Exploit Database
143,685 exploits tracked across all sources.
TensorFlow < 2.8.4, 2.9.0-2.9.3, 2.10.0-2.10.1 - Denial of Service via Undefined Char-to-Bool Conversion
TensorFlow is an open source platform for machine learning. When printing a tensor, we get it's data as a `const char*` array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
CVSS 4.8
Lancet < 1.3.4 and 2.0.0-2.1.10 - Path Traversal via ZipSlip in fileutil Package
Lancet is a general utility library for the go programming language. Affected versions are subject to a ZipSlip issue when using the fileutil package to unzip files. This issue has been addressed and a fix will be included in versions 2.1.10 and 1.3.4. Users are advised to upgrade. There are no known workarounds for this issue.
CVSS 6.3
XWiki Platform < 13.10.8 - Authenticated Remote Code Execution via Menu Macro Injection
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on commonly accessible documents including the menu macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation due to improper escaping of the macro content and parameters of the menu macro. The problem has been patched in XWiki 14.6RC1, 13.10.8 and 14.4.3. The patch (commit `2fc20891`) for the document `Menu.MenuMacro` can be manually applied or a XAR archive of a patched version can be imported. The menu macro was basically unchanged since XWiki 11.6 so on XWiki 11.6 or later the patch for version of 13.10.8 (commit `59ccca24a`) can most likely be applied, on XWiki version 14.0 and later the versions in XWiki 14.6 and 14.4.3 should be appropriate.
CVSS 9.9
engine.io < 3.6.1 - Denial of Service via Crafted HTTP Request
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the engine.io package, including those who uses depending packages like socket.io. There is no known workaround except upgrading to a safe version. There are patches for this issue released in versions 3.6.1 and 6.2.1.
CVSS 7.1
Zemana AntiMalware and Watchdog Anti-Malware - Arbitrary Code Injection
Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti-Malware 4.1.422 and Zemana AntiMalware 3.2.28.
CVSS 6.7
Backdrop CMS 1.23.0 - Stored Cross-Site Scripting via Page Content
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content.
CVSS 4.8
KLiK SocialMediaWebsite 1.0.1 - Reflected Cross-Site Scripting via Poll Parameter
A reflected cross-site scripting (XSS) vulnerability in SocialMediaWebsite v1.0.1 allows attackers to inject malicious JavaScript into the web browser of a victim via the poll parameter in poll.php.
CVSS 6.1
KLiK SocialMediaWebsite 1.0.1 - Reflected Cross-Site Scripting via Selector or Validator Parameters
KLiK SocialMediaWebsite version 1.0.1 from msaad1999 has a reflected cross-site scripting (XSS) vulnerability which may allow remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' or 'validator' parameters of 'create-new-pwd.php'.
CVSS 6.1
KLiK SocialMediaWebsite 1.0.1 - Stored Cross-Site Scripting via Reply Form Location Input
KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form.
CVSS 5.4
KLiK SocialMediaWebsite 1.0.1 - Stored Cross-Site Scripting via Forum Subject Input
KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location Forum Subject input.
CVSS 5.4
KLiK SocialMediaWebsite v1.0.1 - SQL Injection via profile.php
KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php.
CVSS 8.8
KLiK SocialMediaWebsite v1.0.1 - SQL Injection via profile.php
KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php.
CVSS 8.8
PCTechSoft PCSecure V5.0.8.xw - Use of Hard-coded Credentials
In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access.
CVSS 7.8
fit2cloud lina 2.10.0-2.26.0 - Stored Cross-Site Scripting via Improper Input Filtering
Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission.
CVSS 5.4
fit2cloud lina 2.10.0-2.26.0 - Stored Cross-Site Scripting via Improper Input Filtering
Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission.
CVSS 5.4
pfSense 2.5.2 - Stored Cross-Site Scripting in browser.php via File Name
pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.
CVSS 6.1
Linux Kernel < 5.19.7 - Use-After-Free in anon_vma Reuse
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVSS 5.5
Warpinator < 1.2.14 - Directory Traversal via Symbolic Link
Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links.
CVSS 7.5
Linux Kernel < 4.9.335 - Use-After-Free in Bluetooth L2CAP Core
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim.
We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url
CVSS 8.0
siyucms v6.1.7 - Remote Code Execution
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the background. SIYUCMS is a content management system based on ThinkPaP5 AdminLTE. SIYUCMS has a background command execution vulnerability, which can be used by attackers to gain server privileges
CVSS 7.2
dedecms v6.1.9 - Cross-Site Request Forgery
DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords.
CVSS 8.8
AutoTaxi Stand Management System v1.0 - XSS
AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component search.php.
CVSS 6.1
Keycloak < 21.1.2 - Cross-Site Scripting via AssertionConsumerServiceURL or redirect_uri
Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirect_uri.
CVSS 10.0
DedeCMS V6 6.1.9 - Remote Code Execution via file_manage_control.php
dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE) via file_manage_control.php.
CVSS 9.8
Simple Inventory Management System v1.0 - SQL Injection
Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.
CVSS 9.8
By Source