Security Vulnerabilities - CVEs Published In January 2024
swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-01-19
A vulnerability was found in ProSSHD 1.2 on Windows. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251548.
CVSS Score
5.3
EPSS Score
0.025
Published
2024-01-19
A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin_login.php of the component Admin Login Module. The manipulation of the argument msg with the input test%22%3Cscript%3Ealert(%27Torada%27)%3C/script%3E leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251549 was assigned to this vulnerability.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-01-19
A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-01-19
A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-01-19
A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-01-19
A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-01-19
A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-01-19
swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-01-19
MultiSigWallet 0xF0C99 was discovered to contain a reentrancy vulnerability via the function executeTransaction.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-01-19