
References: https://archerirm.com
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-34091
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.2
Description: An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed in the background of the application and renders content inaccessible. 6.14 P3 (6.14.0.3) is also a fixed release.
References: https://archerirm.com
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-32807
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 4.7
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brevo for WooCommerce Sendinblue for WooCommerce.This issue affects Sendinblue for WooCommerce: from n/a through 4.0.17.
References: https://patchstack.com/database/vulnerability/woocommerce-sendinblue-newsletter-subscription/wordpress-brevo-for-woocommerce-plugin-4-0-17-arbitrary-file-download-and-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-34388
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Scribit GDPR Compliance.This issue affects GDPR Compliance: from n/a through 1.2.5.
References: https://patchstack.com/database/vulnerability/gdpr-compliance/wordpress-gdpr-compliance-plugin-1-2-5-sensitive-data-exposure-vulnerability?_s_id=cve
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-33912
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16.
References: https://patchstack.com/database/vulnerability/academy/wordpress-academy-lms-plugin-1-9-16-broken-access-control-on-paid-courses-vulnerability?_s_id=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-34367
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Popup Box Team Popup box allows Cross-Site Scripting (XSS).This issue affects Popup box: from n/a through 4.1.2.
References: https://patchstack.com/database/vulnerability/ays-popup-box/wordpress-popup-box-plugin-4-1-2-csrf-to-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-34369
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webpushr Web Push Notifications Webpushr allows Reflected XSS.This issue affects Webpushr: from n/a through 4.35.0.
References: https://patchstack.com/database/vulnerability/webpushr-web-push-notifications/wordpress-web-push-notifications-webpushr-plugin-4-35-0-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-34378
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: Missing Authorization vulnerability in LeadConnector.This issue affects LeadConnector: from n/a through 1.7.
References: https://patchstack.com/database/vulnerability/leadconnector/wordpress-leadconnector-plugin-1-7-api-broken-access-control-vulnerability?_s_id=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
29. CVE-2024-34386
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lucian Apostol Auto Affiliate Links.This issue affects Auto Affiliate Links: from n/a through 6.4.3.1.
References: https://patchstack.com/database/vulnerability/wp-auto-affiliate-links/wordpress-auto-affiliate-links-plugin-6-4-3-1-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
30. CVE-2024-34412
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Parcel Panel ParcelPanel.This issue affects ParcelPanel: from n/a through 3.8.1.
References: https://patchstack.com/database/vulnerability/parcelpanel/wordpress-parcelpanel-plugin-3-8-1-subscriber-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
31. CVE-2024-3661
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: By design, the DHCP protocol does not authenticate messages, including for example the classless static route option (121). An attacker with the ability to send DHCP messages can manipulate routes to redirect VPN traffic, allowing the attacker to read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. Many, if not most VPN systems based on IP routing are susceptible to such attacks.
References: https://datatracker.ietf.org/doc/html/rfc2131#section-7
https://datatracker.ietf.org/doc/html/rfc3442#section-7
https://tunnelvisionbug.com/
https://www.leviathansecurity.com/research/tunnelvision
CWE-ID: CWE-306 CWE-501
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between May 06-07, 2024.
During this period, The National Vulnerability Database published 159, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 2
High: 29
Medium: 44
Low: 17
Severity Not Assigned: 67
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-49675
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An unauthenticated local attacker may trick a user to open corrupted project files to execute arbitrary code or crash the system due to an out-of-bounds write vulnerability.
References: https://cert.vde.com/en/advisories/VDE-2024-024
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-3576
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.7
Description: The NPort 5100A Series prior to version 1.6 is affected by web server XSS vulnerability. The vulnerability is caused by not correctly neutralizing user-controllable input before placing it in output. Malicious users may use the vulnerability to get sensitive information and escalate privileges.
References: https://www.moxa.com/en/support/product-support/security-advisory/mpsa-246328-nport-5100a-series-store-xss-vulnerability
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-4547
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field
References: https://www.tenable.com/security/research/tra-2024-13
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-4548
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateHDMWYC' message, which is split into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field.
References: https://www.tenable.com/security/research/tra-2024-13
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-4549
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A denial of service vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior. When processing an 'ICS Restart!' message, CEBC.exe restarts the system.
References: https://www.tenable.com/security/research/tra-2024-13
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-33119
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-367
Common Platform Enumerations (CPE): Not Found
7. CVE-2023-43529
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-617
Common Platform Enumerations (CPE): Not Found
8. CVE-2023-43531
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption while verifying the serialized header when the key pairs are generated.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-824
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-21471
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-21474
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption when size of buffer from previous call is used without validation or re-initialization.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-21475
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory corruption when the payload received from firmware is not as per the expected protocol size.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-823
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-21476
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory corruption when the channel ID passed by user is not validated and further used.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-21477
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-126
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-21480
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: Memory corruption while playing audio file having large-sized input buffer.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-23351
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-23354
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption when the IOCTL call is interrupted by a signal.
References: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-32972
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version `1.13.15` and onwards.
References: https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15
https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-32982
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Litestar and Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit path traversal flaws, enabling unauthorized access to sensitive files outside the designated directories. Such access can lead to the disclosure of sensitive information or potentially compromise the server. The vulnerability is located in the file path handling mechanism within the static content serving function, specifically at `litestar/static_files/base.py`. This vulnerability is fixed in versions 2.8.3, 2.7.2, and 2.6.4.
References: https://github.com/litestar-org/litestar/blob/main/litestar/static_files/base.py#L70
https://github.com/litestar-org/litestar/commit/57e706e7effdc182fc9a2af5981bc88afb21851b
https://github.com/litestar-org/litestar/security/advisories/GHSA-83pv-qr33-2vcf
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-34069
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger. This vulnerability is fixed in 3.0.3.
References: https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692
https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-34089
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.2
Description: An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. 6.14 P3 (6.14.0.3) is also a fixed release.
References: https://archerirm.com
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-34090
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.2
Description: An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. The login banner in the Archer Control Panel (ACP) did not previously escape content appropriately. 6.14 P3 (6.14.0.3) is also a fixed release.
References: https://archerirm.com
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-34091
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.2
Description: An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed in the background of the application and renders content inaccessible. 6.14 P3 (6.14.0.3) is also a fixed release.
References: https://archerirm.com
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-32807
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 4.7
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brevo for WooCommerce Sendinblue for WooCommerce.This issue affects Sendinblue for WooCommerce: from n/a through 4.0.17.
References: https://patchstack.com/database/vulnerability/woocommerce-sendinblue-newsletter-subscription/wordpress-brevo-for-woocommerce-plugin-4-0-17-arbitrary-file-download-and-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-34388
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Scribit GDPR Compliance.This issue affects GDPR Compliance: from n/a through 1.2.5.
References: https://patchstack.com/database/vulnerability/gdpr-compliance/wordpress-gdpr-compliance-plugin-1-2-5-sensitive-data-exposure-vulnerability?_s_id=cve
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-33912
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16.
References: https://patchstack.com/database/vulnerability/academy/wordpress-academy-lms-plugin-1-9-16-broken-access-control-on-paid-courses-vulnerability?_s_id=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-34367
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Popup Box Team Popup box allows Cross-Site Scripting (XSS).This issue affects Popup box: from n/a through 4.1.2.
References: https://patchstack.com/database/vulnerability/ays-popup-box/wordpress-popup-box-plugin-4-1-2-csrf-to-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-34369
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webpushr Web Push Notifications Webpushr allows Reflected XSS.This issue affects Webpushr: from n/a through 4.35.0.
References: https://patchstack.com/database/vulnerability/webpushr-web-push-notifications/wordpress-web-push-notifications-webpushr-plugin-4-35-0-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-34378
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: Missing Authorization vulnerability in LeadConnector.This issue affects LeadConnector: from n/a through 1.7.
References: https://patchstack.com/database/vulnerability/leadconnector/wordpress-leadconnector-plugin-1-7-api-broken-access-control-vulnerability?_s_id=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
29. CVE-2024-34386
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lucian Apostol Auto Affiliate Links.This issue affects Auto Affiliate Links: from n/a through 6.4.3.1.
References: https://patchstack.com/database/vulnerability/wp-auto-affiliate-links/wordpress-auto-affiliate-links-plugin-6-4-3-1-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
30. CVE-2024-34412
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Parcel Panel ParcelPanel.This issue affects ParcelPanel: from n/a through 3.8.1.
References: https://patchstack.com/database/vulnerability/parcelpanel/wordpress-parcelpanel-plugin-3-8-1-subscriber-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
31. CVE-2024-3661
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: By design, the DHCP protocol does not authenticate messages, including for example the classless static route option (121). An attacker with the ability to send DHCP messages can manipulate routes to redirect VPN traffic, allowing the attacker to read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. Many, if not most VPN systems based on IP routing are susceptible to such attacks.
References: https://datatracker.ietf.org/doc/html/rfc2131#section-7
https://datatracker.ietf.org/doc/html/rfc3442#section-7
https://tunnelvisionbug.com/
https://www.leviathansecurity.com/research/tunnelvision
CWE-ID: CWE-306 CWE-501
Common Platform Enumerations (CPE): Not Found