CVE & Exploit Intelligence Database

CVE-2024-51481 1 Writeup EPSS 0.00

Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders (such as `builtin:fetchurl`, exposed to users with `import <nix/fetchurl.nix>`) were not executed in the macOS sandbox. Thus, these builders (which are running under the `nixbld*` users) had read access to world-readable paths and write access to world-writable paths outside of the sandbox. This issue is fixed in 2.18.9, 2.19.7, 2.20.9, 2.21.5, 2.22.4, 2.23.4, and 2.24.10. Note that sandboxing is not enabled by default on macOS. The Nix sandbox is not primarily intended as a security mechanism, but as an aid to improve reproducibility and purity of Nix builds. However, sandboxing *can* mitigate the impact of other security issues by limiting what parts of the host system a build has access to.

CWE-693 Oct 31, 2024

CVE-2024-44122 8.8 HIGH EPSS 0.00

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. An application may be able to break out of its sandbox.

CWE-693 Oct 28, 2024

CVE-2024-43585 5.5 MEDIUM EPSS 0.00

Code Integrity Guard Security Feature Bypass Vulnerability

CWE-693 Oct 08, 2024

CVE-2024-43584 7.7 HIGH EPSS 0.01

Windows Scripting Engine Security Feature Bypass Vulnerability

CWE-693 Oct 08, 2024

CVE-2024-43513 6.4 MEDIUM EPSS 0.00

BitLocker Security Feature Bypass Vulnerability

CWE-693 Oct 08, 2024

CVE-2024-20438 6.3 MEDIUM EPSS 0.00

A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited network-admin functions such as reading device configuration information, uploading files, and modifying uploaded files. Note: This vulnerability only affects a subset of REST API endpoints and does not affect the web-based management interface.

CWE-862 Oct 02, 2024

CVE-2024-46976 6.5 MEDIUM EPSS 0.00

Backstage is an open framework for building developer portals. An attacker with control of the contents of the TechDocs storage buckets is able to inject executable scripts in the TechDocs content that will be executed in the victim's browser when browsing documentation or navigating to an attacker provided link. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. users are advised to upgrade. There are no known workarounds for this vulnerability.

CWE-79 Sep 17, 2024

CVE-2024-45835 2.5 LOW EPSS 0.00

Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access.

CWE-693 Sep 16, 2024

CVE-2024-45833 4.5 MEDIUM EPSS 0.00

Mattermost Mobile Apps versions <=2.18.0 fail to disable autocomplete during login while typing the password and visible password is selected, which allows the password to get saved in the dictionary when the user has Swiftkey as the default keyboard, the masking is off and the password contains a special character..

CWE-693 Sep 16, 2024

CVE-2024-43487 6.5 MEDIUM EPSS 0.05

Windows Mark of the Web Security Feature Bypass Vulnerability

CWE-693 Sep 10, 2024

CVE-2024-38226 7.3 HIGH KEV EPSS 0.01

Microsoft Publisher Security Feature Bypass Vulnerability

CWE-693 Sep 10, 2024

CVE-2024-38217 5.4 MEDIUM KEV EPSS 0.13

Windows Mark of the Web Security Feature Bypass Vulnerability

CWE-693 Sep 10, 2024

CVE-2024-45411 8.5 HIGH 1 Writeup EPSS 0.00

Twig is a template language for PHP. Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. This vulnerability is fixed in 1.44.8, 2.16.1, and 3.14.0.

CWE-693 Sep 09, 2024

CVE-2022-4100 5.3 MEDIUM EPSS 0.00

The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it possible for an attacker whose IP address has been blocked to bypass this control by setting the X-Forwarded-For: HTTP header to an IP Address that hasn't been blocked.

CWE-693 Aug 31, 2024

CVE-2024-20286 5.3 MEDIUM EPSS 0.00

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.&nbsp; Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

CWE-693 Aug 28, 2024

CVE-2024-20284 5.3 MEDIUM EPSS 0.00

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.&nbsp; Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

CWE-693 Aug 28, 2024

CVE-2024-39836 4.8 MEDIUM EPSS 0.01

Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 and 9.8.x <= 9.8.2 fail to ensure that remote/synthetic users cannot create sessions or reset passwords, which allows the munged email addresses, created by shared channels, to be used to receive email notifications and to reset passwords, when they are valid, functional emails.

CWE-693 Aug 22, 2024

CVE-2024-24983 6.5 MEDIUM EPSS 0.00

Protection mechanism failure in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 4.4 may allow an unauthenticated user to potentially enable denial of service via network access.

CWE-693 Aug 14, 2024

CVE-2024-24980 6.1 MEDIUM EPSS 0.00

Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CWE-693 Aug 14, 2024

CVE-2024-23499 6.5 MEDIUM EPSS 0.00

Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an unauthenticated user to potentially enable denial of service via network access.

CWE-693 Aug 14, 2024