CVE-2024-27198

Known exploited
Public exploit
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
Max CVSS
9.8
EPSS Score
97.21%
Published
2024-03-04
Updated
2024-03-11
CISA KEV Added
2024-03-07

CVE-2024-25004

Public exploit
KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.
Max CVSS
7.8
EPSS Score
0.05%
Published
2024-02-09
Updated
2024-02-14

CVE-2024-22836

Public exploit
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company locale when installing an app to execute system commands on the hosting server.
Max CVSS
9.8
EPSS Score
0.45%
Published
2024-02-08
Updated
2024-02-15

CVE-2024-22318

Public exploit
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user's session. The hostile server could capture the NTLM hash information to obtain the user's credentials. IBM X-Force ID: 279091.
Max CVSS
5.5
EPSS Score
0.06%
Published
2024-02-09
Updated
2024-02-16

CVE-2024-21893

Known exploited
Public exploit
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
Max CVSS
8.2
EPSS Score
96.25%
Published
2024-01-31
Updated
2024-02-01
CISA KEV Added
2024-01-31

CVE-2024-21887

Known exploited
Public exploit
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
Max CVSS
9.1
EPSS Score
97.32%
Published
2024-01-12
Updated
2024-01-22
CISA KEV Added
2024-01-10

CVE-2024-21626

Public exploit
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ("attack 1"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ("attack 3a" and "attack 3b"). runc 1.1.12 includes patches for this issue.
Max CVSS
8.6
EPSS Score
5.06%
Published
2024-01-31
Updated
2024-02-19

CVE-2024-1709

Known exploited
Public exploit
Used for ransomware
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.
Max CVSS
10.0
EPSS Score
93.46%
Published
2024-02-21
Updated
2024-02-23
CISA KEV Added
2024-02-22

CVE-2024-1708

Public exploit
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.
Max CVSS
8.4
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-22

CVE-2024-1346

Public exploit
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.
Max CVSS
6.8
EPSS Score
0.04%
Published
2024-02-19
Updated
2024-02-20

CVE-2024-0204

Public exploit
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
Max CVSS
9.8
EPSS Score
53.86%
Published
2024-01-22
Updated
2024-02-02

CVE-2023-52251

Public exploit
An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.
Max CVSS
8.8
EPSS Score
2.88%
Published
2024-01-25
Updated
2024-02-29

CVE-2023-51467

Public exploit
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code
Max CVSS
9.8
EPSS Score
68.50%
Published
2023-12-26
Updated
2024-01-04

CVE-2023-50919

Public exploit
An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7.
Max CVSS
9.8
EPSS Score
0.11%
Published
2024-01-12
Updated
2024-01-24

CVE-2023-50917

Public exploit
MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager.
Max CVSS
9.8
EPSS Score
71.10%
Published
2023-12-15
Updated
2024-01-22

CVE-2023-50445

Public exploit
Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-12-28
Updated
2024-01-24

CVE-2023-50071

Public exploit
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department via id or name.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-12-29
Updated
2024-01-05

CVE-2023-49294

Public exploit
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the `live_dangerously` is not enabled. This allows arbitrary files to be read. Asterisk versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, contain a fix for this issue.
Max CVSS
7.5
EPSS Score
0.10%
Published
2023-12-14
Updated
2023-12-29

CVE-2023-49103

Known exploited
Public exploit
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
Max CVSS
10.0
EPSS Score
89.25%
Published
2023-11-21
Updated
2023-12-05
CISA KEV Added
2023-11-30

CVE-2023-49085

Public exploit
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.
Max CVSS
8.8
EPSS Score
0.12%
Published
2023-12-22
Updated
2024-03-18

CVE-2023-49084

Public exploit
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-12-21
Updated
2024-03-18

CVE-2023-49070

Public exploit
Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10.  Users are recommended to upgrade to version 18.12.10
Max CVSS
9.8
EPSS Score
84.67%
Published
2023-12-05
Updated
2023-12-29

CVE-2023-47218

Public exploit
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later
Max CVSS
5.8
EPSS Score
1.32%
Published
2024-02-13
Updated
2024-02-15

CVE-2023-46916

Public exploit
Maxima Max Pro Power 1.0 486A devices allow BLE traffic replay. An attacker can use GATT characteristic handle 0x0012 to perform potentially disruptive actions such as starting a Heart Rate monitor.
Max CVSS
4.3
EPSS Score
0.05%
Published
2023-12-07
Updated
2023-12-12

CVE-2023-46805

Known exploited
Public exploit
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Max CVSS
8.2
EPSS Score
96.43%
Published
2024-01-12
Updated
2024-01-22
CISA KEV Added
2024-01-10
2563 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!