CVE Notify @cvenotify Channel on Telegram

CVE Notify

@cvenotify

Alert on the latest CVEs

Partner channel: @malwr

Contact: @SirMalware

CVE Notify (English)

Are you concerned about the security of your systems and data? Look no further than CVE Notify, your go-to channel for staying informed about the latest Common Vulnerabilities and Exposures (CVEs). With real-time alerts on security threats, CVE Notify helps you stay one step ahead of potential cyber attacks.

Who is CVE Notify? This Telegram channel is dedicated to providing timely notifications on the most recent CVEs, ensuring that you are always aware of potential vulnerabilities that could impact your systems. By subscribing to CVE Notify, you can take proactive measures to secure your digital assets and prevent cyber threats.

What is CVE Notify? CVE Notify is your source for up-to-date information on CVEs, helping you understand the risks associated with known vulnerabilities. By partnering with @malwr, a leading cybersecurity channel, CVE Notify ensures that you receive comprehensive insights into the latest security threats. For any inquiries or assistance, you can reach out to @SirMalware, the channel's contact person, who is dedicated to providing support and guidance.

Don't wait until it's too late – join CVE Notify today and protect your systems from potential security breaches. Stay informed, stay secure with CVE Notify!

CVE Notify

20 Nov, 21:07

🚨 CVE-2024-46827
In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: fix firmware crash due to invalid peer nss

Currently, if the access point receives an association
request containing an Extended HE Capabilities Information
Element with an invalid MCS-NSS, it triggers a firmware
crash.

This issue arises when EHT-PHY capabilities shows support
for a bandwidth and MCS-NSS set for that particular
bandwidth is filled by zeros and due to this, driver obtains
peer_nss as 0 and sending this value to firmware causes
crash.

Address this issue by implementing a validation step for
the peer_nss value before passing it to the firmware. If
the value is greater than zero, proceed with forwarding
it to the firmware. However, if the value is invalid,
reject the association request to prevent potential
firmware crashes.

Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1

πŸŽ–@cveNotify
157
CVE Notify

20 Nov, 21:07

🚨 CVE-2024-46812
In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration

[Why]
Coverity reports Memory - illegal accesses.

[How]
Skip inactive planes.

πŸŽ–@cveNotify
120
CVE Notify

20 Nov, 21:07

🚨 CVE-2024-46794
In the Linux kernel, the following vulnerability has been resolved:

x86/tdx: Fix data leak in mmio_read()

The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an
address from the VMM.

Sean noticed that mmio_read() unintentionally exposes the value of an
initialized variable (val) on the stack to the VMM.

This variable is only needed as an output value. It did not need to be
passed to the VMM in the first place.

Do not send the original value of *val to the VMM.

[ dhansen: clarify what 'val' is used for. ]

πŸŽ–@cveNotify
91
CVE Notify

20 Nov, 20:37

🚨 CVE-2018-9409
In HWCSession::SetColorModeById of hwc_session.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

πŸŽ–@cveNotify
95
CVE Notify

20 Nov, 20:37

🚨 CVE-2018-9371
In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional execution privileges needed. User interaction is needed for exploitation.

πŸŽ–@cveNotify
89
CVE Notify

20 Nov, 20:37

🚨 CVE-2024-33014
Transient DOS while parsing ESP IE from beacon/probe response frame.

πŸŽ–@cveNotify
53
CVE Notify

20 Nov, 20:37

🚨 CVE-2024-50056
In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c

Fix potential dereferencing of ERR_PTR() in find_format_by_pix()
and uvc_v4l2_enum_format().

Fix the following smatch errors:

drivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()
error: 'fmtdesc' dereferencing possible ERR_PTR()

drivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()
error: 'fmtdesc' dereferencing possible ERR_PTR()

Also, fix similar issue in uvc_v4l2_try_format() for potential
dereferencing of ERR_PTR().

πŸŽ–@cveNotify
53
CVE Notify

20 Nov, 20:37

🚨 CVE-2024-50060
In the Linux kernel, the following vulnerability has been resolved:

io_uring: check if we need to reschedule during overflow flush

In terms of normal application usage, this list will always be empty.
And if an application does overflow a bit, it'll have a few entries.
However, nothing obviously prevents syzbot from running a test case
that generates a ton of overflow entries, and then flushing them can
take quite a while.

Check for needing to reschedule while flushing, and drop our locks and
do so if necessary. There's no state to maintain here as overflows
always prune from head-of-list, hence it's fine to drop and reacquire
the locks at the end of the loop.

πŸŽ–@cveNotify
59
CVE Notify

20 Nov, 20:37

🚨 CVE-2024-52714
Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime.

πŸŽ–@cveNotify
74
CVE Notify

20 Nov, 20:07

🚨 CVE-2024-33025
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

πŸŽ–@cveNotify
69
CVE Notify

20 Nov, 20:07

🚨 CVE-2024-33026
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.

πŸŽ–@cveNotify
72
CVE Notify

20 Nov, 20:07

🚨 CVE-2024-50065
In the Linux kernel, the following vulnerability has been resolved:

ntfs3: Change to non-blocking allocation in ntfs_d_hash

d_hash is done while under "rcu-walk" and should not sleep.
__get_name() allocates using GFP_KERNEL, having the possibility
to sleep when under memory pressure. Change the allocation to
GFP_NOWAIT.

πŸŽ–@cveNotify
75
CVE Notify

20 Nov, 20:07

🚨 CVE-2024-33024
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.

πŸŽ–@cveNotify
68
CVE Notify

20 Nov, 20:07

🚨 CVE-2024-33018
Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.

πŸŽ–@cveNotify
65
CVE Notify

20 Nov, 20:07

🚨 CVE-2023-27742
IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login.

πŸŽ–@cveNotify
58
CVE Notify

20 Nov, 20:07

🚨 CVE-2023-52265
IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the /api/email/update data.

πŸŽ–@cveNotify
60
CVE Notify

20 Nov, 20:07

🚨 CVE-2024-33015
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.

πŸŽ–@cveNotify
65
CVE Notify

20 Nov, 19:37

🚨 CVE-2018-9471
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.

πŸŽ–@cveNotify
85
CVE Notify

20 Nov, 19:37

🚨 CVE-2018-9470
In bff_Scanner_addOutPos of Scanner.c, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is needed for exploitation.

πŸŽ–@cveNotify
82
CVE Notify

20 Nov, 19:37

🚨 CVE-2018-9469
In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut due to a missing permission check. This could lead to local escalation of privilege in a privileged app with no additional execution privileges needed. User interaction is needed for exploitation.

πŸŽ–@cveNotify
73
CVE Notify

29 Oct, 10:37

🚨 CVE-2024-9376
The Kata Plus – Addons for Elementor – Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

πŸŽ–@cveNotify
9
CVE Notify

29 Oct, 10:37

🚨 CVE-2024-10437
The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to unauthorized Smar Message activation/deactivation due to a missing capability check on the ajax_enable function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate or deactivate smart messages.

πŸŽ–@cveNotify
3
CVE Notify

29 Oct, 10:37

🚨 CVE-2024-10227
The affiliate-toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atkp_product shortcode in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

πŸŽ–@cveNotify
9
CVE Notify

29 Oct, 10:37

🚨 CVE-2024-50550
Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.5.1.

πŸŽ–@cveNotify
9
CVE Notify

29 Oct, 10:37

🚨 CVE-2024-10436
The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.1 via the get_condition_value function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other β€œsafe” file types can be uploaded and included.

πŸŽ–@cveNotify
8
CVE Notify

29 Oct, 09:37

🚨 CVE-2024-22066
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the device.

πŸŽ–@cveNotify
93
CVE Notify

29 Oct, 09:37

🚨 CVE-2024-45477
Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site scripting. An authenticated user, authorized to configure a Parameter Context, can enter arbitrary JavaScript code, which the client browser will execute within the session context of the authenticated user. Upgrading to Apache NiFi 1.28.0 or 2.0.0-M4 is the recommended mitigation.

πŸŽ–@cveNotify
94
CVE Notify

29 Oct, 09:37

🚨 CVE-2024-10048
The Post Status Notifier Lite and Premium plugins for WordPress is vulnerable to Reflected Cross-Site Scripting via the β€˜page’ parameter in all versions up to, and including, 1.11.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

πŸŽ–@cveNotify
90
CVE Notify

29 Oct, 08:37

🚨 CVE-2024-37672
Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the idactivity parameter.

πŸŽ–@cveNotify
151
CVE Notify

29 Oct, 06:37

🚨 CVE-2024-10008
The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to unauthorized user profile modification due to missing authorization checks on the /wp-json/masteriyo/v1/users/$id REST API endpoint in all versions up to, and including, 1.13.3. This makes it possible for authenticated attackers, with student-level access and above, to modify the roles of arbitrary users. As a result, attackers can escalate their privileges to the Administrator and demote existing administrators to students.

πŸŽ–@cveNotify
204
CVE Notify

29 Oct, 06:37

🚨 CVE-2024-10000
The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the question's content parameter in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with student-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

πŸŽ–@cveNotify
181
CVE Notify

29 Oct, 01:37

🚨 CVE-2024-45656
IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP.

πŸŽ–@cveNotify
250
CVE Notify

29 Oct, 01:37

🚨 CVE-2024-10478
A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file /admin#article/edit?id=2 of the component Edit Article Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

πŸŽ–@cveNotify
218
CVE Notify

29 Oct, 01:37

🚨 CVE-2024-10477
A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /admin#permissions of the component Permission Management Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

πŸŽ–@cveNotify
155
CVE Notify

29 Oct, 01:07

🚨 CVE-2024-10418
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /file/infoAdd.php. The manipulation of the argument bg leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

πŸŽ–@cveNotify
91
CVE Notify

29 Oct, 01:07

🚨 CVE-2024-10425
A vulnerability was found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /student/project_selection/move_up_project.php of the component Project Selection Page. The manipulation of the argument up leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

πŸŽ–@cveNotify
149
CVE Notify

29 Oct, 01:07

🚨 CVE-2024-10424
A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/project_selection/remove_project.php of the component Project Selection Page. The manipulation of the argument no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

πŸŽ–@cveNotify
114
CVE Notify

29 Oct, 00:38

🚨 CVE-2024-10421
A vulnerability classified as critical was found in SourceCodester Attendance and Payroll System 1.0. This vulnerability affects unknown code of the file /admin/overtime_row.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

πŸŽ–@cveNotify
74
CVE Notify

29 Oct, 00:38

🚨 CVE-2024-10422
A vulnerability, which was classified as critical, has been found in SourceCodester Attendance and Payroll System 1.0. This issue affects some unknown processing of the file /admin/overtime_add.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

πŸŽ–@cveNotify
74
CVE Notify

29 Oct, 00:38

🚨 CVE-2024-10423
A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/project_selection/project_selection.php of the component Project Selection Page. The manipulation of the argument project_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

πŸŽ–@cveNotify
92

2024 All Right Reserved

Disclaimer: The content displayed on this website is solely provided by the respective Telegram channels. We hold no ownership or responsibility for the content shared by these channels.