CVE Watch
Every published CVE, mapped to engagement reality.
Crawled from cve.org every day. Each entry annotated with the QSearch coverage signal — how many of our agents, skills, and playbooks address the technique. Subscribe via RSS for SIEM pipe, or get the weekly digest by email.
ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions
ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.
showdocCWE-434All versions of yongyou PLM are affected by a command injection issue
All versions of yongyou PLM are affected by a command injection issue. UFIDA PLM (Product Life Cycle Management) is a strategic management method. It applies a series of enterprise application systems to support the entire process from conceptual design to the end of product life, and the collaborative creation, distribution, application and management of product information across organizations. Yonyou PLM uses jboss by default, and you can access the management control background without authorization An attacker can use this vulnerability to gain server permissions.
yonyouCWE-77The scheduler service running on a specific TCP port enables the user to start and stop jobs
The scheduler service running on a specific TCP port enables the user to start and stop jobs. There is no sanitation of the supplied JOB ID provided to the function. An attacker may send a malicious payload that can enable the user to execute another SQL expression by sending a specific string.
auvesyCWE-89There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the mani...
There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files.
auvesyCWE-73The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permi...
The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.
auvesyCWE-732The affected product’s code base doesn’t properly control arguments for specific functions, which could lead to a stack overflow
The affected product’s code base doesn’t properly control arguments for specific functions, which could lead to a stack overflow.
auvesyCWE-119CWE-787There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or creat...
There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files.
auvesyCWE-434Many of the services used by the affected product do not specify full paths for the DLLs they are loading
Many of the services used by the affected product do not specify full paths for the DLLs they are loading. An attacker can exploit the uncontrolled search path by implanting their own DLL near the affected product’s binaries, thus hijacking the loaded DLL.
auvesyCWE-427A specific function code receives a raw pointer supplied by the user and deallocates this pointer
A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition.
auvesyCWE-416The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent
The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent. Resource consumption can be achieved by generating large amounts of installations, which are then saved without limitation in the temp folder of the webinstaller executable.
auvesyCWE-400CWE-770The affected product does not properly control the allocation of resources
The affected product does not properly control the allocation of resources. A user may be able to allocate unlimited memory buffers using API functions.
auvesyCWE-400CWE-770The affected product uses a hard-coded blowfish key for encryption/decryption processes
The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries.
auvesyCWE-321CWE-798The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level
The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake packets between admin/client connections. Using the SYSDBA permission, an attacker can change user passwords or delete the database.
auvesyCWE-294The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server withou...
The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication.
auvesyCWE-284CWE-306The affected product’s OS Service does not verify any given parameter
The affected product’s OS Service does not verify any given parameter. A user can supply any type of parameter that will be passed to inner calls without checking the type of the parameter or the value.
auvesyCWE-20Some API functions allow interaction with the registry, which includes reading values as well as data modification
Some API functions allow interaction with the registry, which includes reading values as well as data modification.
auvesyCWE-15Some API functions permit by-design writing or copying data into a given buffer
Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected product.
auvesyCWE-123Rasa is an open source machine learning framework to automate text-and voice-based conversations
Rasa is an open source machine learning framework to automate text-and voice-based conversations. In affected versions a vulnerability exists in the functionality that loads a trained model `tar.gz` file which allows a malicious actor to craft a `model.tar.gz` file which can overwrite or replace bot files in the bot directory. The vulnerability is fixed in Rasa 2.8.10. For users unable to update ensure that users do not upload untrusted model files, and restrict CLI or API endpoint access where a malicious actor could target a deployed Rasa instance.
rasaCWE-22CWE-23Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method i...
Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the server.
adobeCWE-502The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/Cat...
The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation. This makes it possible for an attacker with administrative privileges to upload malicious files that can be used to achieve remote code execution.
catchpluginsCWE-434
9.8 CRITICAL
8.1 HIGHWeekly digest
Get the curated CVE digest every Monday
One email a week, sent Monday morning CET. The CVEs published or modified in the last seven days, severity-ordered, with the QSearch coverage signal. Unsubscribe with one click — included in every send.
Pipe the CVE feed into your stack.
CVE Watch publishes RSS, Atom, and JSON feeds — wire them into your SIEM, Slack, Discord, or your RSS reader of choice. Or get the curated weekly digest by email.