Security Bulletin 17 May 2023

Published on 17 May 2023

SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.

The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:


Criticalvulnerabilities with a base score of 9.0 to 10.0
Highvulnerabilities with a base score of 7.0 to 8.9
Mediumvulnerabilities with a base score of 4.0 to 6.9
Lowvulnerabilities with a base score of 0.1 to 3.9
Nonevulnerabilities with a base score of 0.0

For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.

CRITICAL VULNERABILITIES
CVE NumberDescriptionBase ScoreReference
CVE-2018-3907An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'on_url' callback. An attacker can send an HTTP request to trigger this vulnerability.10https://nvd.nist.gov/vuln/detail/CVE-2018-3907
CVE-2019-18253An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory.10https://nvd.nist.gov/vuln/detail/CVE-2019-18253
CVE-2023-30856eDEX-UI is a science fiction terminal emulator. Versions 2.2.8 and prior are vulnerable to cross-site websocket hijacking. When running eDEX-UI and browsing the web, a malicious website can connect to eDEX's internal terminal control websocket, and send arbitrary commands to the shell. The project has been archived since 2021, and as of time of publication there are no plans to patch this issue and release a new version. Some workarounds are available, including shutting down eDEX-UI when browsing the web and ensuring the eDEX terminal runs with lowest possible privileges.10https://nvd.nist.gov/vuln/detail/CVE-2023-30856
CVE-2023-2564OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0.10https://nvd.nist.gov/vuln/detail/CVE-2023-2564
CVE-2023-2583Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3.10https://nvd.nist.gov/vuln/detail/CVE-2023-2583
CVE-2018-3903On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call overflows the destination buffer, which has a size of 512 bytes. An attacker can send an arbitrarily long "url" value in order to overwrite the saved-PC with 0x42424242.9.9https://nvd.nist.gov/vuln/detail/CVE-2018-3903
CVE-2018-3905An exploitable buffer overflow vulnerability exists in the camera "create" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the "state" field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.9.9https://nvd.nist.gov/vuln/detail/CVE-2018-3905
CVE-2018-3866An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strcpy at [8] overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long 'callbackUrl' value in order to exploit this vulnerability.9.9https://nvd.nist.gov/vuln/detail/CVE-2018-3866
CVE-2018-3904An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.9.9https://nvd.nist.gov/vuln/detail/CVE-2018-3904
CVE-2023-22651Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to\n the misconfiguration of the Webhook. This component enforces validation\n rules and security checks before resources are admitted into the \nKubernetes cluster.\nThe issue only affects users that upgrade from 2.6.x or 2.7.x to 2.7.2. Users that did a fresh install of 2.7.2 (and did not follow an upgrade path) are not affected.\n\n9.9https://nvd.nist.gov/vuln/detail/CVE-2023-22651
CVE-2023-27407A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user input, making it susceptible to command injection. This could allow an authenticated remote attacker to access the underlying operating system as the root user.9.9https://nvd.nist.gov/vuln/detail/CVE-2023-27407
CVE-2018-14805ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-14805
CVE-2019-0160Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-0160
CVE-2019-5620ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-5620
CVE-2022-26562An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core <= v11.0.2.51 contains an issue which allows attackers to authenticate even if the user account or password is expired. It also exists in the predecessor Zarafa Collaboration Platform (ZCP) in provider/libserver/ECPamAuth.cpp of Zarafa >= 6.30 (introduced between 6.30.0 RC1e and 6.30.8 final).9.8https://nvd.nist.gov/vuln/detail/CVE-2022-26562
CVE-2022-41380The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41380
CVE-2022-41381The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41381
CVE-2022-41382The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41382
CVE-2022-41383The d8s-archives package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41383
CVE-2022-41384The d8s-domains package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41384
CVE-2022-41385The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41385
CVE-2022-41386The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41386
CVE-2022-41387The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41387
CVE-2022-42036The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-42036
CVE-2022-42037The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-42037
CVE-2022-42039The d8s-lists package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-42039
CVE-2022-42040The d8s-algorithms package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-42040
CVE-2022-42041The d8s-file-system package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-42041
CVE-2022-42042The d8s-networking package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-42042
CVE-2022-42043The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-42043
CVE-2022-42044The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-42044
CVE-2022-38143A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to arbitrary out of bounds memory, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-38143
CVE-2022-41639A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41639
CVE-2022-41794A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41794
CVE-2022-41837An out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially-crafted exif metadata can lead to stack-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41837
CVE-2022-41838A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-41838
CVE-2022-47939An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-47939
CVE-2022-44640Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).9.8https://nvd.nist.gov/vuln/detail/CVE-2022-44640
CVE-2020-12069In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-12069
CVE-2022-48337GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-48337
CVE-2023-24838HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-24838
CVE-2022-43939\nHitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. \n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2022-43939
CVE-2022-47758Nanoleaf firmware v7.1.1 and below is missing an SSL certificate, allowing attackers to execute arbitrary code via a DHCP hijacking attack.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-47758
CVE-2023-27971Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-27971
CVE-2023-27972Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-27972
CVE-2023-26089European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak hard-coded secret is used for JWT signing. The affected versions are 5.15.0 through 6.27.5.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-26089
CVE-2023-25826\nDue to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was previously disclosed as CVE-2020-35476. Regex validation that was implemented to restrict allowed input to the query API does not work as intended, allowing crafted commands to bypass validation.\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-25826
CVE-2022-47757In imo.im 2022.11.1051, a path traversal vulnerability delivered via an unsanitized deeplink can force the application to write a file into the application's data directory. This may allow an attacker to save a shared library under a special directory which the app uses to dynamically load modules. Loading the library can lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2022-47757
CVE-2023-29842ChurchCRM 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQL Injection (Time-based) via the EN_tyid POST parameter.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-29842
CVE-2023-30077Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/review_result.php?mainevent_id=, mainevent_id.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30077
CVE-2023-30331An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection (SSTI) via a crafted payload.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30331
CVE-2023-29827ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-29827
CVE-2023-2519A vulnerability has been found in Caton CTP Relay Server 1.2.9 and classified as critical. This vulnerability affects unknown code of the file /server/api/v1/login of the component API. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. VDB-228010 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-2519
CVE-2023-2520A vulnerability was found in Caton Prime 2.1.2.51.e8d7225049(202303031001) and classified as critical. This issue affects some unknown processing of the file cgi-bin/tools_ping.cgi?action=Command of the component Ping Handler. The manipulation of the argument Destination leads to command injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228011. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-2520
CVE-2023-30203Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event_id parameter at /php-jms/result_sheet.php.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30203
CVE-2023-2523A vulnerability was found in Weaver E-Office 9.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file App/Ajax/ajax.php?action=mobile_upload_save. The manipulation of the argument upload_quwan leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228014 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-2523
CVE-2023-2524A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects an unknown part of the file /v2/#/. The manipulation leads to direct request. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-228015. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-2524
CVE-2023-20126A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges. Cisco has not released firmware updates to address this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-20126
CVE-2023-23059An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which contains improper permissions within the default installation and allows attackers to execute arbitrary code and gain escalated privileges.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-23059
CVE-2023-30264CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30264
CVE-2023-30268CLTPHP <=6.0 is vulnerable to Improper Input Validation.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30268
CVE-2023-21494Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-21494
CVE-2023-21503Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-21503
CVE-2023-21504Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-21504
CVE-2023-30328An issue in the helper tool of Mailbutler GmbH Shimo VPN Client for macOS v5.0.4 allows attackers to bypass authentication via PID re-use.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30328
CVE-2023-2531Improper Restriction of Excessive Authentication Attempts in GitHub repository azuracast/azuracast prior to 0.18.3.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-2531
CVE-2023-30122An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30122
CVE-2023-30135Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30135
CVE-2023-30090Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows attackers to execute arbitrary code via uploading a crafted PHP file.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30090
CVE-2023-30242NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30242
CVE-2023-30013TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30013
CVE-2023-30053TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30053
CVE-2023-30054TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30054
CVE-2016-15031A vulnerability was found in PHP-Login 1.0. It has been declared as critical. This vulnerability affects the function checkLogin of the file login/scripts/class.loginscript.php of the component POST Parameter Handler. The manipulation of the argument myusername leads to sql injection. The attack can be initiated remotely. Upgrading to version 2.0 is able to address this issue. The name of the patch is 0083ec652786ddbb81335ea20da590df40035679. It is recommended to upgrade the affected component. VDB-228022 is the identifier assigned to this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2016-15031
CVE-2023-31047In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation suggested otherwise.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-31047
CVE-2023-29944Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench9.8https://nvd.nist.gov/vuln/detail/CVE-2023-29944
CVE-2023-30185CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \\attachment\\SystemAttachmentServices.php.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30185
CVE-2023-30018Judging Management System v1.0 is vulnerable to SQL Injection. via /php-jms/review_se_result.php?mainevent_id=.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30018
CVE-2023-31039Security vulnerability in Apache bRPC <1.5.0 on all platforms allows attackers to execute arbitrary code via ServerOptions::pid_file.\nAn attacker that can influence the ServerOptions pid_file parameter with which the bRPC server is started can execute arbitrary code with the permissions of the bRPC process.\n\nSolution:\n1. upgrade to bRPC >= 1.5.0, download link:  https://dist.apache.org/repos/dist/release/brpc/1.5.0/ https://dist.apache.org/repos/dist/release/brpc/1.5.0/ \n2. If you are using an old version of bRPC and hard to upgrade, you can apply this patch:  https://github.com/apache/brpc/pull/2218 https://github.com/apache/brpc/pull/22189.8https://nvd.nist.gov/vuln/detail/CVE-2023-31039
CVE-2023-25754Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0.\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-25754
CVE-2020-23966SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET request.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-23966
CVE-2022-4118The Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop WordPress plugin through 1.7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by authenticated users9.8https://nvd.nist.gov/vuln/detail/CVE-2022-4118
CVE-2023-1650The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog9.8https://nvd.nist.gov/vuln/detail/CVE-2023-1650
CVE-2023-22779There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-22779
CVE-2023-22780There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-22780
CVE-2023-22781There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-22781
CVE-2023-22782There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-22782
CVE-2023-22783There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-22783
CVE-2023-22784There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-22784
CVE-2023-22785There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-22785
CVE-2023-22786There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-22786
CVE-2023-29693H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-29693
CVE-2023-29696H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-29696
CVE-2023-30092SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-30092
CVE-2023-23526This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper9.8https://nvd.nist.gov/vuln/detail/CVE-2023-23526
CVE-2023-27953The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory9.8https://nvd.nist.gov/vuln/detail/CVE-2023-27953
CVE-2023-28201This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution9.8https://nvd.nist.gov/vuln/detail/CVE-2023-28201
CVE-2023-24507\n\n\nAgilePoint NX v8.0 SU2.2 & SU2.3 – Insecure File Upload - Vulnerability allows insecure file upload, by an unspecified request.\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-24507
CVE-2023-31129The Contiki-NG operating system versions 4.8 and prior can be triggered to dereference a NULL pointer in the message handling code for IPv6 router solicitiations. Contiki-NG contains an implementation of IPv6 Neighbor Discovery (ND) in the module `os/net/ipv6/uip-nd6.c`. The ND protocol includes a message type called Router Solicitation (RS), which is used to locate routers and update their address information via the SLLAO (Source Link-Layer Address Option). If the indicated source address changes, a given neighbor entry is set to the STALE state.\n\nThe message handler does not check for RS messages with an SLLAO that indicates a link-layer address change that a neighbor entry can actually be created for the indicated address. The resulting pointer is used without a check, leading to the dereference of a NULL pointer of type `uip_ds6_nbr_t`.\n\nThe problem has been patched in the `develop` branch of Contiki-NG, and will be included in the upcoming 4.9 release. As a workaround, users can apply Contiki-NG pull request #2271 to patch the problem directly.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-31129
CVE-2023-31182\n EasyTor Applications – Authorization Bypass - EasyTor Applications may allow authorization bypass via unspecified method.\n\n\n\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-31182
CVE-2023-2594A vulnerability, which was classified as critical, was found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the component Registration. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228396.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-2594
CVE-2023-2595A vulnerability has been found in SourceCodester Billing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax_service.php of the component POST Parameter Handler. The manipulation of the argument drop_services leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228397 was assigned to this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-2595
CVE-2023-2596A vulnerability was found in SourceCodester Online Reviewer System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /reviewer/system/system/admins/manage/users/user-update.php of the component GET Parameter Handler. The manipulation of the argument user_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228398 is the identifier assigned to this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-2596
CVE-2023-31975yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-31975
CVE-2023-29460An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of confidentiality, integrity, and availability.\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-29460
CVE-2023-29461An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. \n\n potentially resulting in a complete loss of confidentiality, integrity, and availability.\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-29461
CVE-2023-31143mage-ai is an open-source data pipeline tool for transforming and integrating data. Those who use Mage starting in version 0.8.34 and prior to 0.8.72 with user authentication enabled may be affected by a vulnerability. The terminal could be accessed by users who are not signed in or do not have editor permissions. Version 0.8.72 contains a fix for this issue.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-31143
CVE-2023-24941Windows Network File System Remote Code Execution Vulnerability9.8https://nvd.nist.gov/vuln/detail/CVE-2023-24941
CVE-2023-24943Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability9.8https://nvd.nist.gov/vuln/detail/CVE-2023-24943
CVE-2023-32569An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-32569
CVE-2023-2619A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects the function exec of the file disapprove_delete.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228549 was assigned to this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-2619
CVE-2023-1698In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-1698
CVE-2023-31126`org.xwiki.commons:xwiki-commons-xml` is an XML library used by the open-source wiki platform XWiki. The HTML sanitizer, introduced in version 14.6-rc-1, allows the injection of arbitrary HTML code and thus cross-site scripting via invalid data attributes. This vulnerability does not affect restricted cleaning in HTMLCleaner as there attributes are cleaned and thus characters like `/` and `>` are removed in all attribute names. This problem has been patched in XWiki 14.10.4 and 15.0 RC1 by making sure that data attributes only contain allowed characters. There are no known workarounds apart from upgrading to a version including the fix.9.6https://nvd.nist.gov/vuln/detail/CVE-2023-31126
CVE-2023-32113SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.\n\n9.3https://nvd.nist.gov/vuln/detail/CVE-2023-32113
CVE-2022-41649A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive process information. An attacker can provide a malicious file to trigger this vulnerability.9.1https://nvd.nist.gov/vuln/detail/CVE-2022-41649
CVE-2022-32528\nA CWE-306: Missing Authentication for Critical Function vulnerability exists that could\ncause access to manipulate and read specific files in the IGSS project report directory,\npotentially leading to a denial-of-service condition when an attacker sends specific messages.\n\n Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)\n\n9.1https://nvd.nist.gov/vuln/detail/CVE-2022-32528
CVE-2023-27958The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory9.1https://nvd.nist.gov/vuln/detail/CVE-2023-27958
CVE-2023-31123`effectindex/tripreporter` is a community-powered, universal platform for submitting and analyzing trip reports. Prior to commit bd80ba833b9023d39ca22e29874296c8729dd53b, any user with an account on an instance of `effectindex/tripreporter`, e.g. `subjective.report`, may be affected by an improper password verification vulnerability. The vulnerability allows any user with a password matching the password requirements to log in as any user. This allows access to accounts / data loss of the user. This issue is patched in commit bd80ba833b9023d39ca22e29874296c8729dd53b. No action necessary for users of `subjective.report`, and anyone running their own instance should update to this commit or newer as soon as possible. As a workaround, someone running their own instance may apply the patch manually.9.1https://nvd.nist.gov/vuln/detail/CVE-2023-31123
CVE-2023-31178AgilePoint NX v8.0 SU2.2 & SU2.3 – Arbitrary File Delete Vulnerability allows arbitrary file deletion, by an unspecified request.\n\n9.1https://nvd.nist.gov/vuln/detail/CVE-2023-31178
CVE-2023-30744In SAP AS NetWeaver JAVA - versions SERVERCORE 7.50, J2EE-FRMW 7.50, CORE-TOOLS 7.50, an unauthenticated attacker can attach to an open interface and make use of an open naming and directory API to instantiate an object which has methods which can be called without further authorization and authentication.  A subsequent call to one of these methods can read or change the state of existing services without any effect on availability.\n\n9.1https://nvd.nist.gov/vuln/detail/CVE-2023-30744
CVE-2023-32071XWiki Platform is a generic wiki platform. Starting in versions 2.2-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, it's possible to execute javascript with the right of any user by leading him to a special URL on the wiki targeting a page which contains an attachment. This has been patched in XWiki 15.0-rc-1, 14.10.4, and 14.4.8. The easiest possible workaround is to edit file `<xwiki app>/templates/importinline.vm` and apply the modification described in commit 28905f7f518cc6f21ea61fe37e9e1ed97ef36f01.9https://nvd.nist.gov/vuln/detail/CVE-2023-32071

OTHER VULNERABILITIES
CVE NumberDescriptionBase ScoreReference
CVE-2015-8823Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822.8.8https://nvd.nist.gov/vuln/detail/CVE-2015-8823
CVE-2017-6744The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.\r\n\r The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.\r\n\r There are workarounds that address these vulnerabilities.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-6744
CVE-2017-16731An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). A vulnerability exists in the authentication of Ellipse to LDAP/AD using the LDAP protocol. An attacker could exploit the vulnerability by sniffing local network traffic, allowing the discovery of authentication credentials.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-16731
CVE-2018-3864An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "password" value in order to exploit this vulnerability.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-3864
CVE-2019-7225The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7225
CVE-2019-9013An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component are affected regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (also part of the CODESYS Development System setup), CODESYS V3 Simulation Runtime (part of the CODESYS Development System), CODESYS Control V3 Runtime System Toolkit, CODESYS HMI V3.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-9013
CVE-2020-15888Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-15888
CVE-2021-3653A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-3653
CVE-2021-31888A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)8.8https://nvd.nist.gov/vuln/detail/CVE-2021-31888
CVE-2021-33621The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-33621
CVE-2022-47942An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47942
CVE-2022-45608An issue was discovered in ThingsBoard 3.4.1, allows low privileged attackers (CUSTOMER_USER) to gain escalated privileges (vertically) and become an Administrator (TENANT_ADMIN) or (SYS_ADMIN) on the web application. It is important to note that in order to accomplish this, the attacker must know the corresponding API's parameter (authority : value).8.8https://nvd.nist.gov/vuln/detail/CVE-2022-45608
CVE-2023-24788NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-24788
CVE-2023-28205A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3.1, iOS 16.4.1 and iPadOS 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-28205
CVE-2023-27976\nA CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause\nremote code execution when a valid user visits a malicious link provided through the web\nendpoints. Affected Products: EcoStruxure Control Expert (V15.1 and above)8.8https://nvd.nist.gov/vuln/detail/CVE-2023-27976
CVE-2023-2260Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-2260
CVE-2023-30624Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled with LLVM 16 which causes some writes, which are critical for correctness, to be optimized away. Vulnerable versions of Wasmtime compiled with Rust 1.70, which is currently in beta, or later are known to have incorrectly compiled functions. Versions of Wasmtime compiled with the current Rust stable release, 1.69, and prior are not known at this time to have any issues, but can theoretically exhibit potential issues.\n\nThe underlying problem is that Wasmtime's runtime state for an instance involves a Rust-defined structure called `Instance` which has a trailing `VMContext` structure after it. This `VMContext` structure has a runtime-defined layout that is unique per-module. This representation cannot be expressed with safe code in Rust so `unsafe` code is required to maintain this state. The code doing this, however, has methods which take `&self` as an argument but modify data in the `VMContext` part of the allocation. This means that pointers derived from `&self` are mutated. This is typically not allowed, except in the presence of `UnsafeCell`, in Rust. When compiled to LLVM these functions have `noalias readonly` parameters which means it's UB to write through the pointers.\n\nWasmtime's internal representation and management of `VMContext` has been updated to use `&mut self` methods where appropriate. Additionally verification tools for `unsafe` code in Rust, such as `cargo miri`, are planned to be executed on the `main` branch soon to fix any Rust-level issues that may be exploited in future compiler versions.\n\nPrecomplied binaries available for Wasmtime from GitHub releases have been compiled with at most LLVM 15 so are not known to be vulnerable. As mentioned above, however, it's still recommended to update.\n\nWasmtime version 6.0.2, 7.0.1, and 8.0.1 have been issued which contain the patch necessary to work correctly on LLVM 16 and have no known UB on LLVM 15 and earlier. If Wasmtime is compiled with Rust 1.69 and prior, which use LLVM 15, then there are no known issues. There is a theoretical possibility for undefined behavior to exploited, however, so it's recommended that users upgrade to a patched version of Wasmtime. Users using beta Rust (1.70 at this time) or nightly Rust (1.71 at this time) must update to a patched version to work correctly.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-30624
CVE-2023-29057A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-29057
CVE-2023-0683A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-0683
CVE-2023-25492A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-25492
CVE-2022-47875A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47875
CVE-2022-47876The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47876
CVE-2022-47878Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47878
CVE-2023-26546European Chemicals Agency IUCLID before 6.27.6 allows remote authenticated users to execute arbitrary code via Server Side Template Injection (SSTI) with a crafted template file. The attacker must have template manager permission.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-26546
CVE-2022-30759In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-30759
CVE-2023-2461Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)8.8https://nvd.nist.gov/vuln/detail/CVE-2023-2461
CVE-2023-1385Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services.\n\nThis issue affects:\n\nAmazon Fire TV Stick 3rd gen versions prior to 6.2.9.5.\nInsignia TV with FireOS 7.6.3.3.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-1385
CVE-2023-28742\nWhen DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh.\n\n \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-28742
CVE-2023-22640A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-22640
CVE-2023-27568SQL injection vulnerability inSpryker Commerce OS 0.9 that allows for access to sensitive data via customer/order?orderSearchForm[searchText]=8.8https://nvd.nist.gov/vuln/detail/CVE-2023-27568
CVE-2023-31099Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-31099
CVE-2022-4259Due to improper input validation in the Alerts controller, a SQL injection vulnerability in Nozomi Networks Guardian and CMC allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-4259
CVE-2023-24958A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-24958
CVE-2023-31414Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-31414
CVE-2023-31415Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-31415
CVE-2022-45048Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. Users are recommended to update to version 2.4.0.\n\n\n8.8https://nvd.nist.gov/vuln/detail/CVE-2022-45048
CVE-2023-2551PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-2551
CVE-2023-2552Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-2552
CVE-2023-30065MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-30065
CVE-2023-31038SQL injection in Log4cxx when using the ODBC appender to send log messages to a database.  No fields sent to the database were properly escaped for SQL injection.  This has been the case since at least version 0.9.0(released 2003-08-06)\n\n\n\n\nNote that Log4cxx is a C++ framework, so only C++ applications are affected.\n\nBefore version 1.1.0, the ODBC appender was automatically part of Log4cxx if the library was found when compiling the library.  As of version 1.1.0, this must be both explicitly enabled in order to be compiled in.\n\n\n\n\nThree preconditions must be met for this vulnerability to be possible:\n\n1. Log4cxx compiled with ODBC support(before version 1.1.0, this was auto-detected at compile time)\n\n2. ODBCAppender enabled for logging messages to, generally done via a config file\n\n3. User input is logged at some point. If your application does not have user input, it is unlikely to be affected.\n\n\n\n\n\nUsers are recommended to upgrade to version 1.1.0 which properly binds the parameters to the SQL statement, or migrate to the new DBAppender class which supports an ODBC connection in addition to other databases. \nNote that this fix does require a configuration file update, as the old configuration files will not configure properly.  An example is shown below, and more information may be found in the Log4cxx documentation on the ODBCAppender.\n\n\n\n\n\nExample of old configuration snippet:\n\n<appender name="SqlODBCAppender" class="ODBCAppender">\n\n    <param name="sql" value="INSERT INTO logs (message) VALUES ('%m')" />\n\n    ... other params here ...\n\n</appender>\n\n\n\n\nThe migrated configuration snippet with new ColumnMapping parameters:\n\n\n<appender name="SqlODBCAppender" class="ODBCAppender">\n\n\n\n\n    <param name="sql" value="INSERT INTO logs (message) VALUES (?)" />\n\n    <param name="ColumnMapping" value="message"/>\n    ... other params here ...\n\n\n</appender>\n\n\n\n\n\n8.8https://nvd.nist.gov/vuln/detail/CVE-2023-31038
CVE-2023-2573Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the NTP server input field, which can be triggered by authenticated users via a crafted POST request.\n\n\n\n8.8https://nvd.nist.gov/vuln/detail/CVE-2023-2573
CVE-2023-2574Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request.\n8.8https://nvd.nist.gov/vuln/detail/CVE-2023-2574
CVE-2023-2575Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-2575
CVE-2020-18131Cross Site Request Forgery (CSRF) vulnerability in Bluethrust Clan Scripts v4 allows attackers to escilate privledges to an arbitrary account via a crafted request to /members/console.php?cID=5.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-18131
CVE-2020-22755File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-22755
CVE-2020-36065Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-36065
CVE-2021-28999SQL Injection vulnerability in CMS Made Simple through 2.2.15 allows remote attackers to execute arbitrary commands via the m1_sortby parameter to modules/News/function.admin_articlestab.php.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-28999
CVE-2023-0603The Sloth Logo Customizer WordPress plugin through 2.0.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack8.8https://nvd.nist.gov/vuln/detail/CVE-2023-0603
CVE-2023-0768The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-0768
CVE-2023-22788Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-22788
CVE-2023-22789Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-22789
CVE-2023-22790Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-22790
CVE-2023-30844Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in `mutagen` and prior to version 0.17.1 in `mutagen-compose`, Mutagen `list` and `monitor` commands are susceptible to control characters that could be provided by remote endpoints. This could cause terminal corruption, either intentional or unintentional, if these characters were present in error messages or file paths/names. This could be used as an attack vector if synchronizing with an untrusted remote endpoint, synchronizing files not under control of the user, or forwarding to/from an untrusted remote endpoint. On very old systems with terminals susceptible to issues such as CVE-2003-0069, the issue could theoretically cause code execution. The problem has been patched in Mutagen v0.16.6 and v0.17.1. Earlier versions of Mutagen are no longer supported and will not be patched. Versions of Mutagen after v0.18.0 will also have the patch merged. As a workaround, avoiding synchronization of untrusted files or interaction with untrusted remote endpoints should mitigate any risk.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-30844
CVE-2023-1031MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `settings` endpoint and first_name parameter.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-1031
CVE-2023-1094MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/food` endpoint and food parameter.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-1094
CVE-2023-23532This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to break out of its sandbox8.8https://nvd.nist.gov/vuln/detail/CVE-2023-23532
CVE-2023-27934A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution8.8https://nvd.nist.gov/vuln/detail/CVE-2023-27934
CVE-2023-27935The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected app termination or arbitrary code execution8.8https://nvd.nist.gov/vuln/detail/CVE-2023-27935
CVE-2023-31127libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual\nauthentication, the attacker may be able to establish the session with `KEY_EXCHANGE` and `PSK_FINISH` to bypass the mutual authentication. This is most likely to happen when the Requester begins a session using one method (DHE, for example) and then uses the other method's finish (PSK_FINISH in this example) to establish the session. The session hashes would be expected to fail in this case, but the condition was not detected.\n\nThis issue only impacts the SPDM responder, which supports `KEY_EX_CAP=1 and `PSK_CAP=10b` at same time with mutual authentication requirement. The SPDM requester is not impacted. The SPDM responder is not impacted if `KEY_EX_CAP=0` or `PSK_CAP=0` or `PSK_CAP=01b`. The SPDM responder is not impacted if mutual authentication is not required.\n\nlibspdm 1.0, 2.0, 2.1, 2.2, 2.3 are all impacted. Older branches are not maintained, but users of the 2.3 branch may receive a patch in version 2.3.2. The SPDM specification (DSP0274) does not contain this vulnerability.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-31127
CVE-2023-31976libming v0.4.8 was discovered to contain a stack buffer overflow via the function makeswf_preprocess at /util/makeswf_utils.c.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-31976
CVE-2020-23363Cross Site Request Forgery (CSRF) vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-23363
CVE-2023-32069XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-2 and prior to versions 14.10.4 and 15.0-rc-1, it's possible for a user to execute anything with the right of the author of the XWiki.ClassSheet document. This has been patched in XWiki 15.0-rc-1 and 14.10.4. There are no known workarounds.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-32069
CVE-2023-24947Windows Bluetooth Driver Remote Code Execution Vulnerability8.8https://nvd.nist.gov/vuln/detail/CVE-2023-24947
CVE-2023-25832There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.0 and below that may allow an attacker to trick an authorized user into executing unwanted actions. 8.8https://nvd.nist.gov/vuln/detail/CVE-2023-25832
CVE-2022-45846Cross-Site Request Forgery (CSRF) vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin < 5.6.9 versions.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-45846
CVE-2023-31566Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().8.8https://nvd.nist.gov/vuln/detail/CVE-2023-31566
CVE-2023-31567Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-31567
CVE-2023-31568Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-31568
CVE-2022-47379An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47379
CVE-2022-47380An authenticated remote attacker may use a stack based  out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47380
CVE-2022-47381An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47381
CVE-2022-47382An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47382
CVE-2022-47383An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47383
CVE-2022-47384An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47384
CVE-2022-47385An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47385
CVE-2022-47386An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47386
CVE-2022-47387An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47387
CVE-2022-47388An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47388
CVE-2022-47389An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47389
CVE-2022-47390An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2022-47390
CVE-2023-21505Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox.8.6https://nvd.nist.gov/vuln/detail/CVE-2023-21505
CVE-2022-46720An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to break out of its sandbox8.6https://nvd.nist.gov/vuln/detail/CVE-2022-46720
CVE-2023-27944This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to break out of its sandbox8.6https://nvd.nist.gov/vuln/detail/CVE-2023-27944
CVE-2023-27967The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges8.6https://nvd.nist.gov/vuln/detail/CVE-2023-27967
CVE-2018-18559In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.8.1https://nvd.nist.gov/vuln/detail/CVE-2018-18559
CVE-2019-6974In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.8.1https://nvd.nist.gov/vuln/detail/CVE-2019-6974
CVE-2022-41981A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.8.1https://nvd.nist.gov/vuln/detail/CVE-2022-41981
CVE-2022-43597Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT8`.8.1https://nvd.nist.gov/vuln/detail/CVE-2022-43597
CVE-2022-43598Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`.8.1https://nvd.nist.gov/vuln/detail/CVE-2022-43598
CVE-2022-43599Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8`8.1https://nvd.nist.gov/vuln/detail/CVE-2022-43599
CVE-2022-43600Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16`8.1https://nvd.nist.gov/vuln/detail/CVE-2022-43600
CVE-2022-43601Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16`8.1https://nvd.nist.gov/vuln/detail/CVE-2022-43601
CVE-2022-43602Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8`8.1https://nvd.nist.gov/vuln/detail/CVE-2022-43602
CVE-2022-47943An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.8.1https://nvd.nist.gov/vuln/detail/CVE-2022-47943
CVE-2023-31435Multiple components (such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews) in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly.8.1https://nvd.nist.gov/vuln/detail/CVE-2023-31435
CVE-2023-28656\nNGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.  \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n\n\n8.1https://nvd.nist.gov/vuln/detail/CVE-2023-28656
CVE-2023-30399Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.8.1https://nvd.nist.gov/vuln/detail/CVE-2023-30399
CVE-2021-40331An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled\nThis issue affects Apache Ranger Hive Plugin: from 2.0.0 through 2.3.0. Users are recommended to upgrade to version 2.4.0 or later.\n\n\n8.1https://nvd.nist.gov/vuln/detail/CVE-2021-40331
CVE-2023-2534Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain live insight into overall system usage. User IDs can easily be correlated with real names e. g. via\nticket histories by any user. (Fuzzing for garnering other adjacent user/sensitive data). Subscribing to all possible push events could also lead to performance implications on the server side, depending on the size of the installation\nand the number of active users. (Flooding)This issue affects OTRS: from 8.0.X before 8.0.32.\n\n8.1https://nvd.nist.gov/vuln/detail/CVE-2023-2534
CVE-2023-24903Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability8.1https://nvd.nist.gov/vuln/detail/CVE-2023-24903
CVE-2023-28283Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability8.1https://nvd.nist.gov/vuln/detail/CVE-2023-28283
CVE-2018-16884A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.8https://nvd.nist.gov/vuln/detail/CVE-2018-16884
CVE-2019-15613A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.8https://nvd.nist.gov/vuln/detail/CVE-2019-15613
CVE-2016-9777KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.7.8https://nvd.nist.gov/vuln/detail/CVE-2016-9777
CVE-2018-1168This vulnerability allows local attackers to escalate privileges on vulnerable installations of ABB MicroSCADA 9.3 with FP 1-2-3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of the access controls for the installed product files. The installation procedure leaves critical files open to manipulation by any authenticated user. An attacker can leverage this vulnerability to escalate privileges to SYSTEM. Was ZDI-CAN-5097.7.8https://nvd.nist.gov/vuln/detail/CVE-2018-1168
CVE-2018-3916An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 136 bytes. An attacker can send an arbitrarily long 'directory' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2018-3916
CVE-2020-15777An issue was discovered in the Maven Extension plugin before 1.6 for Gradle Enterprise. The extension uses a socket connection to send serialized Java objects. Deserialization is not restricted to an allow-list, thus allowing an attacker to achieve code execution via a malicious deserialization gadget chain. The socket is not bound exclusively to localhost. The port this socket is assigned to is randomly selected and is not intentionally exposed to the public (either by design or documentation). This could potentially be used to achieve remote code execution and local privilege escalation.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-15777
CVE-2020-27786A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-27786
CVE-2021-35039kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-35039
CVE-2021-35526Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data Manager – SDM600 allows attacker to gain access to sensitive information. This issue affects: Hitachi ABB Power Grids System Data Manager – SDM600 1.2 versions prior to FP2 HF6 (Build Nr. 1.2.14002.257).7.8https://nvd.nist.gov/vuln/detail/CVE-2021-35526
CVE-2021-42008The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-42008
CVE-2022-23222kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-23222
CVE-2021-22600A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a97557.8https://nvd.nist.gov/vuln/detail/CVE-2021-22600
CVE-2022-24122kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-24122
CVE-2022-0492A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-0492
CVE-2021-4197An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-4197
CVE-2022-28893The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-28893
CVE-2022-1882A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-1882
CVE-2022-1943A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially7.8https://nvd.nist.gov/vuln/detail/CVE-2022-1943
CVE-2022-32250net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-32250
CVE-2022-1998A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-1998
CVE-2022-34918An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-34918
CVE-2022-3545A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-3545
CVE-2022-47518An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-47518
CVE-2022-47519An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-47519
CVE-2022-34670NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-34670
CVE-2022-4696There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_SPLICE operation. If IORING_OP_SPLICE is missing the IO_WQ_WORK_FILES flag, which signals that the operation won't use current->nsproxy, so its reference counter is not increased. This assumption is not always true as calling io_splice on specific files will call the get_uts function which will use current->nsproxy leading to invalidly decreasing its reference counter later causing the use-after-free vulnerability. We recommend upgrading to version 5.10.160 or above7.8https://nvd.nist.gov/vuln/detail/CVE-2022-4696
CVE-2022-4139An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-4139
CVE-2022-48339An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48339
CVE-2023-26605In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-26605
CVE-2023-27010Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27010
CVE-2023-28617org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-28617
CVE-2023-0386A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-0386
CVE-2023-20993In multiple functions of SnoozeHelper.java, there is a possible failure to persist settings due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-2615888517.8https://nvd.nist.gov/vuln/detail/CVE-2023-20993
CVE-2023-1077In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-1077
CVE-2023-0179A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-0179
CVE-2023-0664A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-0664
CVE-2023-1579Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-1579
CVE-2023-28248Windows Kernel Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-28248
CVE-2023-28293Windows Kernel Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-28293
CVE-2023-29007Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29007
CVE-2023-26286IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX runtime services library to execute arbitrary commands. IBM X-Force ID: 248421.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-26286
CVE-2023-31436qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31436
CVE-2022-4568A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-4568
CVE-2023-21665Memory corruption in Graphics while importing a file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21665
CVE-2023-21666Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21666
CVE-2017-11197In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option.7.8https://nvd.nist.gov/vuln/detail/CVE-2017-11197
CVE-2020-22429redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /src/header/netdb/mod.rs.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-22429
CVE-2023-26203A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an authenticated attacker to access to the database via shell commands.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-26203
CVE-2023-25438An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote attackers to execute arbitrary code and gain escalated privileges via modifying specific files.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-25438
CVE-2023-31284illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31284
CVE-2023-21484Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21484
CVE-2023-21488Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21488
CVE-2023-21491Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21491
CVE-2023-21497Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21497
CVE-2023-21498Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21498
CVE-2023-21499Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21499
CVE-2023-21501Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21501
CVE-2023-21502Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21502
CVE-2023-21506Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21506
CVE-2023-21508Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21508
CVE-2023-21509Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-21509
CVE-2023-28068\nDell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path\n\n7.8https://nvd.nist.gov/vuln/detail/CVE-2023-28068
CVE-2023-30257A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build Number v1.0.4 allows attackers to escalate privileges to root.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-30257
CVE-2021-27280OS Command injection vulnerability in mblog 3.5.0 allows attackers to execute arbitrary code via crafted theme when it gets selected.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-27280
CVE-2023-30840Fluid is an open source Kubernetes-native distributed dataset orchestrator and accelerator for data-intensive applications. Starting in version 0.7.0 and prior to version 0.8.6, if a malicious user gains control of a Kubernetes node running fluid csi pod (controlled by the `csi-nodeplugin-fluid` node-daemonset), they can leverage the fluid-csi service account to modify specs of all the nodes in the cluster. However, since this service account lacks `list node` permissions, the attacker may need to use other techniques to identify vulnerable nodes.\n\nOnce the attacker identifies and modifies the node specs, they can manipulate system-level-privileged components to access all secrets in the cluster or execute pods on other nodes. This allows them to elevate privileges beyond the compromised node and potentially gain full privileged access to the whole cluster.\n\nTo exploit this vulnerability, the attacker can make all other nodes unschedulable (for example, patch node with taints) and wait for system-critical components with high privilege to appear on the compromised node. However, this attack requires two prerequisites: a compromised node and identifying all vulnerable nodes through other means.\n\nVersion 0.8.6 contains a patch for this issue. As a workaround, delete the `csi-nodeplugin-fluid` daemonset in `fluid-system` namespace and avoid using CSI mode to mount FUSE file systems. Alternatively, using sidecar mode to mount FUSE file systems is recommended.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-30840
CVE-2023-23525This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to gain root privileges7.8https://nvd.nist.gov/vuln/detail/CVE-2023-23525
CVE-2023-23536The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges7.8https://nvd.nist.gov/vuln/detail/CVE-2023-23536
CVE-2023-23540The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges7.8https://nvd.nist.gov/vuln/detail/CVE-2023-23540
CVE-2023-27936An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. An app may be able to cause unexpected system termination or write kernel memory7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27936
CVE-2023-27937An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27937
CVE-2023-27938An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27938
CVE-2023-27946An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27946
CVE-2023-27949An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27949
CVE-2023-27957A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27957
CVE-2023-27959The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27959
CVE-2023-27960This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macOS 10.4.8. An app may be able to gain elevated privileges during the installation of GarageBand7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27960
CVE-2023-27965A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27965
CVE-2023-27969A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27969
CVE-2023-27970An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges7.8https://nvd.nist.gov/vuln/detail/CVE-2023-27970
CVE-2023-28181The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges7.8https://nvd.nist.gov/vuln/detail/CVE-2023-28181
CVE-2023-32233In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-32233
CVE-2022-44433In phoneEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-44433
CVE-2022-48243In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48243
CVE-2022-48244In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48244
CVE-2022-48245In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48245
CVE-2022-48246In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48246
CVE-2022-48247In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48247
CVE-2022-48248In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48248
CVE-2022-48249In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48249
CVE-2022-48250In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48250
CVE-2022-48368In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48368
CVE-2022-48369In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48369
CVE-2022-48383.In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48383
CVE-2022-48384In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48384
CVE-2022-48388In powerEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2022-48388
CVE-2023-29092An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29092
CVE-2023-30237CyberGhostVPN Windows Client before v8.3.10.10015 was discovered to contain a DLL injection vulnerability via the component Dashboard.exe.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-30237
CVE-2023-31972yasm v1.3.0 was discovered to contain a use after free via the function pp_getline at /nasm/nasm-pp.c.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31972
CVE-2023-31974yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31974
CVE-2023-31973yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31973
CVE-2023-31979Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31979
CVE-2023-31981Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31981
CVE-2023-31982Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31982
CVE-2021-31240An issue found in libming v.0.4.8 allows a local attacker to execute arbitrary code via the parseSWF_IMPORTASSETS function in the parser.c file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-31240
CVE-2023-24902Win32k Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-24902
CVE-2023-24905Remote Desktop Client Remote Code Execution Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-24905
CVE-2023-24946Windows Backup Service Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-24946
CVE-2023-24949Windows Kernel Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-24949
CVE-2023-24953Microsoft Excel Remote Code Execution Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-24953
CVE-2023-29336Win32k Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29336
CVE-2023-29340AV1 Video Extension Remote Code Execution Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29340
CVE-2023-29341AV1 Video Extension Remote Code Execution Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29341
CVE-2023-29343SysInternals Sysmon for Windows Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29343
CVE-2023-2609NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-2609
CVE-2023-2610Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-2610
CVE-2023-31906Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31906
CVE-2023-31907Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-31907
CVE-2023-29273Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29273
CVE-2023-29274Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29274
CVE-2023-29275Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29275
CVE-2023-29276Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29276
CVE-2023-29278Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29278
CVE-2023-29280Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29280
CVE-2023-29281Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29281
CVE-2023-29282Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29282
CVE-2023-29283Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29283
CVE-2023-29284Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29284
CVE-2023-29285Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-29285
CVE-2022-4048Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application.7.7https://nvd.nist.gov/vuln/detail/CVE-2022-4048
CVE-2019-19094Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database.7.6https://nvd.nist.gov/vuln/detail/CVE-2019-19094
CVE-2023-30740SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality, limited impact on integrity and availability of the application.\n\n7.6https://nvd.nist.gov/vuln/detail/CVE-2023-30740
CVE-2023-29104A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to overwrite any file the Linux user `ccuser` has write access to, or to download any file the Linux user `ccuser` has read-only access to.7.6https://nvd.nist.gov/vuln/detail/CVE-2023-29104
CVE-2017-7548PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-7548
CVE-2018-3918An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync' operation, leading to arbitrary deletion of cameras. An attacker can send an HTTP request to trigger this vulnerability.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-3918
CVE-2018-20720ABB Relion 630 devices 1.1 before 1.1.0.C0, 1.2 before 1.2.0.B3, and 1.3 before 1.3.0.A6 allow remote attackers to cause a denial of service (reboot) via a reboot command in an SPA message.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-20720
CVE-2019-9012An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-9012
CVE-2019-18247An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-18247
CVE-2019-19097ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-19097
CVE-2020-16170Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value via unspecified vectors.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-16170
CVE-2020-27813An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-27813
CVE-2021-20407IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system. IBM X-Force ID: 196185.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2021-20407
CVE-2021-20409IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 196188.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2021-20409
CVE-2021-26845Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.2; 6.1 versions prior to 6.1.4; 6.3 versions prior to 6.3.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-26845
CVE-2021-27196Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-27196
CVE-2021-29063A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-29063
CVE-2021-35527Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials that are stored by the browser. This issue affects: Hitachi ABB Power Grids eSOMS version 6.3 and prior versions.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-35527
CVE-2002-20001The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.7.5https://nvd.nist.gov/vuln/detail/CVE-2002-20001
CVE-2021-35533Improper Input Validation vulnerability in the APDU parser in the Bidirectional Communication Interface (BCI) IEC 60870-5-104 function of Hitachi Energy RTU500 series allows an attacker to cause the receiving RTU500 CMU of which the BCI is enabled to reboot when receiving a specially crafted message. By default, BCI IEC 60870-5-104 function is disabled (not configured). This issue affects: Hitachi Energy RTU500 series CMU Firmware version 12.0.* (all versions); CMU Firmware version 12.2.* (all versions); CMU Firmware version 12.4.* (all versions).7.5https://nvd.nist.gov/vuln/detail/CVE-2021-35533
CVE-2022-28613A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that is caused by the validation error in the length information carried in MBAP header allows an ATTACKER to reboot the device by sending a special crafted message. This issue affects: Hitachi Energy RTU500 series CMU Firmware 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.*.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-28613
CVE-2022-36946nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-36946
CVE-2022-2591A vulnerability classified as critical has been found in TEM FLEX-1085 1.6.0. Affected is an unknown function of the file /sistema/flash/reboot. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-2591
CVE-2021-42521There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may crash the application.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-42521
CVE-2022-3526A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211024.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-3526
CVE-2022-35266A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_firmware/` API.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-35266
CVE-2022-45061An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-45061
CVE-2022-41988An information disclosure vulnerability exists in the OpenImageIO::decode_iptc_iim() functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-41988
CVE-2022-41999A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. A specially-crafted .dds can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-41999
CVE-2022-47941An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-47941
CVE-2023-26081In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-26081
CVE-2023-25824Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions from 0.9.0 to 0.12.0 (including) did not properly fail blocking read operations on TLS connections when the transport hit timeouts. Instead it entered an endless loop retrying the read operation, consuming CPU resources. This could be exploited for denial of service attacks. If trace level logging was enabled, it would also produce an excessive amount of log output during the loop, consuming disk space. The problem has been fixed in commit d7eec4e598158ab6a98bf505354e84352f9715ec, please update to version 0.12.1. There are no workarounds, users who cannot update should apply the errno fix detailed in the security advisory.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-25824
CVE-2022-41723A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-41723
CVE-2023-27783An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27783
CVE-2023-27784An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27784
CVE-2023-27785An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27785
CVE-2023-27786An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27786
CVE-2023-27787An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27787
CVE-2023-27788An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27788
CVE-2023-27789An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27789
CVE-2023-1681A vulnerability, which was classified as problematic, was found in Xunrui CMS 4.61. Affected is an unknown function of the file /config/myfield/test.php. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224238 is the identifier assigned to this vulnerability.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-1681
CVE-2023-1682A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dayrui/My/Config/Install.txt. The manipulation leads to direct request. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224239.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-1682
CVE-2023-1683A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/system_log.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224240.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-1683
CVE-2023-29085An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29085
CVE-2023-29086An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29086
CVE-2023-29087An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After header.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29087
CVE-2023-29088An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Session-Expires header.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29088
CVE-2023-29089An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29089
CVE-2023-29090An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Via header.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29090
CVE-2023-29091An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29091
CVE-2023-30608sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known workarounds for this issue.\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-30608
CVE-2023-25619\nA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that\ncould cause denial of service of the controller when communicating over the Modbus TCP\nprotocol. \n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-25619
CVE-2023-25652Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-25652
CVE-2023-27559IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27559
CVE-2023-28770The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-28770
CVE-2023-29255IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29255
CVE-2023-27556IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service. IBM X-Force ID: 249190.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27556
CVE-2023-27555IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27555
CVE-2023-26021IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-26021
CVE-2023-26022IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-26022
CVE-2022-484823CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-48482
CVE-2022-484833CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters. NOTE: this issue exists because of an incomplete fix for CVE-2022-28005.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-48483
CVE-2022-40504Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-40504
CVE-2023-30861Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches `Set-Cookie` headers, it may send one client's `session` cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met.\n\n1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.\n2. The application sets `session.permanent = True`\n3. The application does not access or modify the session at any point during a request.\n4. `SESSION_REFRESH_EACH_REQUEST` enabled (the default).\n5. The application does not set a `Cache-Control` header to indicate that a page is private or should not be cached.\n\nThis happens because vulnerable versions of Flask only set the `Vary: Cookie` header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified. This issue has been fixed in versions 2.3.2 and 2.2.5.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-30861
CVE-2023-30403An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to bypass login by connecting to the web app after a successful attempt by a legitimate user.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-30403
CVE-2022-40302An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-40302
CVE-2022-40318An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. NOTE: this behavior occurs in bgp_open_option_parse in the bgp_open.c file, a different location (with a different attack vector) relative to CVE-2022-40302.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-40318
CVE-2022-43681An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-43681
CVE-2023-24594\nWhen an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization.  \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-24594
CVE-2023-29163\nWhen UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29163
CVE-2022-45860A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in device registration page may allow an unauthenticated attacker to perform password spraying attacks with an increased chance of success.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-45860
CVE-2023-25934\nDELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-25934
CVE-2017-20184Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Carlo Gavazzi Powersoft up to version 2.1.1.1 allows an unauthenticated, remote attacker to download any file from the affected device.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-20184
CVE-2023-29994In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29994
CVE-2023-29995In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29995
CVE-2023-29996In NanoMQ v0.15.0-0, segment fault with Null Pointer Dereference occurs in the process of decoding subinfo_decode and unsubinfo_decode.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29996
CVE-2023-25289Directory Traversal vulnerability in virtualreception Digital Receptie version win7sp1_rtm.101119-1850 6.1.7601.1.0.65792 in embedded web server, allows attacker to gain sensitive information via a crafted GET request.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-25289
CVE-2023-30282PrestaShop scexportcustomers <= 3.6.1 is vulnerable to Incorrect Access Control. Due to a lack of permissions' control, a guest can access exports from the module which can lead to leak of personal information from customer table.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-30282
CVE-2023-32235Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-32235
CVE-2023-30243Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-30243
CVE-2023-26285IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-26285
CVE-2023-29350Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29350
CVE-2022-22313IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-22313
CVE-2023-32290The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is expected by a server.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-32290
CVE-2023-22787An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-22787
CVE-2023-30551Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory (OOM) conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can cause an out of memory crash if files within the META-INF directory of the JAR are sufficiently large. Parsing of an APK file submitted to Rekor can cause an out of memory crash if the .SIGN or .PKGINFO files within the APK are sufficiently large. The OOM crash has been patched in Rekor version 1.1.1. There are no known workarounds.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-30551
CVE-2023-30855Pimcore is an open source data and experience management platform. Versions of Pimcore prior to 10.5.18 are vulnerable to path traversal. The impact of this path traversal and arbitrary extension is limited to creation of arbitrary files and appending data to existing files. When combined with the SQL Injection, the exported data `RESTRICTED DIFFUSION 9 / 9` can be controlled and a webshell can be uploaded. Attackers can use that to execute arbitrary PHP code on the server with the permissions of the webserver. Users may upgrade to version 10.5.18 to receive a patch or, as a workaround, apply the patch manually.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-30855
CVE-2023-27963The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A shortcut may be able to use sensitive data with certain actions without prompting the user7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27963
CVE-2023-24505\nMilesight NCR/camera version 71.8.0.6-r5 discloses sensitive information through an unspecified request. \n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-24505
CVE-2023-24506\n\n\nMilesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request. \n\n \n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-24506
CVE-2023-31133Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack.\n\nGhost(Pro) has already been patched. Maintainers can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added. Self-hosters are impacted if running Ghost a version below v5.46.1. v5.46.1 contains a fix for this issue. As a workaround, add a block for requests to `/ghost/api/content/*` where the `filter` query parameter contains `password` or `email`.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-31133
CVE-2023-31179AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal - Vulnerability allows path traversal and downloading files from the server, by an unspecified request.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-31179
CVE-2023-31181\nWJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - CWE-22: Path Traversal\n\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-31181
CVE-2021-31239An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-31239
CVE-2023-32111In SAP PowerDesigner (Proxy) - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-32111
CVE-2021-44283A buffer overflow in the component /Enclave.cpp of Electronics and Telecommunications Research Institute ShieldStore commit 58d455617f99705f0ffd8a27616abdf77bdc1bdc allows attackers to cause an information leak via a crafted structure from an untrusted operating system.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-44283
CVE-2023-29105A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS).7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29105
CVE-2023-29106A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29106
CVE-2023-31137MaraDNS is open-source software that implements the Domain Name System (DNS). In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination.\n\nThe vulnerability exists in the `decomp_get_rddata` function within the `Decompress.c` file. When handling a DNS packet with an Answer RR of qtype 16 (TXT record) and any qclass, if the `rdlength` is smaller than `rdata`, the result of the line `Decompress.c:886` is a negative number `len = rdlength - total;`. This value is then passed to the `decomp_append_bytes` function without proper validation, causing the program to attempt to allocate a massive chunk of memory that is impossible to allocate. Consequently, the program exits with an error code of 64, causing a Denial of Service.\n\nOne proposed fix for this vulnerability is to patch `Decompress.c:887` by breaking `if(len <= 0)`, which has been incorporated in version 3.5.0036 via commit bab062bde40b2ae8a91eecd522e84d8b993bab58.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-31137
CVE-2023-31139DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.37 branch and prior to versions 2.37.9.1, 2.38.3.1, and 2.39.1.2, Personal Access Tokens (PATs) generate unrestricted session cookies. This may lead to a bypass of other access restrictions (for example, based on allowed IP addresses or HTTP methods). DHIS2 implementers should upgrade to a supported version of DHIS2: 2.37.9.1, 2.38.3.1, or 2.39.1.2. Implementers can work around this issue by adding extra access control validations on a reverse proxy.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-31139
CVE-2023-31476An issue was discovered on GL.iNet devices running firmware before 3.216. There is an arbitrary file write in which an empty file can be created almost anywhere on the filesystem, as long as the filename and path is no more than 6 characters (the working directory is /www).7.5https://nvd.nist.gov/vuln/detail/CVE-2023-31476
CVE-2023-31490An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-31490
CVE-2023-24898Windows SMB Denial of Service Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-24898
CVE-2023-24901Windows NFS Portmapper Information Disclosure Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-24901
CVE-2023-24939Server for NFS Denial of Service Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-24939
CVE-2023-24940Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-24940
CVE-2023-24942Remote Procedure Call Runtime Denial of Service Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-24942
CVE-2023-29325Windows OLE Remote Code Execution Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29325
CVE-2023-29335Microsoft Word Security Feature Bypass Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-29335
CVE-2023-31474An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-31474
CVE-2023-30056A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-30056
CVE-2023-28127A path traversal vulnerability exists in Avalanche version 6.3.x and below that when exploited could result in possible information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-28127
CVE-2023-2156A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-2156
CVE-2023-27510JB Inquiry form contains an exposure of private personal information to an unauthorized actor vulnerability, which may allow a remote unauthenticated attacker to obtain information entered from forms created using the affected product. The affected products and versions are as follows: JB Inquiry form versions 0.6.1 and 0.6.0, JB Inquiry form versions 0.5.2, 0.5.1 and 0.5.0, and JB Inquiry form version 0.40.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27510
CVE-2023-27527Shinseiyo Sogo Soft (7.9A) and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-27527
CVE-2022-47391In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-47391
CVE-2022-24738Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. In versions of evmos prior to 2.0.1 attackers are able to drain unclaimed funds from user addresses. To do this an attacker must create a new chain which does not enforce signature verification and connects it to the target evmos instance. The attacker can use this joined chain to transfer unclaimed funds. Users are advised to upgrade. There are no known workarounds for this issue.7.4https://nvd.nist.gov/vuln/detail/CVE-2022-24738
CVE-2022-45858A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks.7.4https://nvd.nist.gov/vuln/detail/CVE-2022-45858
CVE-2023-24948Windows Bluetooth Driver Elevation of Privilege Vulnerability7.4https://nvd.nist.gov/vuln/detail/CVE-2023-24948
CVE-2021-26356A TOCTOU in ASP bootloader may allow an attacker\nto tamper with the SPI ROM following data read to memory potentially resulting\nin S3 data corruption and information disclosure.\n\n\n\n\n\n\n\n\n7.4https://nvd.nist.gov/vuln/detail/CVE-2021-26356
CVE-2022-42257NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service.7.3https://nvd.nist.gov/vuln/detail/CVE-2022-42257
CVE-2022-42258NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure.7.3https://nvd.nist.gov/vuln/detail/CVE-2022-42258
CVE-2023-30944The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.7.3https://nvd.nist.gov/vuln/detail/CVE-2023-30944
CVE-2020-14678Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).7.2https://nvd.nist.gov/vuln/detail/CVE-2020-14678
CVE-2020-14697Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).7.2https://nvd.nist.gov/vuln/detail/CVE-2020-14697
CVE-2020-25643A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.7.2https://nvd.nist.gov/vuln/detail/CVE-2020-25643
CVE-2021-35529Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power Grids Retail Operations and Counterparty Settlement Billing (CSB) allows an attacker or unauthorized user to access database credentials, shut down the product and access or alter. This issue affects: Hitachi ABB Power Grids Retail Operations version 5.7.2 and prior versions. Hitachi ABB Power Grids Counterparty Settlement Billing (CSB) version 5.7.2 and prior versions.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-35529
CVE-2022-43769\nHitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream. \n\n7.2https://nvd.nist.gov/vuln/detail/CVE-2022-43769
CVE-2023-29257IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-29257
CVE-2023-23470IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. By using a specially crafted SQL operation, the administrator could exploit the vulnerability to perform additional administrator operations. IBM X-Force ID: 244510.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-23470
CVE-2023-2522A vulnerability was found in Chengdu VEC40G 3.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /send_order.cgi?parameter=access_detect of the component Network Detection. The manipulation of the argument COUNT with the input 3 | netstat -an leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228013 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-2522
CVE-2023-2554External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-2554
CVE-2023-29963S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-29963
CVE-2021-28998File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-28998
CVE-2023-1347The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present7.2https://nvd.nist.gov/vuln/detail/CVE-2023-1347
CVE-2023-1408The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin7.2https://nvd.nist.gov/vuln/detail/CVE-2023-1408
CVE-2023-2114The NEX-Forms WordPress plugin before 8.4 does not properly escape the `table` parameter, which is populated with user input, before concatenating it to an SQL query.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-2114
CVE-2023-28762SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with administrator privileges to get the login token of any logged-in BI user over the network without any user interaction. The attacker can impersonate any user on the platform resulting into accessing and modifying data. The attacker can also make the system partially or entirely unavailable.\n\n7.2https://nvd.nist.gov/vuln/detail/CVE-2023-28762
CVE-2023-28832A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-28832
CVE-2023-24955Microsoft SharePoint Server Remote Code Execution Vulnerability7.2https://nvd.nist.gov/vuln/detail/CVE-2023-24955
CVE-2023-28128An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-28128
CVE-2023-32568An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with root/administrator level privileges can leverage this to read sensitive data stored on the servers, modify data or server configuration, and delete data or application configuration.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-32568
CVE-2019-18998Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can access the resource directly.7.1https://nvd.nist.gov/vuln/detail/CVE-2019-18998
CVE-2022-34677NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.7.1https://nvd.nist.gov/vuln/detail/CVE-2022-34677
CVE-2023-23398Microsoft Excel Spoofing Vulnerability7.1https://nvd.nist.gov/vuln/detail/CVE-2023-23398
CVE-2023-1380A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-1380
CVE-2023-1652A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-1652
CVE-2023-2460Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium)7.1https://nvd.nist.gov/vuln/detail/CVE-2023-2460
CVE-2023-28724\nNGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager.  \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-28724
CVE-2023-27993A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a privileged attacker to delete arbitrary directories from the underlying file system via crafted CLI commands.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-27993
CVE-2023-21490Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-21490
CVE-2023-27968A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory7.1https://nvd.nist.gov/vuln/detail/CVE-2023-27968
CVE-2020-23362Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to escalate privileges via the cover_id parameter.7.1https://nvd.nist.gov/vuln/detail/CVE-2020-23362
CVE-2023-24904Windows Installer Elevation of Privilege Vulnerability7.1https://nvd.nist.gov/vuln/detail/CVE-2023-24904
CVE-2023-29030\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-29030
CVE-2023-29031\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-29031
CVE-2021-3609.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.7https://nvd.nist.gov/vuln/detail/CVE-2021-3609
CVE-2023-24899Windows Graphics Component Elevation of Privilege Vulnerability7https://nvd.nist.gov/vuln/detail/CVE-2023-24899
CVE-2021-25220BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.6.8https://nvd.nist.gov/vuln/detail/CVE-2021-25220
CVE-2022-34674NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.6.8https://nvd.nist.gov/vuln/detail/CVE-2022-34674
CVE-2023-28092A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.\n\n6.8https://nvd.nist.gov/vuln/detail/CVE-2023-28092
CVE-2023-21489Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code.6.8https://nvd.nist.gov/vuln/detail/CVE-2023-21489
CVE-2021-22278A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed.6.7https://nvd.nist.gov/vuln/detail/CVE-2021-22278
CVE-2023-32269An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-32269
CVE-2023-27933The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. An app with root privileges may be able to execute arbitrary code with kernel privileges6.7https://nvd.nist.gov/vuln/detail/CVE-2023-27933
CVE-2023-2513A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-2513
CVE-2023-24932Secure Boot Security Feature Bypass Vulnerability6.7https://nvd.nist.gov/vuln/detail/CVE-2023-24932
CVE-2023-30024The MagicJack device, a VoIP solution for internet phone calls, contains a hidden NAND flash memory partition allowing unauthorized read/write access. Attackers can exploit this by replacing the original software with a malicious version, leading to ransomware deployment on the host computer. Affected devices have firmware versions prior to magicJack A921 USB Phone Jack Rev 3.0 V1.4.6.6https://nvd.nist.gov/vuln/detail/CVE-2023-30024
CVE-2017-15583The embedded web server on ABB Fox515T 1.0 devices is vulnerable to Local File Inclusion. It accepts a parameter that specifies a file for display or for use as a template. The filename is not validated; an attacker could retrieve any file.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-15583
CVE-2019-19000For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-19000
CVE-2019-19001For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-19001
CVE-2019-19093eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in lower access security due to insecure user passwords.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-19093
CVE-2020-14680Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).6.5https://nvd.nist.gov/vuln/detail/CVE-2020-14680
CVE-2020-16168Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors.6.5https://nvd.nist.gov/vuln/detail/CVE-2020-16168
CVE-2022-0108Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-0108
CVE-2022-35256The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-35256
CVE-2022-23548Discourse is an option source discussion platform. Prior to version 2.8.14 on the `stable` branch and version 2.9.0.beta16 on the `beta` and `tests-passed` branches, parsing posts can be susceptible to regular expression denial of service (ReDoS) attacks. This issue is patched in versions 2.8.14 and 2.9.0.beta16. There are no known workarounds.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-23548
CVE-2022-3162Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-3162
CVE-2023-0614The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-0614
CVE-2023-30456An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-30456
CVE-2023-30512CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-30512
CVE-2023-25620\n\n\nA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that\ncould cause denial of service of the controller when a malicious project file is loaded onto the\ncontroller by an authenticated user. \n\n \n\n6.5https://nvd.nist.gov/vuln/detail/CVE-2023-25620
CVE-2023-30853Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets configured for the repository.\n\nSecrets configured for GitHub Actions are normally passed to the Gradle Build Tool via environment variables. Due to the way that the Gradle Build Tool records these environment variables, they may be persisted into an entry in the GitHub Actions cache. This data stored in the GitHub Actions cache can be read by a GitHub Actions workflow running in an untrusted context, such as that running for a Pull Request submitted by a developer via a repository fork.\n\nThis vulnerability was discovered internally through code review, and we have not seen any evidence of it being exploited in the wild. However, in addition to upgrading the Gradle Build Action, affected users should delete any potentially vulnerable cache entries and may choose to rotate any potentially affected secrets.\n\nGradle Build Action v2.4.2 and newer no longer saves this sensitive data for later use, preventing ongoing leakage of secrets via the GitHub Actions Cache.\n\nWhile upgrading to the latest version of the Gradle Build Action will prevent leakage of secrets going forward, additional actions may be required due to current or previous GitHub Actions Cache entries containing this information.\n\nCurrent cache entries will remain vulnerable until they are forcibly deleted or they expire naturally after 7 days of not being used. Potentially vulnerable entries can be easily identified in the GitHub UI by searching for a cache entry with key matching `configuration-cache-*`. The maintainers recommend that users of the Gradle Build Action inspect their list of cache entries and manually delete any that match this pattern.\n\nWhile maintainers have not seen any evidence of this vulnerability being exploited, they recommend cycling any repository secrets if you cannot be certain that these have not been compromised. Compromise could occur if a user runs a GitHub Actions workflow for a pull request attempting to exploit this data. \nWarning signs to look for in a pull request include:\n- Making changes to GitHub Actions workflow files in a way that may attempt to read/extract data from the Gradle User Home or `<project-root>/.gradle` directories.\n- Making changes to Gradle build files or other executable files that may be invoked by a GitHub Actions workflow, in a way that may attempt to read/extract information from these locations.\n\nSome workarounds to limit the impact of this vulnerability are available:\n- If the Gradle project does not opt-in to using the configuration cache, then it is not vulnerable. \n- If the Gradle project does opt-in to using the configuration-cache by default, then the `--no-configuration-cache` command-line argument can be used to disable this feature in a GitHub Actions workflow.\n\nIn any case, we recommend that users carefully inspect any pull request before approving the execution of GitHub Actions workflows. It may be prudent to require approval for all PRs from external contributors.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-30853
CVE-2023-29867Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-29867
CVE-2023-29868Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-29868
CVE-2022-47874Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-47874
CVE-2023-2459Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. (Chromium security severity: Medium)6.5https://nvd.nist.gov/vuln/detail/CVE-2023-2459
CVE-2023-28406A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which may allow an authenticated attacker to read files with .xml extension. Access to restricted information is limited and the attacker does not control what information is obtained.  \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-28406
CVE-2022-43919IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-43919
CVE-2023-29659A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-29659
CVE-2020-22334Cross Site Request Forgery (CSRF) vulnerability in beescms v4 allows attackers to delete the administrator account via crafted request to /admin/admin_admin.php.6.5https://nvd.nist.gov/vuln/detail/CVE-2020-22334
CVE-2023-0522The Enable/Disable Auto Login when Register WordPress plugin through 1.1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack6.5https://nvd.nist.gov/vuln/detail/CVE-2023-0522
CVE-2023-1979The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password. The content is then only accessible to website visitors after entering the password. In WordPress, users with the "Author" role can create stories, but don't have the ability to edit password protected stories. The vulnerability allowed users with said role to bypass this permission check when trying to duplicate the protected story in the plugin's own dashboard, giving them access to the seemingly protected content. We recommend upgrading to version 1.32 or beyond commit  ad49781c2a35c5c92ef704d4b621ab4e5cb77d68 https://github.com/GoogleForCreators/web-stories-wp/commit/ad49781c2a35c5c92ef704d4b621ab4e5cb77d68 \n6.5https://nvd.nist.gov/vuln/detail/CVE-2023-1979
CVE-2023-23528An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory6.5https://nvd.nist.gov/vuln/detail/CVE-2023-23528
CVE-2023-27954The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be able to track sensitive user information6.5https://nvd.nist.gov/vuln/detail/CVE-2023-27954
CVE-2023-28180A denial-of-service issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. A user in a privileged network position may be able to cause a denial-of-service6.5https://nvd.nist.gov/vuln/detail/CVE-2023-28180
CVE-2023-28182The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device6.5https://nvd.nist.gov/vuln/detail/CVE-2023-28182
CVE-2023-2478An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.9.7, all versions starting from 15.10 before 15.10.6, all versions starting from 15.11 before 15.11.2. Under certain conditions, a malicious unauthorized GitLab user may use a GraphQL endpoint to attach a malicious runner to any project.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-2478
CVE-2023-31125Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. An uncaught exception vulnerability was introduced in version 5.1.0 and included in version 4.1.0 of the `socket.io` parent package. Older versions are not impacted. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the `engine.io` package, including those who use depending packages like `socket.io`. This issue was fixed in version 6.4.2 of Engine.IO. There is no known workaround except upgrading to a safe version.\n6.5https://nvd.nist.gov/vuln/detail/CVE-2023-31125
CVE-2023-31140OpenProject is open source project management software. Starting with version 7.4.0 and prior to version 12.5.4, when a user registers and confirms their first two-factor authentication (2FA) device for an account, existing logged in sessions for that user account are not terminated. Likewise, if an administrators creates a mobile phone 2FA device on behalf of a user, their existing sessions are not terminated. The issue has been resolved in OpenProject version 12.5.4 by actively terminating sessions of user accounts having registered and confirmed a 2FA device. As a workaround, users who register the first 2FA device on their account can manually log out to terminate all other active sessions. This is the default behavior of OpenProject but might be disabled through a configuration option. Double check that this option is not overridden if one plans to employ the workaround.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-31140
CVE-2022-4537The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.0.18. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address from logging in.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-4537
CVE-2023-31138DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.36 branch and prior to versions 2.37.9.1, 2.38.3.1, and 2.39.1.2, using object model traversal in the payload of a PATCH request, authenticated users with write access to an object may be able to modify related objects that they should not have access to. DHIS2 implementers should upgrade to a supported version of DHIS2 to receive a patch: 2.37.9.1, 2.38.3.1, or 2.39.1.2. It is possible to work around this issue by blocking all PATCH requests on a reverse proxy, but this may cause some issues with the functionality of built-in applications using legacy PATCH requests.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-31138
CVE-2023-32060DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.35 branch and prior to versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0, when the Category Option Combination Sharing settings are configured to control access to specific tracker program events or program stages, the `/trackedEntityInstances` and `/events` API endpoints may include all events regardless of the sharing settings applied to the category option combinations. When this specific configuration is present, users may have access to events which they should not be able to see based on the sharing settings of the category options. The events will not appear in the user interface for web-based Tracker Capture or Capture applications, but if the Android Capture App is used they will be displayed to the user. Versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0 contain a fix for this issue. No workaround is known.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-32060
CVE-2023-24944Windows Bluetooth Driver Information Disclosure Vulnerability6.5https://nvd.nist.gov/vuln/detail/CVE-2023-24944
CVE-2023-24950Microsoft SharePoint Server Spoofing Vulnerability6.5https://nvd.nist.gov/vuln/detail/CVE-2023-24950
CVE-2023-24954Microsoft SharePoint Server Information Disclosure Vulnerability6.5https://nvd.nist.gov/vuln/detail/CVE-2023-24954
CVE-2023-29324Windows MSHTML Platform Security Feature Bypass Vulnerability6.5https://nvd.nist.gov/vuln/detail/CVE-2023-29324
CVE-2023-22361Improper privilege management vulnerability in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier allows a remote authenticated attacker to alter a WebUI password of the product.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-22361
CVE-2023-29024\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nA cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n\n\n6.5https://nvd.nist.gov/vuln/detail/CVE-2023-29024
CVE-2022-47378Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-47378
CVE-2022-47392An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-47392
CVE-2022-47393An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.6.5https://nvd.nist.gov/vuln/detail/CVE-2022-47393
CVE-2023-1544A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-1544
CVE-2023-27945This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3. A sandboxed app may be able to collect system logs6.3https://nvd.nist.gov/vuln/detail/CVE-2023-27945
CVE-2023-27966The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox6.3https://nvd.nist.gov/vuln/detail/CVE-2023-27966
CVE-2020-8120A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 was discovered in the svg generation.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-8120
CVE-2019-19003For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting.6.1https://nvd.nist.gov/vuln/detail/CVE-2019-19003
CVE-2019-19089For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text interpreted as JavaScript.6.1https://nvd.nist.gov/vuln/detail/CVE-2019-19089
CVE-2019-19096The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.6.1https://nvd.nist.gov/vuln/detail/CVE-2019-19096
CVE-2020-24188Cross-site scripting (XSS) vulnerability in the search functionality in Intrexx before 9.4.0 allows remote attackers to inject arbitrary web script or HTML via the request parameter.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-24188
CVE-2021-27414An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-27414
CVE-2022-43696OX App Suite before 7.10.6-rev20 allows XSS via upsell ads.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-43696
CVE-2022-43697OX App Suite before 7.10.6-rev30 allows XSS via an activity tracking adapter defined by jslob.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-43697
CVE-2022-37306OX App Suite before 7.10.6-rev30 allows XSS via an upsell trigger.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-37306
CVE-2023-30614Pay is a payments engine for Ruby on Rails 6.0 and higher. In versions prior to 6.3.2 a payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL could be distributed via email to specifically target certain individuals. If the targeted application contains a functionality to submit user-generated content (such as comments) the attacker could even distribute the URL using that functionality. This has been patched in version 6.3.2 and above. Users are advised to upgrade. There are no known workarounds for this vulnerability.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-30614
CVE-2023-30267CLTPHP <=6.0 is vulnerable to Cross Site Scripting (XSS) via application/home/controller/Changyan.php.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-30267
CVE-2023-1384The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run\n\nThis issue affects:\n\nAmazon Fire TV Stick 3rd gen versions prior to 6.2.9.5.\nInsignia TV with FireOS versions prior to 7.6.3.3.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-1384
CVE-2023-27378\nMultiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-27378
CVE-2023-25827\nDue to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a reflected XSS vulnerability with the suggestion endpoint.\n\n6.1https://nvd.nist.gov/vuln/detail/CVE-2023-25827
CVE-2023-24744Cross Site Scripting (XSS) vulnerability in Rediker Software AdminPlus 6.1.91.00 allows remote attackers to run arbitrary code via the onload function within the application DOM.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-24744
CVE-2023-2521A vulnerability was found in NEXTU NEXT-7004N 3.0.1. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formFilter of the component POST Request Handler. The manipulation of the argument url with the input <svg onload=alert(1337)> leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228012. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-2521
CVE-2022-47449Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RexTheme Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD plugin <= 3.1.5 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-47449
CVE-2023-30093A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-30093
CVE-2017-20183A vulnerability was found in External Media without Import Plugin up to 1.0.0 on WordPress. It has been declared as problematic. This vulnerability affects the function print_media_new_panel of the file external-media-without-import.php. The manipulation of the argument url/error/width/height/mime-type leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.0.1 is able to address this issue. The name of the patch is 9d2ecd159a6e2e3f710b4f1c28e2714f66502746. It is recommended to upgrade the affected component. VDB-227950 is the identifier assigned to this vulnerability.6.1https://nvd.nist.gov/vuln/detail/CVE-2017-20183
CVE-2023-2560A vulnerability was found in jja8 NewBingGoGo up to 2023.5.5.2. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228167.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-2560
CVE-2023-2565A vulnerability has been found in SourceCodester Multi Language Hotel Management Software 1.0 and classified as problematic. This vulnerability affects unknown code of the file ajax.php of the component POST Parameter Handler. The manipulation of the argument complaint_type with the input --redacted-- leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-2281726.1https://nvd.nist.gov/vuln/detail/CVE-2023-2565
CVE-2022-46799Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin <= 1.0.15 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-46799
CVE-2020-18282Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-18282
CVE-2020-19660Cross Site Scripting (XSS) pandao editor.md 1.5.0 allows attackers to execute arbitrary code via crafted linked url values.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-19660
CVE-2020-21038Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-21038
CVE-2023-0421The Cloud Manager WordPress plugin through 1.0 does not sanitise and escape the query param ricerca before outputting it in an admin panel, allowing unauthenticated attackers to trick a logged in admin to trigger a XSS payload by clicking a link.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-0421
CVE-2023-0514The Membership Database WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin6.1https://nvd.nist.gov/vuln/detail/CVE-2023-0514
CVE-2023-0948The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting6.1https://nvd.nist.gov/vuln/detail/CVE-2023-0948
CVE-2023-1011The AI ChatBot WordPress plugin before 4.4.5 does not escape most of its settings before outputting them back in the dashboard, and does not have a proper CSRF check, allowing attackers to make a logged in admin set XSS payloads in them.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-1011
CVE-2023-1660The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in a function hooked to init, allowing unauthenticated users to update some settings, leading to Stored XSS due to the lack of escaping when outputting them in the admin dashboard6.1https://nvd.nist.gov/vuln/detail/CVE-2023-1660
CVE-2023-1806The WP Inventory Manager WordPress plugin before 2.1.0.12 does not sanitise and escape the message parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-1806
CVE-2022-45065Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Squirrly SEO Plugin by Squirrly SEO plugin <= 12.1.20 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-45065
CVE-2022-47439Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rocket Apps Open Graphite plugin <= 1.6.0 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-47439
CVE-2023-2582A prototype pollution vulnerability exists in Strikingly CMS which can result in reflected cross-site scripting (XSS) in affected applications and sites built with Strikingly. The vulnerability exists because of Strikingly JavaScript library parsing the URL fragment allows access to the __proto__ or constructor properties and the Object prototype. By leveraging an embedded gadget like jQuery, an attacker who convinces a victim to visit a specially crafted link could achieve arbitrary javascript execution in the context of the user's browser.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-2582
CVE-2023-30334AsmBB v2.9.1 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the MiniMag.asm and bbcode.asm libraries.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-30334
CVE-2023-31180\nWJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - Reflected cross-site scripting (RXSS) through an unspecified request.\n\n6.1https://nvd.nist.gov/vuln/detail/CVE-2023-31180
CVE-2023-31183\n Cybonet PineApp Mail Secure A reflected cross-site scripting (XSS) vulnerability was identified in the product, using an unspecified endpoint.\n\n\n\n\n\n\n6.1https://nvd.nist.gov/vuln/detail/CVE-2023-31183
CVE-2023-22710Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in chilidevs Return and Warranty Management System for WooCommerce plugin <= 1.2.3 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-22710
CVE-2023-30741Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated attacker to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\n\n6.1https://nvd.nist.gov/vuln/detail/CVE-2023-30741
CVE-2023-30742SAP CRM (WebClient UI) - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 700, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability.An attacker could store a malicious URL and lure the victim to click, causing the script supplied by the attacker to execute in the victim user's session. The information from the victim's session could then be modified or read by the attacker.\n\n6.1https://nvd.nist.gov/vuln/detail/CVE-2023-30742
CVE-2023-30743Due to improper neutralization of input in SAPUI5 - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, sap.m.FormattedText SAPUI5 control allows injection of untrusted CSS. This blocks user’s interaction with the application. Further, in the absence of URL validation by the application, the vulnerability could lead to the attacker reading or modifying user’s information through phishing attack.\n\n6.1https://nvd.nist.gov/vuln/detail/CVE-2023-30743
CVE-2023-31406Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated attacker to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\n\n6.1https://nvd.nist.gov/vuln/detail/CVE-2023-31406
CVE-2022-46822Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in JC Development Team WooCommerce JazzCash Gateway Plugin plugin <= 2.0 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-46822
CVE-2022-46858Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Amin A.Rezapour Product Specifications for Woocommerce plugin <= 0.6.0 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-46858
CVE-2022-46864Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin <= 0.1 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-46864
CVE-2020-18280Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC function.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-18280
CVE-2023-31144Craft CMS is a content management system. Starting in version 3.0.0 and prior to versions 3.8.4 and 4.4.4, a malformed title in the feed widget can deliver a cross-site scripting payload. This issue is fixed in version 3.8.4 and 4.4.4.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-31144
CVE-2023-31801Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skills wheel parameter.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-31801
CVE-2023-25829There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-25829
CVE-2023-25830There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-25830
CVE-2023-25831There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.\n6.1https://nvd.nist.gov/vuln/detail/CVE-2023-25831
CVE-2023-24392Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin <= 1.1.7 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-24392
CVE-2023-27419Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Viable Blog theme <= 1.1.4 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-27419
CVE-2023-27455Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maui Marketing Update Image Tag Alt Attribute plugin <= 2.4.5 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-27455
CVE-2023-29101Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Muffingroup Betheme theme <= 26.7.5 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-29101
CVE-2022-47441Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin <= 1.7.0.10 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-47441
CVE-2022-47590Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fugu Maintenance Switch plugin <= 1.5.2 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-47590
CVE-2022-47600Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Mass Email To users plugin <= 1.1.4 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-47600
CVE-2023-29023\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n6.1https://nvd.nist.gov/vuln/detail/CVE-2023-29023
CVE-2023-31508A cross-site scripting (XSS) vulnerability in PrestaShop v1.7.7.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter in /contactform/contactform.php.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-31508
CVE-2020-14422Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.5.9https://nvd.nist.gov/vuln/detail/CVE-2020-14422
CVE-2021-20600Uncontrolled resource consumption in Mitsubishi Electric MELSEC iQ-R series C Controller Module R12CCPU-V Firmware Versions "16" and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module starting up. System reset is required for recovery.5.9https://nvd.nist.gov/vuln/detail/CVE-2021-20600
CVE-2022-43592An information disclosure vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability.5.9https://nvd.nist.gov/vuln/detail/CVE-2022-43592
CVE-2022-43593A denial of service vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to null pointer dereference. An attacker can provide malicious input to trigger this vulnerability.5.9https://nvd.nist.gov/vuln/detail/CVE-2022-43593
CVE-2022-43594Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files.5.9https://nvd.nist.gov/vuln/detail/CVE-2022-43594
CVE-2022-43595Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .fits files.5.9https://nvd.nist.gov/vuln/detail/CVE-2022-43595
CVE-2022-43596An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability.5.9https://nvd.nist.gov/vuln/detail/CVE-2022-43596
CVE-2022-43603A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.5.9https://nvd.nist.gov/vuln/detail/CVE-2022-43603
CVE-2023-31290Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input seed, resulting in only four billion possible mnemonics. The affected versions of the browser extension are 0.0.172 through 0.0.182. To steal funds efficiently, an attacker can identify all Ethereum addresses created since the 0.0.172 release, and check whether they are Ethereum addresses that could have been created by this extension. To respond to the risk, affected users need to upgrade the product version and also move funds to a new wallet address.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-31290
CVE-2023-25930IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-25930
CVE-2023-22372\nIn the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-22372
CVE-2023-24461\nAn improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-24461
CVE-2023-31141OpenSearch is open-source software suite for search, analytics, and observability applications. Prior to versions 1.3.10 and 2.7.0, there is an issue with the implementation of fine-grained access control rules (document-level security, field-level security and field masking) where they are not correctly applied to the queries during extremely rare race conditions potentially leading to incorrect access authorization. For this issue to be triggered, two concurrent requests need to land on the same instance exactly when query cache eviction happens, once every four hours. OpenSearch 1.3.10 and 2.7.0 contain a fix for this issue.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-31141
CVE-2023-28764SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive information as cleartext in the binaries over the network. This could allow an unauthenticated attacker with deep knowledge to gain sensitive information such as user credentials and domain names, which may have a low impact on confidentiality and no impact on the integrity and availability of the system.\n\n5.9https://nvd.nist.gov/vuln/detail/CVE-2023-28764
CVE-2023-31136PostgresNIO is a Swift client for PostgreSQL. Any user of PostgresNIO prior to version 1.14.2 connecting to servers with TLS enabled is vulnerable to a man-in-the-middle attacker injecting false responses to the client's first few queries, despite the use of TLS certificate verification and encryption. The vulnerability is addressed in PostgresNIO versions starting from 1.14.2. There are no known workarounds for unpatched users.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-31136
CVE-2023-24900Windows NTLM Security Support Provider Information Disclosure Vulnerability5.9https://nvd.nist.gov/vuln/detail/CVE-2023-24900
CVE-2023-28125An improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below that could allow an attacker to gain access to the server by registering to receive messages from the server and perform an authentication bypass.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-28125
CVE-2023-28126An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-28126
CVE-2023-32570VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-32570
CVE-2023-29022\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n5.9https://nvd.nist.gov/vuln/detail/CVE-2023-29022
CVE-2023-29025\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n5.9https://nvd.nist.gov/vuln/detail/CVE-2023-29025
CVE-2023-29026\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n5.9https://nvd.nist.gov/vuln/detail/CVE-2023-29026
CVE-2023-29027\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n5.9https://nvd.nist.gov/vuln/detail/CVE-2023-29027
CVE-2023-29028\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n5.9https://nvd.nist.gov/vuln/detail/CVE-2023-29028
CVE-2023-29029\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n5.9https://nvd.nist.gov/vuln/detail/CVE-2023-29029
CVE-2023-27892Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With physical access to a PIN-unlocked device, attackers can extract the BIP39 mnemonic secret from the hardware wallet.5.7https://nvd.nist.gov/vuln/detail/CVE-2023-27892
CVE-2017-14025An Improper Input Validation issue was discovered in ABB FOX515T release 1.0. An improper input validation vulnerability has been identified, allowing a local attacker to provide a malicious parameter to the script that is not validated by the application, This could enable the attacker to retrieve any file on the server.5.5https://nvd.nist.gov/vuln/detail/CVE-2017-14025
CVE-2020-27784A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().5.5https://nvd.nist.gov/vuln/detail/CVE-2020-27784
CVE-2022-41553Insertion of Sensitive Information into Temporary File vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer probe component) allows local users to gain sensitive information. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-41553
CVE-2022-42853An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.1. An app may be able to modify protected parts of the file system.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-42853
CVE-2022-42865This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-42865
CVE-2022-34675NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-34675
CVE-2022-34680NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-34680
CVE-2022-42259NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-42259
CVE-2023-21776Windows Kernel Information Disclosure Vulnerability5.5https://nvd.nist.gov/vuln/detail/CVE-2023-21776
CVE-2022-4285An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-4285
CVE-2022-41727An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-41727
CVE-2023-1550Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note: NGINX Agent is included with NGINX Instance Manager and used in conjunction with NGINX API Connectivity Manager, and NGINX Management Suite Security Monitoring.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-1550
CVE-2022-46703A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. An app may be able to read sensitive location information5.5https://nvd.nist.gov/vuln/detail/CVE-2022-46703
CVE-2023-28271Windows Kernel Memory Information Disclosure Vulnerability5.5https://nvd.nist.gov/vuln/detail/CVE-2023-28271
CVE-2023-1906A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-1906
CVE-2023-1548\nA CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to\nperform a denial of service through the console server service that is part of EcoStruxure Control Expert. Affected Products: EcoStruxure Control Expert (V15.1 and above)5.5https://nvd.nist.gov/vuln/detail/CVE-2023-1548
CVE-2022-31643A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-31643
CVE-2023-30300An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-30300
CVE-2023-21493Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-21493
CVE-2023-21495Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-21495
CVE-2023-21496Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-21496
CVE-2023-21500Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-21500
CVE-2023-21507Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-21507
CVE-2023-21510Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-21510
CVE-2023-21511Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-21511
CVE-2022-38707IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-38707
CVE-2023-22874IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-22874
CVE-2023-29932llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29932
CVE-2023-29933llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29933
CVE-2023-29934llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29934
CVE-2023-29935llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29935
CVE-2023-29939llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29939
CVE-2023-29941llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29941
CVE-2023-29942llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29942
CVE-2023-30434IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-30434
CVE-2020-4914IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-4914
CVE-2022-43877IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file. IBM X-Force ID: 240148.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-43877
CVE-2023-23527The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. A user may gain access to protected parts of the file system5.5https://nvd.nist.gov/vuln/detail/CVE-2023-23527
CVE-2023-23533A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system5.5https://nvd.nist.gov/vuln/detail/CVE-2023-23533
CVE-2023-23534The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory5.5https://nvd.nist.gov/vuln/detail/CVE-2023-23534
CVE-2023-23535The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory5.5https://nvd.nist.gov/vuln/detail/CVE-2023-23535
CVE-2023-23537A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information5.5https://nvd.nist.gov/vuln/detail/CVE-2023-23537
CVE-2023-23538A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system5.5https://nvd.nist.gov/vuln/detail/CVE-2023-23538
CVE-2023-23542A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-sensitive data5.5https://nvd.nist.gov/vuln/detail/CVE-2023-23542
CVE-2023-27929An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27929
CVE-2023-27931This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27931
CVE-2023-27932This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27932
CVE-2023-27941A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to disclose kernel memory5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27941
CVE-2023-27942The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27942
CVE-2023-27943This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Files downloaded from the internet may not have the quarantine flag applied5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27943
CVE-2023-27951The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An archive may be able to bypass Gatekeeper5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27951
CVE-2023-27955The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4. An app may be able to read arbitrary files5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27955
CVE-2023-27956The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27956
CVE-2023-27961Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. Importing a maliciously crafted calendar invitation may exfiltrate user information5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27961
CVE-2023-27962A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to modify protected parts of the file system5.5https://nvd.nist.gov/vuln/detail/CVE-2023-27962
CVE-2023-28178A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app may be able to bypass Privacy preferences5.5https://nvd.nist.gov/vuln/detail/CVE-2023-28178
CVE-2023-28189The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to view sensitive information5.5https://nvd.nist.gov/vuln/detail/CVE-2023-28189
CVE-2023-28190A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data5.5https://nvd.nist.gov/vuln/detail/CVE-2023-28190
CVE-2023-28192A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to read sensitive location information5.5https://nvd.nist.gov/vuln/detail/CVE-2023-28192
CVE-2023-28200A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory5.5https://nvd.nist.gov/vuln/detail/CVE-2023-28200
CVE-2022-38685In bluetooth service, there is a possible missing permission check. This could lead to local denial of service in bluetooth service with no additional execution privileges needed.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-38685
CVE-2022-44419In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-44419
CVE-2022-44420In modem, there is a possible missing verification of HashMME value in Security Mode Command. This could local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-44420
CVE-2022-47340In h265 codec firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-47340
CVE-2022-47487In thermal service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-47487
CVE-2022-47490In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-47490
CVE-2022-47492In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-47492
CVE-2022-47493In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-47493
CVE-2022-48231In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48231
CVE-2022-48232In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48232
CVE-2022-48233In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48233
CVE-2022-48234In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48234
CVE-2022-48241In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48241
CVE-2022-48242In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48242
CVE-2022-48370In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48370
CVE-2022-48371In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48371
CVE-2022-48375In contacts service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48375
CVE-2022-48376In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48376
CVE-2022-48377In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48377
CVE-2022-48378In engineermode service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48378
CVE-2022-48379In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.5.5https://nvd.nist.gov/vuln/detail/CVE-2022-48379
CVE-2023-32112Vendor Master Hierarchy - versions SAP_APPL 500, SAP_APPL 600, SAP_APPL 602, SAP_APPL 603, SAP_APPL 604, SAP_APPL 605, SAP_APPL 606, SAP_APPL 616, SAP_APPL 617, SAP_APPL 618, S4CORE 100, does not perform necessary authorization checks for an authenticated user to access some of its function. This could lead to modification of data impacting the integrity of the system.\n\n5.5https://nvd.nist.gov/vuln/detail/CVE-2023-32112
CVE-2023-30083Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the newVar_N in util/decompile.c.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-30083
CVE-2023-30084An issue found in libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the stackVal function in util/decompile.c.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-30084
CVE-2023-30085Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the cws2fws function in util/decompile.c.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-30085
CVE-2023-30086Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-30086
CVE-2023-30087Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-30087
CVE-2023-30088An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-30088
CVE-2023-31489An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-31489
CVE-2023-24945Windows iSCSI Target Service Information Disclosure Vulnerability5.5https://nvd.nist.gov/vuln/detail/CVE-2023-24945
CVE-2023-28251Windows Driver Revocation List Security Feature Bypass Vulnerability5.5https://nvd.nist.gov/vuln/detail/CVE-2023-28251
CVE-2023-29277Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29277
CVE-2023-29279Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29279
CVE-2023-29286Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-29286
CVE-2019-19002For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting.5.4https://nvd.nist.gov/vuln/detail/CVE-2019-19002
CVE-2019-19095Lack of adequate input/output validation for ABB eSOMS versions 4.0 to 6.0.2 might allow an attacker to attack such as stored cross-site scripting by storing malicious content in the database.5.4https://nvd.nist.gov/vuln/detail/CVE-2019-19095
CVE-2021-27416An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of confidential information, or even the takeover of the user’s session.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-27416
CVE-2022-46265A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to malicious websites.5.4https://nvd.nist.gov/vuln/detail/CVE-2022-46265
CVE-2023-31223Dradis before 4.8.0 allows persistent XSS by authenticated author users, related to avatars.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-31223
CVE-2023-29638Cross Site Scripting (XSS) vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-29638
CVE-2023-30639Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. 6.11.P4 (6.11.0.4) is also a fixed release.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30639
CVE-2023-31434The parameters nutzer_titel, nutzer_vn, and nutzer_nn in the user profile, and langID and ONLINEID in direct links, in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 do not validate input, which allows authenticated attackers to inject HTML Code and XSS payloads in multiple locations.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-31434
CVE-2023-29240\nAn authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-29240
CVE-2023-30619Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute uncontrolled code. This issue has been patched in version 14.7.99.143.\n5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30619
CVE-2023-30184A stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter at /index.php/archives/1/comment.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30184
CVE-2023-30094A stored cross-site scripting (XSS) vulnerability in TotalJS Flow v10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30094
CVE-2023-30095A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30095
CVE-2023-30096A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30096
CVE-2023-30097A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30097
CVE-2023-30216Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30216
CVE-2022-43866IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239436.5.4https://nvd.nist.gov/vuln/detail/CVE-2022-43866
CVE-2023-2516Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-2516
CVE-2023-2553Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to 2.2.0.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-2553
CVE-2023-24957IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 246115.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-24957
CVE-2023-24400Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA plugin <= 2.4.6 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-24400
CVE-2023-29247Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0.\n\n\n5.4https://nvd.nist.gov/vuln/detail/CVE-2023-29247
CVE-2023-23668Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin <= 2.25.1 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-23668
CVE-2022-45812Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Lees Exxp plugin <= 2.6.8 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2022-45812
CVE-2023-0267The Ultimate Carousel For WPBakery Page Builder WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-0267
CVE-2023-0268The Mega Addons For WPBakery Page Builder WordPress plugin before 4.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-0268
CVE-2023-0280The Ultimate Carousel For Elementor WordPress plugin through 2.1.7 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-0280
CVE-2023-0526The Post Shortcode WordPress plugin through 2.0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks5.4https://nvd.nist.gov/vuln/detail/CVE-2023-0526
CVE-2023-0536The Wp-D3 WordPress plugin through 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-0536
CVE-2023-0537The Product Slider For WooCommerce Lite WordPress plugin through 1.1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks5.4https://nvd.nist.gov/vuln/detail/CVE-2023-0537
CVE-2023-0542The Custom Post Type List Shortcode WordPress plugin through 1.4.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-0542
CVE-2023-1651The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in the AJAX action responsible to update the OpenAI settings, allowing any authenticated users, such as subscriber to update them. Furthermore, due to the lack of escaping of the settings, this could also lead to Stored XSS5.4https://nvd.nist.gov/vuln/detail/CVE-2023-1651
CVE-2023-1905The WP Popups WordPress plugin before 2.1.5.1 does not properly escape the href attribute of its spu-facebook-page shortcode before outputting it back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. This is due to an insufficient fix of CVE-2023-240035.4https://nvd.nist.gov/vuln/detail/CVE-2023-1905
CVE-2023-24408Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.4 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-24408
CVE-2023-28493Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Macho Themes NewsMag theme <= 2.4.4 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-28493
CVE-2023-30787MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/introductions` endpoint and first_met_additional_info parameter.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30787
CVE-2023-30788MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people/add` endpoint and nickName, description, lastName, middleName and firstName parameter.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30788
CVE-2023-30789MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/work` endpoint and job and company parameter.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30789
CVE-2023-30790MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/relationships` endpoint and first_name and last_name parameter.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30790
CVE-2023-23894Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Surbma Surbma | GDPR Proof Cookie Consent & Notice Bar plugin <= 17.5.3 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-23894
CVE-2023-29188SAP CRM WebClient UI - versions SAPSCORE 129, S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker with user level access can read and modify some sensitive information but cannot delete the data.\n\n5.4https://nvd.nist.gov/vuln/detail/CVE-2023-29188
CVE-2023-31407SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.\n\n5.4https://nvd.nist.gov/vuln/detail/CVE-2023-31407
CVE-2022-41640Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Rymera Web Co Wholesale Suite plugin <= 2.1.5 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2022-41640
CVE-2023-23664Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ConvertBox ConvertBox Auto Embed WordPress plugin <= 1.0.19 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-23664
CVE-2023-2591Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-2591
CVE-2023-23862Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical scroll recent post plugin <= 14.0 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-23862
CVE-2022-46844Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in PixelGrade PixFields plugin <= 0.7.0 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2022-46844
CVE-2023-23647Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Sk. Abul Hasan Team Member – Team with Slider plugin <= 4.4 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-23647
CVE-2023-31134Tauri is software for building applications for multi-platform deployment. The Tauri IPC is usually strictly isolated from external websites, but in versions 1.0.0 until 1.0.9, 1.1.0 until 1.1.4, and 1.2.0 until 1.2.5, the isolation can be bypassed by redirecting an existing Tauri window to an external website. This is either possible by an application implementing a feature for users to visit\narbitrary websites or due to a bug allowing the open redirect. This allows the external website access to the IPC layer and therefore to all configured and exposed Tauri API endpoints and application specific implemented Tauri commands. This issue has been patched in versions 1.0.9, 1.1.4, and 1.2.5. As a workaround, prevent arbitrary input in redirect features and/or only allow trusted websites access to the IPC.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-31134
CVE-2023-25834Changes to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in specific use cases. This issue may allow users to access content that they are no longer privileged to access.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-25834
CVE-2023-31800Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-31800
CVE-2023-31802Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skype and linedin_url parameters.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-31802
CVE-2023-31804Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the course category parameters.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-31804
CVE-2023-31806Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-31806
CVE-2023-31807Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the personal notes function.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-31807
CVE-2023-30057Multiple stored cross-site scripting (XSS) vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-30057
CVE-2023-25833There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim’s browser (no stateful change made or customer data rendered).5.4https://nvd.nist.gov/vuln/detail/CVE-2023-25833
CVE-2023-2616Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-2616
CVE-2023-27888Cross-site scripting vulnerability in Joruri Gw Ver 3.2.5 and earlier allows a remote authenticated attacker to inject an arbitrary script via Message Memo function of the affected product.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-27888
CVE-2023-2614Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-2614
CVE-2023-2615Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-2615
CVE-2023-22711Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Agent Evolution IMPress Listings plugin <= 2.6.2 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-22711
CVE-2023-23701Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Andrew @ Geeenville Web Design Easy Sign Up plugin <= 3.4.1 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-23701
CVE-2023-23786Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Christof Servit affiliate-toolkit plugin <= 3.3.3 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-23786
CVE-2022-32970Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Themify Themify Portfolio Post plugin <= 1.2.4 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2022-32970
CVE-2023-22696Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Custom4Web Affiliate Links Lite plugin <= 2.5 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-22696
CVE-2023-23873Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flector BBSpoiler plugin <= 2.01 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-23873
CVE-2022-27856Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Atlas Gondal Export All URLs plugin <= 4.1 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2022-27856
CVE-2018-16872A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.5.3https://nvd.nist.gov/vuln/detail/CVE-2018-16872
CVE-2022-35917Solana Pay is a protocol and set of reference implementations that enable developers to incorporate decentralized payments into their apps and services. When a Solana Pay transaction is located using a reference key, it may be checked to represent a transfer of the desired amount to the recipient, using the supplied `validateTransfer` function. An edge case regarding this mechanism could cause the validation logic to validate multiple transfers. This issue has been patched as of version `0.2.1`. Users of the Solana Pay SDK should upgrade to it. There are no known workarounds for this issue.5.3https://nvd.nist.gov/vuln/detail/CVE-2022-35917
CVE-2022-2795By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.5.3https://nvd.nist.gov/vuln/detail/CVE-2022-2795
CVE-2022-41717An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.5.3https://nvd.nist.gov/vuln/detail/CVE-2022-41717
CVE-2022-36354A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensitive information leak. An attacker can provide a malicious file to trigger this vulnerability.5.3https://nvd.nist.gov/vuln/detail/CVE-2022-36354
CVE-2023-27977A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss of data when an attacker sends specific crafted messages to the Data Server TCP port. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).5.3https://nvd.nist.gov/vuln/detail/CVE-2023-27977
CVE-2023-27043The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-27043
CVE-2023-30943The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-30943
CVE-2023-26268Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions:\n * validate_doc_update\n\n * list\n\n * filter\n\n * filter views (using view functions as filters)\n\n * rewrite\n\n * update\n\n\n\nThis doesn't affect map/reduce or search (Dreyfus) index functions.\n\nUsers are recommended to upgrade to a version that is no longer affected by this issue (Apache CouchDB 3.3.2 or 3.2.3).\n\nWorkaround: Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.\n\n5.3https://nvd.nist.gov/vuln/detail/CVE-2023-26268
CVE-2022-39161IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. A man-in-the-middle attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 235069.5.3https://nvd.nist.gov/vuln/detail/CVE-2022-39161
CVE-2023-1894A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-1894
CVE-2023-30019imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-30019
CVE-2023-23494A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to cause a denial-of-service5.3https://nvd.nist.gov/vuln/detail/CVE-2023-23494
CVE-2023-21404AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-21404
CVE-2023-29107A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint discloses some undocumented files. This could allow an unauthenticated remote attacker to gain access to additional information resources.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-29107
CVE-2023-28290Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability5.3https://nvd.nist.gov/vuln/detail/CVE-2023-28290
CVE-2023-28317A vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-28317
CVE-2023-28318A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-28318
CVE-2023-26126All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.\r\r5.3https://nvd.nist.gov/vuln/detail/CVE-2023-26126
CVE-2023-31404Under certain conditions, SAP BusinessObjects Business Intelligence Platform (Central Management Service) - versions 420, 430, allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could let them access data sources which would otherwise be restricted.\n\n5https://nvd.nist.gov/vuln/detail/CVE-2023-31404
CVE-2023-29338Visual Studio Code Information Disclosure Vulnerability5https://nvd.nist.gov/vuln/detail/CVE-2023-29338
CVE-2019-0097Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.4.9https://nvd.nist.gov/vuln/detail/CVE-2019-0097
CVE-2020-14575Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).4.9https://nvd.nist.gov/vuln/detail/CVE-2020-14575
CVE-2020-14702Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).4.9https://nvd.nist.gov/vuln/detail/CVE-2020-14702
CVE-2021-20406IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184.\n\n4.9https://nvd.nist.gov/vuln/detail/CVE-2021-20406
CVE-2023-30205A stored cross-site scripting (XSS) vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the unique_id parameter in /admin/article.php.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-30205
CVE-2023-25962Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari Accordion – Multiple Accordion or FAQs Builder plugin <= 2.3.0 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-25962
CVE-2023-26016Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tauhidul Alam Simple Portfolio Gallery plugin <= 0.1 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-26016
CVE-2023-26010Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPMobile.App plugin <= 11.18 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-26010
CVE-2023-26012Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Denzel Chia | Phire Design Custom Login Page plugin <= 2.0 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-26012
CVE-2022-47434Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PB SEO Friendly Images plugin <= 4.0.5 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-47434
CVE-2023-2427Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-2427
CVE-2023-2550Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-2550
CVE-2023-26517Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff Starr Dashboard Widgets Suite plugin <= 3.2.1 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-26517
CVE-2023-26519Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Benfica Publish to Schedule plugin <= 4.5.4 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-26519
CVE-2023-25491Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Samuel Marshall JCH Optimize plugin <= 3.2.2 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-25491
CVE-2023-2566Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-2566
CVE-2023-25021Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in FareHarbor FareHarbor for WordPress plugin <= 3.6.6 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-25021
CVE-2023-25052Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa Yandex.News Feed by Teplitsa plugin <= 1.12.5 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-25052
CVE-2023-25452Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Pretty (prettyboymp) CMS Press plugin <= 0.2.3 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-25452
CVE-2023-28169Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CoreFortress Easy Event calendar plugin <= 1.0 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-28169
CVE-2020-18132Cross Site Scripting (XSS) vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code via the category name field to categoryEdit.4.8https://nvd.nist.gov/vuln/detail/CVE-2020-18132
CVE-2023-0544The WP Login Box WordPress plugin through 2.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)4.8https://nvd.nist.gov/vuln/detail/CVE-2023-0544
CVE-2023-0894The Pickup | Delivery | Dine-in date time WordPress plugin through 1.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)4.8https://nvd.nist.gov/vuln/detail/CVE-2023-0894
CVE-2023-1649The AI ChatBot WordPress plugin before 4.5.1 does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)4.8https://nvd.nist.gov/vuln/detail/CVE-2023-1649
CVE-2022-47437Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Branko Borilovic WSB Brands plugin <= 1.1.8 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-47437
CVE-2023-22791A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge-case combination of network configuration, a specific WLAN environment and an attacker already possessing valid user credentials on that WLAN can lead to sensitive information being disclosed via the WLAN. The scenarios in which this disclosure of potentially sensitive information can occur are complex and depend on factors that are beyond the control of the attacker.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-22791
CVE-2023-24376Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nico Graff WP Simple Events plugin <= 1.0 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-24376
CVE-2023-23863Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Black and White Digital Ltd TreePress – Easy Family Trees & Ancestor Profiles plugin <= 2.0.22 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23863
CVE-2023-23793Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eightweb Interactive Read More Without Refresh plugin <= 3.1 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23793
CVE-2023-23732Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Disqus Conditional Load plugin <= 11.0.6 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23732
CVE-2023-23733Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Lazy Social Comments plugin <= 2.0.4 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23733
CVE-2023-23734Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin <= 2.2 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23734
CVE-2023-23883Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Gwyer WP Content Filter plugin <= 3.0.1 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23883
CVE-2023-23884Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanban for WordPress Kanban Boards for WordPress plugin <= 2.5.20 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23884
CVE-2023-24372Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in USB Memory Direct Simple Custom Author Profiles plugin <= 1.0.0 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-24372
CVE-2023-31799Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the system annnouncements parameter.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-31799
CVE-2023-31803Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the resource sequencing parameters.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-31803
CVE-2023-31805Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local authenticated attacker to execute arbitrary code via the homepage function.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-31805
CVE-2023-23788Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Florin Arjocu Custom More Link Complete plugin <= 1.4.1 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23788
CVE-2023-23789Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Premmerce Premmerce Redirect Manager plugin <= 1.0.9 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23789
CVE-2023-23812Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joost de Valk Enhanced WP Contact Form plugin <= 2.2.3 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23812
CVE-2023-24418Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin <= 3.2 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-24418
CVE-2023-28932Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPMobile.App WPMobile.App — Android and iOS Mobile Application plugin <= 11.20 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-28932
CVE-2023-23794Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Moss Semalt Blocker plugin <= 1.1.3 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-23794
CVE-2023-24406Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb ur Rehman Simple PopUp plugin <= 1.8.6 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-24406
CVE-2023-30746Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Booqable Rental Software Booqable Rental plugin <= 2.4.15 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-30746
CVE-2022-33961Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WaspThemes Visual CSS Style Editor plugin <= 7.5.8 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-33961
CVE-2022-46817Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Flyzoo Flyzoo Chat plugin <= 2.3.3 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-46817
CVE-2022-46819Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Continuous announcement scroller plugin <= 13.0 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-46819
CVE-2022-46861Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Zia Imtiaz Custom Login Page Styler for WordPress plugin <= 6.2 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-46861
CVE-2022-47137Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPManageNinja LLC Ninja Tables plugin <= 4.3.4 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-47137
CVE-2022-47423Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ulf Benjaminsson WP-dTree plugin <= 4.4.5 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-47423
CVE-2022-47436Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MantraBrain Yatra plugin <= 2.1.14 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-47436
CVE-2022-47587Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cornel Raiu WP Search Analytics plugin <= 1.4.5 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-47587
CVE-2022-47606Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tim Stephenson WP-CORS plugin <= 0.2.1 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2022-47606
CVE-2023-23383Service Fabric Explorer Spoofing Vulnerability4.7https://nvd.nist.gov/vuln/detail/CVE-2023-23383
CVE-2022-43950A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, \r\n 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL.4.7https://nvd.nist.gov/vuln/detail/CVE-2022-43950
CVE-2023-29354Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability4.7https://nvd.nist.gov/vuln/detail/CVE-2023-29354
CVE-2023-27952A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks4.7https://nvd.nist.gov/vuln/detail/CVE-2023-27952
CVE-2023-1526Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer.4.6https://nvd.nist.gov/vuln/detail/CVE-2023-1526
CVE-2023-21485Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.4.6https://nvd.nist.gov/vuln/detail/CVE-2023-21485
CVE-2023-21486Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.4.6https://nvd.nist.gov/vuln/detail/CVE-2023-21486
CVE-2023-30550MeterSphere is an open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing, and performance testing. This IDOR vulnerability allows the administrator of a project to modify other projects under the workspace. An attacker can obtain some operating permissions. The issue has been fixed in version 2.9.0.4.5https://nvd.nist.gov/vuln/detail/CVE-2023-30550
CVE-2022-4432A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS PersistenceConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-4432
CVE-2022-4433A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-4433
CVE-2022-4435A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-4435
CVE-2023-2269A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.4.4https://nvd.nist.gov/vuln/detail/CVE-2023-2269
CVE-2022-45859An insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-45859
CVE-2023-21492Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.4.4https://nvd.nist.gov/vuln/detail/CVE-2023-21492
CVE-2022-39089In mlog service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-39089
CVE-2022-47334In phasecheck server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47334
CVE-2022-47469In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47469
CVE-2022-47470In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47470
CVE-2022-47485In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47485
CVE-2022-47486In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47486
CVE-2022-47488In spipe drive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47488
CVE-2022-47489In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47489
CVE-2022-47491In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47491
CVE-2022-47494In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47494
CVE-2022-47495In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47495
CVE-2022-47496In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47496
CVE-2022-47497In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47497
CVE-2022-47498In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47498
CVE-2022-47499In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-47499
CVE-2022-48235In MP3 encoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48235
CVE-2022-48236In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48236
CVE-2022-48237In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48237
CVE-2022-48238In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48238
CVE-2022-48239In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48239
CVE-2022-48240In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48240
CVE-2022-48372In bootcp service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48372
CVE-2022-48373In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48373
CVE-2022-48374In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48374
CVE-2022-48380In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48380
CVE-2022-48381In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48381
CVE-2022-48382In log service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48382
CVE-2022-48385In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48385
CVE-2022-48386the apipe driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48386
CVE-2022-48387the apipe driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48387
CVE-2022-48389In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.4.4https://nvd.nist.gov/vuln/detail/CVE-2022-48389
CVE-2019-19091For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack.4.3https://nvd.nist.gov/vuln/detail/CVE-2019-19091
CVE-2022-43698OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list.4.3https://nvd.nist.gov/vuln/detail/CVE-2022-43698
CVE-2023-2462Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. (Chromium security severity: Medium)4.3https://nvd.nist.gov/vuln/detail/CVE-2023-2462
CVE-2023-2463Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)4.3https://nvd.nist.gov/vuln/detail/CVE-2023-2463
CVE-2023-2464Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. (Chromium security severity: Medium)4.3https://nvd.nist.gov/vuln/detail/CVE-2023-2464
CVE-2023-2465Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)4.3https://nvd.nist.gov/vuln/detail/CVE-2023-2465
CVE-2023-2466Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low)4.3https://nvd.nist.gov/vuln/detail/CVE-2023-2466
CVE-2023-2467Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security severity: Low)4.3https://nvd.nist.gov/vuln/detail/CVE-2023-2467
CVE-2023-2468Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low)4.3https://nvd.nist.gov/vuln/detail/CVE-2023-2468
CVE-2023-1383An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible.\n\nThis issue affects:\n\nAmazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. \nInsignia TV with FireOS versions prior to 7.6.3.3.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-1383
CVE-2023-22813\n\n\n\n\n\n\n\n\n\nA device API\nendpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a permissive CORS policy\nand missing authentication requirement for private IPs, a remote attacker on\nthe same network as the device could obtain device information by convincing a\nvictim user to visit an attacker-controlled server and issue a cross-site\nrequest.\n\n\n\nThis issue affects\nMy Cloud OS 5 Mobile App: before 4.21.0; My Cloud Home Mobile App: before 4.21.0; ibi Mobile App: before 4.21.0; My\nCloud OS 5 Web App: before 4.26.0-6126; My Cloud Home Web App: before 4.26.0-6126;\nibi Web App: before 4.26.0-6126.\n\n4.3https://nvd.nist.gov/vuln/detail/CVE-2023-22813
CVE-2023-29103A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device uses a hard-coded password to protect the diagnostic files. This could allow an authenticated attacker to access protected data.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-29103
CVE-2022-22508Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.4.3https://nvd.nist.gov/vuln/detail/CVE-2022-22508
CVE-2023-23543The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A sandboxed app may be able to determine which app is currently using the camera3.6https://nvd.nist.gov/vuln/detail/CVE-2023-23543
CVE-2019-19090For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.3.5https://nvd.nist.gov/vuln/detail/CVE-2019-19090
CVE-2019-19092ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.3.5https://nvd.nist.gov/vuln/detail/CVE-2019-19092
CVE-2023-2590Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9.3.5https://nvd.nist.gov/vuln/detail/CVE-2023-2590
CVE-2022-20338In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-1719668433.3https://nvd.nist.gov/vuln/detail/CVE-2022-20338
CVE-2022-42442\nIBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform. IBM X-Force ID: 238214.\n\n\n\n3.3https://nvd.nist.gov/vuln/detail/CVE-2022-42442
CVE-2023-21487Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-21487
CVE-2023-31413Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-31413
CVE-2023-23523A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup3.3https://nvd.nist.gov/vuln/detail/CVE-2023-23523
CVE-2023-23541A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user’s contacts3.3https://nvd.nist.gov/vuln/detail/CVE-2023-23541
CVE-2023-27928A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user’s contacts3.3https://nvd.nist.gov/vuln/detail/CVE-2023-27928
CVE-2023-28194The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen3.3https://nvd.nist.gov/vuln/detail/CVE-2023-28194
CVE-2023-27408A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of `-rw-rw-rw-`. This file is used as a mutex for multiple applications interacting with i2c. This could allow an authenticated attacker with access to the SSH interface on the affected device to interfere with the integrity of the mutex and the data it protects.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-27408
CVE-2023-27409A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-27409
CVE-2023-29333Microsoft Access Denial of Service Vulnerability3.3https://nvd.nist.gov/vuln/detail/CVE-2023-29333
CVE-2023-27410A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service.2.7https://nvd.nist.gov/vuln/detail/CVE-2023-27410
CVE-2023-29128A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to write any file with the extension `.db`.2.7https://nvd.nist.gov/vuln/detail/CVE-2023-29128
CVE-2023-25815In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\\mingw64\\share\\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\\` (and since `C:\\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1.\n\nThis vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It does require local write access by the attacker, though, which makes this attack vector less likely. Version 2.40.1 contains a patch for this issue. Some workarounds are available. Do not work on a Windows machine with shared accounts, or alternatively create a `C:\\mingw64` folder and leave it empty. Users who have administrative rights may remove the permission to create folders in `C:\\`.2.2https://nvd.nist.gov/vuln/detail/CVE-2023-25815
CVE-2001-0897Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) before 5.47e allows remote attackers to steal user cookies via an [IMG] tag that references an about: URL with an onerror field.https://nvd.nist.gov/vuln/detail/CVE-2001-0897
CVE-2010-4645strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.https://nvd.nist.gov/vuln/detail/CVE-2010-4645
CVE-2013-0169The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.https://nvd.nist.gov/vuln/detail/CVE-2013-0169
CVE-2015-5698Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.https://nvd.nist.gov/vuln/detail/CVE-2015-5698
CVE-2023-28316A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled.https://nvd.nist.gov/vuln/detail/CVE-2023-28316
CVE-2023-31478An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key.https://nvd.nist.gov/vuln/detail/CVE-2023-31478
CVE-2022-36330A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their privileges in order to exploit this buffer overflow vulnerability.\n\nThis issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191. \n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-36330
CVE-2022-4008In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Servicehttps://nvd.nist.gov/vuln/detail/CVE-2022-4008
CVE-2023-22441Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which may allow a remote attacker to obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlierhttps://nvd.nist.gov/vuln/detail/CVE-2023-22441
CVE-2023-23578Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier allows a remote unauthenticated attacker to connect to the product's ADB port.https://nvd.nist.gov/vuln/detail/CVE-2023-23578
CVE-2023-23901Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product.https://nvd.nist.gov/vuln/detail/CVE-2023-23901
CVE-2023-23906Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product.https://nvd.nist.gov/vuln/detail/CVE-2023-23906
CVE-2023-24586Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product.https://nvd.nist.gov/vuln/detail/CVE-2023-24586
CVE-2023-25070Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator's communication to the product.https://nvd.nist.gov/vuln/detail/CVE-2023-25070
CVE-2023-25072Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product.https://nvd.nist.gov/vuln/detail/CVE-2023-25072
CVE-2023-25184Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, and SkySpider MB-R210 firmware Ver. 1.01.00 and earlier.https://nvd.nist.gov/vuln/detail/CVE-2023-25184
CVE-2023-27385Heap-based buffer overflow vulnerability exists in CX-Drive All models V3.01 and earlier. By having a user open a specially crafted SDD file, arbitrary code may be executed and/or information may be disclosed.https://nvd.nist.gov/vuln/detail/CVE-2023-27385
CVE-2023-27889Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page.https://nvd.nist.gov/vuln/detail/CVE-2023-27889
CVE-2023-27918Cross-site scripting vulnerability in Appointment and Event Booking Calendar for WordPress - Amelia versions prior to 1.0.76 allows a remote unauthenticated attacker to inject an arbitrary script by having a user who is logging in the WordPress where the product is installed visit a malicious URL.https://nvd.nist.gov/vuln/detail/CVE-2023-27918
CVE-2023-27919Authentication bypass vulnerability in NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series) all versions allows a remote unauthenticated attacker to alter the information stored in the system.https://nvd.nist.gov/vuln/detail/CVE-2023-27919
CVE-2023-2617A vulnerability classified as problematic was found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this vulnerability is the function DecodedBitStreamParser::decodeByteSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-228547.https://nvd.nist.gov/vuln/detail/CVE-2023-2617
CVE-2023-2618A vulnerability, which was classified as problematic, has been found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to memory leak. The attack may be launched remotely. The name of the patch is 2b62ff6181163eea029ed1cab11363b4996e9cd6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-228548.https://nvd.nist.gov/vuln/detail/CVE-2023-2618
CVE-2023-30777Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins <= 6.1.5 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-30777
CVE-2023-32573In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.https://nvd.nist.gov/vuln/detail/CVE-2023-32573
CVE-2023-1732When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. In rare deployment cases (error thrown by the Read() function), this could lead to a predictable shared secret.\n\nThe tkn20 and blindrsa components did not check whether enough randomness was returned from the user provided randomness source. Typically the user provides crypto/rand.Reader, which in the vast majority of cases will always return the right number random bytes. In the cases where it does not, or the user provides a source that does not, the blinding for blindrsa is weak and integrity of the plaintext is not ensured in tkn20.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-1732
CVE-2022-21162Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-21162
CVE-2022-21239Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-21239
CVE-2022-21804Out-of-bounds write in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-21804
CVE-2022-25976Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-25976
CVE-2022-27180Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-27180
CVE-2022-28699Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-28699
CVE-2022-29508Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-29508
CVE-2022-29919Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-29919
CVE-2022-30338Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-30338
CVE-2022-31477Improper initialization for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-31477
CVE-2022-32576Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-32576
CVE-2022-32577Improper input validation in BIOS Firmware for some Intel(R) NUC Kits before version PY0081 may allow a privileged user to potentially enable information disclosure or denial of service via local accesshttps://nvd.nist.gov/vuln/detail/CVE-2022-32577
CVE-2022-32578Improper access control for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-32578
CVE-2022-32582Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element may allow a privileged user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-32582
CVE-2022-32766Improper input validation for some Intel(R) BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-32766
CVE-2022-33894Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-33894
CVE-2022-33963Incorrect default permissions in the software installer for Intel(R) Unite(R) Client software for Windows before version 4.2.34870 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-33963
CVE-2022-34147Improper input validation in BIOS firmware for some Intel(R) NUC 9 Extreme Laptop Kits, Intel(R) NUC Performance Kits, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, and Intel(R) NUC Compute Element may allow a privileged user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-34147
CVE-2022-34848Uncontrolled search path for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-34848
CVE-2022-34855Path traversal for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-34855
CVE-2022-36339Improper input validation in firmware for Intel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element may allow a privileged user to enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-36339
CVE-2022-36391Incorrect default permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-36391
CVE-2022-37327Improper input validation in BIOS firmware for Intel(R) NUC, Intel(R) NUC Performance Kit, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element, Intel(R) NUC Extreme, Intel(R) NUC 12 Extreme Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Enthusiast, Intel(R) NUC Essential, Intel(R) NUC Laptop Kit, Intel(R) NUC Extreme Compute Element, Intel(R) NUC Boards, Intel(R) NUC Pro Compute Element, Intel(R) NUC Rugged may allow a privileged user to enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-37327
CVE-2022-37409Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allow an authenticated user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-37409
CVE-2022-38087Exposure of resource to wrong sphere in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-38087
CVE-2022-38101Uncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update software before version iFlashV Windows 5.13.00.2105 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-38101
CVE-2022-38103Insecure inherited permissions in the Intel(R) NUC Software Studio Service installer before version 1.17.38.0 may allow an authenticated user to potentially enable escalation of privilege via local accesshttps://nvd.nist.gov/vuln/detail/CVE-2022-38103
CVE-2022-38787Improper input validation in firmware for some Intel(R) FPGA products before version 2.7.0 Hotfix may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-38787
CVE-2022-40207Improper access control in the Intel(R) SUR software before version 2.4.8989 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-40207
CVE-2022-40210Exposure of data element to wrong session in the Intel DCM software before version 5.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-40210
CVE-2022-40685Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow an authenticated user to potentially enable information disclosure via network access.https://nvd.nist.gov/vuln/detail/CVE-2022-40685
CVE-2022-40971Incorrect default permissions for the Intel(R) HDMI Firmware Update Tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-40971
CVE-2022-40972Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-40972
CVE-2022-40974Incomplete cleanup in the Intel(R) IPP Cryptography software before version 2021.6 may allow a privileged user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-40974
CVE-2022-41610Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC before version 2.4 software may allow an authenticated user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41610
CVE-2022-41621Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41621
CVE-2022-41628Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41628
CVE-2022-41646Insufficient control flow management in the Intel(R) IPP Cryptography software before version 2021.6 may allow an unauthenticated user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41646
CVE-2022-41658Insecure inherited permissions in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41658
CVE-2022-41687Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41687
CVE-2022-41690Improper access control in the Intel(R) Retail Edge Mobile iOS application before version 3.4.7 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41690
CVE-2022-41693Uncontrolled search path in the Intel(R) Quartus(R) Prime Pro edition software before version 22.3 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41693
CVE-2022-41699Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41699
CVE-2022-41769Improper access control in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41769
CVE-2022-41771Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41771
CVE-2022-41784Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow an authenticated user to potentially enable escalation of privilege via local accesshttps://nvd.nist.gov/vuln/detail/CVE-2022-41784
CVE-2022-41801Uncontrolled resource consumption in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41801
CVE-2022-41808Improper buffer restriction in software for the Intel QAT Driver for Linux before version 1.7.l.4.12 may allow an authenticated user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41808
CVE-2022-41979Protection mechanism failure in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access.https://nvd.nist.gov/vuln/detail/CVE-2022-41979
CVE-2022-41982Uncontrolled search path element in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41982
CVE-2022-41998Uncontrolled search path in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-41998
CVE-2022-42465Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow a privileged user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-42465
CVE-2022-42878Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-42878
CVE-2022-43465Improper authorization in the Intel(R) SCS software all versions may allow an authenticated user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-43465
CVE-2022-43474Uncontrolled search path for the DSP Builder software installer before version 22.4 for Intel(R) FPGAs Pro Edition may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-43474
CVE-2022-43475Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-43475
CVE-2022-43507Improper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable escalation of privilege via network access.https://nvd.nist.gov/vuln/detail/CVE-2022-43507
CVE-2022-44610Improper authentication in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access.https://nvd.nist.gov/vuln/detail/CVE-2022-44610
CVE-2022-44619Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-44619
CVE-2022-45128Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an authenticated user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-45128
CVE-2022-46279Improper access control in the Intel(R) Retail Edge android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-46279
CVE-2022-46645Uncontrolled resource consumption in the Intel(R) Smart Campus Android application before version 9.9 may allow an authenticated user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-46645
CVE-2022-46656Insecure inherited permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2022-46656
CVE-2023-22297Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-22297
CVE-2023-22312Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-22312
CVE-2023-22355Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-22355
CVE-2023-22379Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-22379
CVE-2023-22440Incorrect default permissions in the Intel(R) SCS Add-on software installer for Microsoft SCCM all versions may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-22440
CVE-2023-22442Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-22442
CVE-2023-22443Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-22443
CVE-2023-22447Insertion of sensitive information into log file in the Open CAS software for Linux maintained by Intel before version 22.6.2 may allow a privileged user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-22447
CVE-2023-22661Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-22661
CVE-2023-23569Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-23569
CVE-2023-23573Improper access control in the Intel(R) Unite(R) android application before Release 17 may allow a privileged user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-23573
CVE-2023-23580Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-23580
CVE-2023-23909Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-23909
CVE-2023-23910Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-23910
CVE-2023-24475Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-24475
CVE-2023-25175Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-25175
CVE-2023-25179Uncontrolled resource consumption in the Intel(R) Unite(R) android application before Release 17 may allow an authenticated user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-25179
CVE-2023-25545Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-25545
CVE-2023-25568Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. In versions 0.4.0 and 0.5.0, if an attacker is able allocate arbitrary many bytes in the Bitswap server, those allocations are lasting even if the connection is closed. This affects users accepting untrusted connections with the Bitswap server and also affects users using the old API stubs at `github.com/ipfs/go-libipfs/bitswap` because users then transitively import `github.com/ipfs/go-libipfs/bitswap/server`. Boxo versions 0.6.0 and 0.4.1 contain a patch for this issue. As a workaround, those who are using the stub object at `github.com/ipfs/go-libipfs/bitswap` not taking advantage of the features provided by the server can refactor their code to use the new split API that will allow them to run in a client only mode: `github.com/ipfs/go-libipfs/bitswap/client`.https://nvd.nist.gov/vuln/detail/CVE-2023-25568
CVE-2023-25771Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-25771
CVE-2023-25772Improper input validation in the Intel(R) Retail Edge Mobile Android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable denial of service via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-25772
CVE-2023-25776Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-25776
CVE-2023-27298Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access.https://nvd.nist.gov/vuln/detail/CVE-2023-27298
CVE-2023-27382Incorrect default permissions in the Audio Service for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.0.0.156 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-27382
CVE-2023-27386Uncontrolled search path in some Intel(R) Pathfinder for RISC-V software may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-27386
CVE-2023-28410Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-28410
CVE-2023-28411Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-28411
CVE-2023-27562The n8n package 0.218.0 for Node.js allows Directory Traversal.https://nvd.nist.gov/vuln/detail/CVE-2023-27562
CVE-2023-27563The n8n package 0.218.0 for Node.js allows Escalation of Privileges.https://nvd.nist.gov/vuln/detail/CVE-2023-27563
CVE-2023-27564The n8n package 0.218.0 for Node.js allows Information Disclosure.https://nvd.nist.gov/vuln/detail/CVE-2023-27564
CVE-2023-29930An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page.https://nvd.nist.gov/vuln/detail/CVE-2023-29930
CVE-2023-31471An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to install software from the filesystem, the package list, or a URL.https://nvd.nist.gov/vuln/detail/CVE-2023-31471
CVE-2023-31908Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort.https://nvd.nist.gov/vuln/detail/CVE-2023-31908
CVE-2023-31910Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.https://nvd.nist.gov/vuln/detail/CVE-2023-31910
CVE-2022-41985An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2022-41985
CVE-2022-46377An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no IP address argument is provided to the `PORT` command.https://nvd.nist.gov/vuln/detail/CVE-2022-46377
CVE-2022-46378An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no port argument is provided to the `PORT` command.https://nvd.nist.gov/vuln/detail/CVE-2022-46378
CVE-2023-2629Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9.https://nvd.nist.gov/vuln/detail/CVE-2023-2629
CVE-2023-2630Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.https://nvd.nist.gov/vuln/detail/CVE-2023-2630
CVE-2023-30351Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials.https://nvd.nist.gov/vuln/detail/CVE-2023-30351
CVE-2023-30352Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed.https://nvd.nist.gov/vuln/detail/CVE-2023-30352
CVE-2023-30353Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document.https://nvd.nist.gov/vuln/detail/CVE-2023-30353
CVE-2023-30354Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access.https://nvd.nist.gov/vuln/detail/CVE-2023-30354
CVE-2023-30356Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmwarehttps://nvd.nist.gov/vuln/detail/CVE-2023-30356
CVE-2023-31554xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readPageLabelTree2(Object*). This vulnerability allows attackers to cause a Denial of Service (DoS).https://nvd.nist.gov/vuln/detail/CVE-2023-31554
CVE-2023-31555podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad.https://nvd.nist.gov/vuln/detail/CVE-2023-31555
CVE-2023-31556podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent.https://nvd.nist.gov/vuln/detail/CVE-2023-31556
CVE-2023-31557xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readEmbeddedFileTree(Object*). This vulnerability allows attackers to cause a Denial of Service (DoS).https://nvd.nist.gov/vuln/detail/CVE-2023-31557
CVE-2023-0007A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator’s browser when viewed.\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0007
CVE-2023-0008A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0008
CVE-2023-32070XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. There are no known workarounds apart from upgrading to a fixed version.https://nvd.nist.gov/vuln/detail/CVE-2023-32070
CVE-2023-32076in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the files read is `.in_totorc` which is a hidden file in the directory in which in-toto is run. If an attacker controls the inputs to a supply chain step, they can mask their activities by also passing in an `.in_totorc` file that includes the necessary exclude patterns and settings. RC files are widely used in other systems and security issues have been discovered in their implementations as well. Maintainers found in their conversations with in-toto adopters that `in_totorc` is not their preferred way to configure in-toto. As none of the options supported in `in_totorc` is unique, and can be set elsewhere using API parameters or CLI arguments, the maintainers decided to drop support for `in_totorc`. in-toto's `user_settings` module has been dropped altogether in commit 3a21d84f40811b7d191fa7bd17265c1f99599afd. Users may also sandbox functionary code as a security measure.https://nvd.nist.gov/vuln/detail/CVE-2023-32076
CVE-2022-36937HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnerabilities and is deprecated. HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171.1, 4.172.1, 4.173.0 replaces TLS1.0 with TLS1.3.\n\nApplications that call stream_socket_server or stream_socket_client functions with a URL starting with tls:// are affected.https://nvd.nist.gov/vuln/detail/CVE-2022-36937
CVE-2021-45345Buffer Overflow vulnerability found in En3rgy WebcamServer v.0.5.2 allows a remote attacker to cause a denial of service via the WebcamServer.exe file.https://nvd.nist.gov/vuln/detail/CVE-2021-45345
CVE-2022-36329An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-36329
CVE-2023-2310A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle (MiTM) that could result in denial of service.\n\nSee the ACSELERATOR RTAC SEL-5033 Software instruction manual date code 20210915 for more details.https://nvd.nist.gov/vuln/detail/CVE-2023-2310
CVE-2023-30194Prestashop posstaticfooter <= 1.0.0 is vulnerable to SQL Injection via posstaticfooter::getPosCurrentHook().https://nvd.nist.gov/vuln/detail/CVE-2023-30194
CVE-2023-31148An Improper Input Validation vulnerability \n\nin the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code.\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31148
CVE-2023-31149\nAn Improper Input Validation vulnerability \n\nin the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code.\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31149
CVE-2023-31150\nA Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords.\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31150
CVE-2023-31151An Improper Certificate Validation vulnerability \n\nin the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface\n\ncould allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack.\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31151
CVE-2023-31152An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypass. \nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31152
CVE-2023-31153An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31153
CVE-2023-31154\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31154
CVE-2023-31155\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31155
CVE-2023-31156\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31156
CVE-2023-31157\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31157
CVE-2023-31158\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31158
CVE-2023-31159\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31159
CVE-2023-31160\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31160
CVE-2023-31161An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects.\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.https://nvd.nist.gov/vuln/detail/CVE-2023-31161
CVE-2023-31162An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to arbitrarily alter the content of a configuration file.\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.https://nvd.nist.gov/vuln/detail/CVE-2023-31162
CVE-2023-31163\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31163
CVE-2023-31164\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31164
CVE-2023-31165\nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31165
CVE-2023-31166An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system.\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.https://nvd.nist.gov/vuln/detail/CVE-2023-31166
CVE-2022-29842Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability that could allow an attacker to execute code in the context of the root user on a vulnerable CGI file was discovered in Western Digital My Cloud OS 5 devicesThis issue affects My Cloud OS 5: before 5.26.119.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-29842
CVE-2023-32080Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to modify an server's install script or the install script executes code supplied by the user (either through environment variables, or commands that execute commands based off of user data). This vulnerability has been resolved in version `v1.11.6` of Wings, and has been back-ported to the 1.7 release series in `v1.7.5`. Anyone running `v1.11.x` should upgrade to `v1.11.6` and anyone running `v1.7.x` should upgrade to `v1.7.5`.\n\nThere are no workarounds aside from upgrading. Running Wings with a rootless container runtime may mitigate the severity of any attacks, however the majority of users are using container runtimes that run as root as per the Wings documentation. SELinux may prevent attackers from performing certain operations against the host system, however privileged containers have a lot of freedom even on systems with SELinux enabled.\n\nIt should be noted that this was a known attack vector, for attackers to easily exploit this attack it would require compromising an administrator account on a Panel. However, certain eggs (the data structure that holds the install scripts that get passed to Wings) have an issue where they are unknowingly executing shell commands with escalated privileges provided by untrusted user data.https://nvd.nist.gov/vuln/detail/CVE-2023-32080
CVE-2022-29841Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that was caused by a command that read files from a privileged location and created a system command without sanitizing the read data. This command could be triggered by an attacker remotely to cause code execution and gain a reverse shell in Western Digital My Cloud OS 5 devices.This issue affects My Cloud OS 5: before 5.26.119.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-29841
CVE-2022-29840Server-Side Request Forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL to point back to the loopback adapter was addressed in Western Digital My Cloud OS 5 devices. This could allow the URL to exploit other vulnerabilities on the local server.This issue affects My Cloud OS 5 devices before 5.26.202.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-29840
CVE-2023-29986spring-boot-actuator-logview 0.2.13 allows Directory Traversal to sibling directories via LogViewEndpoint.view.https://nvd.nist.gov/vuln/detail/CVE-2023-29986
CVE-2023-30172A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-30172
CVE-2023-31442In Lightbend Akka before 2.8.1, the async-dns resolver (used by Discovery in DNS mode and transitively by Cluster Bootstrap) uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not validate (e.g., via TLS) the authenticity of the discovered service, this may result in exfiltration of application data (e.g., persistence events may be published to an unintended Kafka broker). If such validation is performed, then the poisoning constitutes a denial of access to the intended service. This affects Akka 2.5.14 through 2.8.0, and Akka Discovery through 2.8.0.https://nvd.nist.gov/vuln/detail/CVE-2023-31442
CVE-2023-31477A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path.https://nvd.nist.gov/vuln/detail/CVE-2023-31477
CVE-2023-2641A vulnerability was found in SourceCodester Online Internship Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/login.php of the component POST Parameter Handler. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228770 is the identifier assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2641
CVE-2023-2642A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. This affects an unknown part of the file adminpanel/admin/facebox_modal/updateCourse.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228771.https://nvd.nist.gov/vuln/detail/CVE-2023-2642
CVE-2023-32668LuaTeX before 1.17.0 enables the socket library by default.https://nvd.nist.gov/vuln/detail/CVE-2023-32668
CVE-2023-2643A vulnerability classified as critical was found in SourceCodester File Tracker Manager System 1.0. This vulnerability affects unknown code of the file register/update_password.php of the component POST Parameter Handler. The manipulation of the argument new_password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228772.https://nvd.nist.gov/vuln/detail/CVE-2023-2643
CVE-2023-2644A vulnerability, which was classified as problematic, has been found in DigitalPersona FPSensor 1.0.0.1. This issue affects some unknown processing of the file C:\\Program Files (x86)\\FPSensor\\bin\\DpHost.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier VDB-228773 was assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2644
CVE-2023-2645A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of the component Web Management Page. The manipulation of the argument username/password with the input root leads to use of hard-coded password. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. VDB-228774 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.https://nvd.nist.gov/vuln/detail/CVE-2023-2645
CVE-2023-2646A vulnerability has been found in TP-Link Archer C7v2 v2_en_us_180114 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component GET Request Parameter Handler. The manipulation leads to denial of service. The attack can only be done within the local network. The associated identifier of this vulnerability is VDB-228775. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.https://nvd.nist.gov/vuln/detail/CVE-2023-2646
CVE-2023-2647A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this issue is some unknown functionality of the file /webroot/inc/utility_all.php of the component File Upload Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.https://nvd.nist.gov/vuln/detail/CVE-2023-2647
CVE-2023-2648A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228777 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.https://nvd.nist.gov/vuln/detail/CVE-2023-2648
CVE-2023-2649A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the file /bin/ate of the component Service Port 7329. The manipulation of the argument v2 leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228778 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.https://nvd.nist.gov/vuln/detail/CVE-2023-2649
CVE-2023-2652A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_item. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228780.https://nvd.nist.gov/vuln/detail/CVE-2023-2652
CVE-2023-2653A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file items/index.php. The manipulation of the argument cid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228781 was assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2653
CVE-2023-2490Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fernando Briano UserAgent-Spy plugin <= 1.3.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-2490
CVE-2023-30256Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.https://nvd.nist.gov/vuln/detail/CVE-2023-30256
CVE-2023-31473An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to read an arbitrary file name while using root privileges. The -f option can be used with a configuration file.https://nvd.nist.gov/vuln/detail/CVE-2023-31473
CVE-2023-31475An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer.https://nvd.nist.gov/vuln/detail/CVE-2023-31475
CVE-2023-31498A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-31498
CVE-2021-34076File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload.https://nvd.nist.gov/vuln/detail/CVE-2021-34076
CVE-2023-31445Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users.https://nvd.nist.gov/vuln/detail/CVE-2023-31445
CVE-2023-0851Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.https://nvd.nist.gov/vuln/detail/CVE-2023-0851
CVE-2023-0852Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.https://nvd.nist.gov/vuln/detail/CVE-2023-0852
CVE-2023-0853Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.https://nvd.nist.gov/vuln/detail/CVE-2023-0853
CVE-2023-0854Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.https://nvd.nist.gov/vuln/detail/CVE-2023-0854
CVE-2023-0855Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.https://nvd.nist.gov/vuln/detail/CVE-2023-0855
CVE-2023-0856Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.https://nvd.nist.gov/vuln/detail/CVE-2023-0856
CVE-2023-0857Unintentional change of settings during initial registration of system administrators which uses control protocols. The affected Office / Small Office Multifunction Printers and Laser Printers(*) may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.https://nvd.nist.gov/vuln/detail/CVE-2023-0857
CVE-2023-0858Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.https://nvd.nist.gov/vuln/detail/CVE-2023-0858
CVE-2023-0859Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*). *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.https://nvd.nist.gov/vuln/detail/CVE-2023-0859
CVE-2023-29863Medical Systems Co. Medisys Weblab Products v19.4.03 was discovered to contain a SQL injection vulnerability via the tem:statement parameter in the WSDL files.https://nvd.nist.gov/vuln/detail/CVE-2023-29863
CVE-2023-2656A vulnerability classified as critical has been found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_service. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-228798 is the identifier assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2656
CVE-2022-47129PHPOK v6.3 was discovered to contain a remote code execution (RCE) vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2022-47129
CVE-2023-2657A vulnerability classified as problematic was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument search leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228799.https://nvd.nist.gov/vuln/detail/CVE-2023-2657
CVE-2023-2658A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228800.https://nvd.nist.gov/vuln/detail/CVE-2023-2658
CVE-2023-22720Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Robert Macchi WP Links Page plugin <= 4.9.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-22720
CVE-2023-2659A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file view_product.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228801 was assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2659
CVE-2023-2660A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file view_categories.php. The manipulation of the argument c leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228802 is the identifier assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2660
CVE-2023-2661A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228803.https://nvd.nist.gov/vuln/detail/CVE-2023-2661
CVE-2023-24539Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.https://nvd.nist.gov/vuln/detail/CVE-2023-24539
CVE-2023-24540Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\\t\\n\\f\\r\\u0020\\u2028\\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.https://nvd.nist.gov/vuln/detail/CVE-2023-24540
CVE-2023-29400Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.https://nvd.nist.gov/vuln/detail/CVE-2023-29400
CVE-2023-32075The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management. In `pimcore/customer-management-framework-bundle` prior to version 3.3.9, business logic errors are possible in the `Conditions` tab since the counter can be a negative number. This vulnerability is capable of the unlogic in the counter value in the Conditions tab. Users should update to version 3.3.9 to receive a patch or, as a workaround, or apply the patch manually.https://nvd.nist.gov/vuln/detail/CVE-2023-32075
CVE-2023-25309Cross Site Scripting (XSS) Vulnerability in Fetlife rollout-ui version 0.5, allows attackers to execute arbitrary code via a crafted url to the delete a feature functionality.https://nvd.nist.gov/vuln/detail/CVE-2023-25309
CVE-2023-1834\nRockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default.  This could potentially allow attackers unauthorized access to the device through the open ports.https://nvd.nist.gov/vuln/detail/CVE-2023-1834
CVE-2023-2443\nRockwell Automation ThinManager product allows the use of medium strength ciphers.  If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2443
CVE-2023-2444\nA cross site request forgery vulnerability exists in Rockwell Automation's FactoryTalk Vantagepoint. This vulnerability can be exploited in two ways. If an attacker sends a malicious link to a computer that is on the same domain as the FactoryTalk Vantagepoint server and a user clicks the link, the attacker could impersonate the legitimate user and send requests to the affected product.  Additionally, if an attacker sends an untrusted link to a computer that is not on the same domain as the server and a user opens the FactoryTalk Vantagepoint website, enters credentials for the FactoryTalk Vantagepoint server, and clicks on the malicious link a cross site request forgery attack would be successful as well.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2444
CVE-2023-30394MoveIT v1.1.11 was discovered to contain a cross-site scripting (XSS) vulenrability via the API authentication function.https://nvd.nist.gov/vuln/detail/CVE-2023-30394
CVE-2023-27554\nIBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249185.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-27554
CVE-2023-27870\nIBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. IBM X-Force ID: 249518.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-27870
CVE-2023-29195Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that from that point on, anyone who tries to create a new shard from VTAdmin will receive an error. Attempting to view the keyspace(s) will also no longer work. Creating a shard using `vtctldclient` does not have the same problem because the CLI validates the input correctly. Version 16.0.2, corresponding to version 0.16.2 of the `go` module, contains a patch for this issue. Some workarounds are available. Always use `vtctldclient` to create shards, instead of using VTAdmin; disable creating shards from VTAdmin using RBAC; and/or delete the topology record for the offending shard using the client for your topology server.https://nvd.nist.gov/vuln/detail/CVE-2023-29195
CVE-2023-32082etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth (RBAC). Versions 3.4.26 and 3.5.9 fix this issue. There are no known workarounds.https://nvd.nist.gov/vuln/detail/CVE-2023-32082
CVE-2023-29791kodbox <= 1.37 is vulnerable to Cross Site Scripting (XSS) via the debug information.https://nvd.nist.gov/vuln/detail/CVE-2023-29791
CVE-2023-2662In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2662
CVE-2023-2663 In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2663
CVE-2023-2664 In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2664
CVE-2023-31146Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, during codegen, the length word of a dynarray is written before the data, which can result in out-of-bounds array access in the case where the dynarray is on both the lhs and rhs of an assignment. The issue can cause data corruption across call frames. The expected behavior is to revert due to out-of-bounds array access. Version 0.3.8 contains a patch for this issue.https://nvd.nist.gov/vuln/detail/CVE-2023-31146
CVE-2023-31497Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system.https://nvd.nist.gov/vuln/detail/CVE-2023-31497
CVE-2023-32058Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been patched in version 0.3.8.https://nvd.nist.gov/vuln/detail/CVE-2023-32058
CVE-2023-28325An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room.https://nvd.nist.gov/vuln/detail/CVE-2023-28325
CVE-2023-28356A vulnerability has been identified where a maliciously crafted message containing a specific chain of characters can cause the chat to enter a hot loop on one of the processes, consuming ~120% CPU and rendering the service unresponsive.https://nvd.nist.gov/vuln/detail/CVE-2023-28356
CVE-2023-28357A vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is a member of a given channel, leaking private channel members to unauthorized users. This allows authenticated users to enumerate whether a username is a member of a channel that they do not have access to.https://nvd.nist.gov/vuln/detail/CVE-2023-28357
CVE-2023-28358A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover.https://nvd.nist.gov/vuln/detail/CVE-2023-28358
CVE-2023-28359A NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenticated users when there is at least one custom emoji uploaded to the Rocket.Chat instance. The vulnerability causes a delay in the server response, with the potential for limited impact.https://nvd.nist.gov/vuln/detail/CVE-2023-28359
CVE-2023-28360An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user.https://nvd.nist.gov/vuln/detail/CVE-2023-28360
CVE-2023-28361A Cross-site WebSocket Hijacking (CSWSH) vulnerability found in UniFi OS 2.5 and earlier allows a malicious actor to access certain confidential information by persuading a UniFi OS user to visit a malicious webpage.Affected Products:Cloud Key Gen2Cloud Key Gen2 PlusUNVRUNVR ProfessionalUDMUDM ProfessionalUDM SEUDRMitigation:Update affected products to UniFi OS 3.0.13 or later.https://nvd.nist.gov/vuln/detail/CVE-2023-28361
CVE-2023-31502Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the component /models/management_model.php.https://nvd.nist.gov/vuln/detail/CVE-2023-31502
CVE-2023-31528Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the staticroute_list parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-31528
CVE-2023-31529Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the system_time_timezone parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-31529
CVE-2023-31530Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the smartqos_priority_devices parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-31530
CVE-2023-31531Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-31531
CVE-2023-32059Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, internal calls with default arguments are compiled incorrectly. Depending on the number of arguments provided in the call, the defaults are added not right-to-left, but left-to-right. If the types are incompatible, typechecking is bypassed. The ability to pass kwargs to internal functions is an undocumented feature that is not well known about. The issue is patched in version 0.3.8.https://nvd.nist.gov/vuln/detail/CVE-2023-32059
CVE-2023-30192Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find().https://nvd.nist.gov/vuln/detail/CVE-2023-30192
CVE-2020-13378Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code.https://nvd.nist.gov/vuln/detail/CVE-2020-13378
CVE-2021-39036IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213966.https://nvd.nist.gov/vuln/detail/CVE-2021-39036
CVE-2023-29790kodbox 1.2.x through 1.3.7 has a Sensitive Information Leakage issue.https://nvd.nist.gov/vuln/detail/CVE-2023-29790
CVE-2023-29808Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code.https://nvd.nist.gov/vuln/detail/CVE-2023-29808
CVE-2023-29809SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.https://nvd.nist.gov/vuln/detail/CVE-2023-29809
CVE-2023-2665Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0.https://nvd.nist.gov/vuln/detail/CVE-2023-2665
CVE-2023-2666Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16.https://nvd.nist.gov/vuln/detail/CVE-2023-2666
CVE-2023-30330SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gn_defaultframe/2.0/defaultframe_filter.php.https://nvd.nist.gov/vuln/detail/CVE-2023-30330
CVE-2023-28520IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 250454.https://nvd.nist.gov/vuln/detail/CVE-2023-28520
CVE-2023-28522IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to. IBM X-Force ID: 250585.https://nvd.nist.gov/vuln/detail/CVE-2023-28522
CVE-2023-2667A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-228883.https://nvd.nist.gov/vuln/detail/CVE-2023-2667
CVE-2023-2668A vulnerability was found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this issue is the function manager_category of the file admin/?page=categories/manage_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-228884.https://nvd.nist.gov/vuln/detail/CVE-2023-2668
CVE-2023-28936Attacker can access arbitrary recording/room\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-28936
CVE-2023-29032An attacker that has gained access to certain private information can use this to act as other user.\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0https://nvd.nist.gov/vuln/detail/CVE-2023-29032
CVE-2023-29246An attacker who has gained access to an admin account can perform RCE via null-byte injection\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0https://nvd.nist.gov/vuln/detail/CVE-2023-29246
CVE-2023-2669A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as critical. This affects an unknown part of the file admin/?page=categories/view_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-228885 was assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2669
CVE-2023-2670A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated remotely. VDB-228886 is the identifier assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2670
CVE-2023-2674Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.https://nvd.nist.gov/vuln/detail/CVE-2023-2674
CVE-2023-32243Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1.https://nvd.nist.gov/vuln/detail/CVE-2023-32243
CVE-2023-2514Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization. \nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2514
CVE-2023-2515Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2515
CVE-2023-2671A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=save_inquiry of the component Contact Form. The manipulation of the argument fullname/contact/message leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228887.https://nvd.nist.gov/vuln/detail/CVE-2023-2671
CVE-2023-2672A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228888.https://nvd.nist.gov/vuln/detail/CVE-2023-2672
CVE-2023-2676A vulnerability, which was classified as critical, has been found in H3C R160 V1004004. Affected by this issue is some unknown functionality of the file /goForm/aspForm. The manipulation of the argument go leads to stack-based buffer overflow. The exploit has been disclosed to the public and may be used. VDB-228890 is the identifier assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2676
CVE-2023-2677A vulnerability, which was classified as critical, was found in SourceCodester Covid-19 Contact Tracing System 1.0. This affects an unknown part of the file admin/establishment/manage.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228891.https://nvd.nist.gov/vuln/detail/CVE-2023-2677
CVE-2023-2678A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /file_manager/admin/save_user.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228892.https://nvd.nist.gov/vuln/detail/CVE-2023-2678
CVE-2020-13377The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files.https://nvd.nist.gov/vuln/detail/CVE-2020-13377
CVE-2023-23169Synapsoft pdfocus 1.17 is vulnerable to local file inclusion and server-side request forgery Directory Traversal.https://nvd.nist.gov/vuln/detail/CVE-2023-23169
CVE-2023-27237LavaLite CMS v 9.0.0 was discovered to be vulnerable to a host header injection attack.https://nvd.nist.gov/vuln/detail/CVE-2023-27237
CVE-2023-27238LavaLite CMS v 9.0.0 was discovered to be vulnerable to web cache poisoning.https://nvd.nist.gov/vuln/detail/CVE-2023-27238
CVE-2023-29657eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions.https://nvd.nist.gov/vuln/detail/CVE-2023-29657
CVE-2023-29818An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via the default allowlist feature being stored as non-admin.https://nvd.nist.gov/vuln/detail/CVE-2023-29818
CVE-2023-29819An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via a crafted payload.https://nvd.nist.gov/vuln/detail/CVE-2023-29819
CVE-2023-29820An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to access sensitive information via the EXE installer.https://nvd.nist.gov/vuln/detail/CVE-2023-29820
CVE-2023-29983Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel.https://nvd.nist.gov/vuln/detail/CVE-2023-29983
CVE-2023-2512Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. If a FormData instance contained more than 2^31 elements, the forEach() method could end up reading from the wrong location in memory while iterating over elements. This would most likely lead to a segmentation fault, but could theoretically allow arbitrary undefined behavior.\n\n\nIn order for the bug to be exploitable, the process would need to be able to allocate 160GB of RAM. Due to this, the bug was never exploitable on the Cloudflare Workers platform, but could theoretically be exploitable on deployments of workerd running on machines with a huge amount of memory. Moreover, in order to be remotely exploited, an attacker would have to upload a single form-encoded HTTP request of at least tens of gigabytes in size. The application code would then have to use request.formData() to parse the request and formData.forEach() to iterate over this data. Due to these limitations, the exploitation likelihood was considered Low.\n\nA fix that addresses this vulnerability has been released in version v1.20230419.0 and users are encouraged to update to the latest version available.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2512
CVE-2023-30130An issue found in CraftCMS v.3.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the Section parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-30130
CVE-2023-30246SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the contestant_id parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-30246
CVE-2023-31985A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations.https://nvd.nist.gov/vuln/detail/CVE-2023-31985
CVE-2023-23444Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.https://nvd.nist.gov/vuln/detail/CVE-2023-23444
CVE-2023-2682A vulnerability was found in Caton Live up to 2023-04-26 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/ping.cgi of the component Mini_HTTPD. The manipulation of the argument address with the input ;id;uname${IFS}-a leads to command injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228911. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.https://nvd.nist.gov/vuln/detail/CVE-2023-2682
CVE-2022-47879A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods.https://nvd.nist.gov/vuln/detail/CVE-2022-47879
CVE-2022-47880An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, authenticated users with permissions to modify database connections to disclose a connections' cleartext password via the 'test connection' function.https://nvd.nist.gov/vuln/detail/CVE-2022-47880
CVE-2023-1934\nThe PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and passively. Consequently, malicious actors could gain access to vital information, such as Industrial Control System (ICS) and OT data, alongside other sensitive records like SMS and SMS Logs. The unauthorized database access exposes compromised systems to potential manipulation or breach of essential infrastructure data, highlighting the severity of this vulnerability.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-1934
CVE-2023-27823An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials.https://nvd.nist.gov/vuln/detail/CVE-2023-27823
CVE-2023-31913Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c.https://nvd.nist.gov/vuln/detail/CVE-2023-31913
CVE-2023-31914Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc.https://nvd.nist.gov/vuln/detail/CVE-2023-31914
CVE-2023-31916Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c.https://nvd.nist.gov/vuln/detail/CVE-2023-31916
CVE-2023-31918Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c.https://nvd.nist.gov/vuln/detail/CVE-2023-31918
CVE-2023-31919Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c.https://nvd.nist.gov/vuln/detail/CVE-2023-31919
CVE-2023-31920Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c.https://nvd.nist.gov/vuln/detail/CVE-2023-31920
CVE-2023-31921Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c.https://nvd.nist.gov/vuln/detail/CVE-2023-31921
CVE-2023-31922QuickJS commit 2788d71 was discovered to contain a stack-overflow via the component js_proxy_isArray at quickjs.c.https://nvd.nist.gov/vuln/detail/CVE-2023-31922
CVE-2023-32073WWBN AVideo is an open source video platform. In versions 12.4 and prior, a command injection vulnerability exists at `plugin/CloneSite/cloneClient.json.php` which allows Remote Code Execution if you CloneSite Plugin. This is a bypass to the fix for CVE-2023-30854, which affects WWBN AVideo up to version 12.3. This issue is patched in commit 1df4af01f80d56ff2c4c43b89d0bac151e7fb6e3.https://nvd.nist.gov/vuln/detail/CVE-2023-32073
CVE-2023-32081Vert.x STOMP is a vert.x implementation of the STOMP specification that provides a STOMP server and client. From versions 3.1.0 until 3.9.16 and 4.0.0 until 4.4.2, a Vert.x STOMP server processes client STOMP frames without checking that the client send an initial CONNECT frame replied with a successful CONNECTED frame. The client can subscribe to a destination or publish message without prior authentication. Any Vert.x STOMP server configured with an authentication handler is impacted. The issue is patched in Vert.x 3.9.16 and 4.4.2. There are no trivial workarounds.https://nvd.nist.gov/vuln/detail/CVE-2023-32081
CVE-2023-23867Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gautam Thapar Button Builder – Buttons X plugin <= 0.8.6 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23867
CVE-2023-29242Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-29242
CVE-2023-30763Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-30763
CVE-2023-30768Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-30768
CVE-2023-31197Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-31197
CVE-2023-31199Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access.https://nvd.nist.gov/vuln/detail/CVE-2023-31199
CVE-2022-48020Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser.https://nvd.nist.gov/vuln/detail/CVE-2022-48020
CVE-2023-22685Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin <= v2.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-22685
CVE-2023-23810Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SnapOrbital Panorama plugin <= 1.5 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23810
CVE-2023-25428A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows attackers to create arbitrary DLLs leading to code execution.https://nvd.nist.gov/vuln/detail/CVE-2023-25428
CVE-2023-25460Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodeSolz Easy Ad Manager plugin <= 1.0.0 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-25460
CVE-2023-25958Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Justin Saad Simple Tooltips plugin <= 2.1.4 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-25958
CVE-2023-28414Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ApexChat plugin <= 1.3.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-28414
CVE-2023-31983A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations.https://nvd.nist.gov/vuln/detail/CVE-2023-31983
CVE-2023-25927IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635.https://nvd.nist.gov/vuln/detail/CVE-2023-25927
CVE-2023-2457Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High)https://nvd.nist.gov/vuln/detail/CVE-2023-2457
CVE-2023-2458Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: High)https://nvd.nist.gov/vuln/detail/CVE-2023-2458
CVE-2023-27863IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325.https://nvd.nist.gov/vuln/detail/CVE-2023-27863
CVE-2023-30247File Upload vulnerability found in Oretnom23 Storage Unit Rental Management System v.1.0 allows a remote attacker to execute arbitrary code via the update_settings parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-30247
CVE-2023-32305aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages missing schema qualifiers on privileged functions called by the aiven-extras extension. A low privileged user can create objects that collide with existing function names, which will then be executed instead. Exploiting this vulnerability could allow a low privileged user to acquire `superuser` privileges, which would allow full, unrestricted access to all data and database functions. And could lead to arbitrary code execution or data access on the underlying host as the `postgres` user. The issue has been patched as of version 1.1.9.https://nvd.nist.gov/vuln/detail/CVE-2023-32305
CVE-2023-32306Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the `reports.php` page was not validating all parameters in POST requests. Because some parameters were not checked, it was possible to craft POST requests with malicious SQL for Time Tracker database. This issue is fixed in version 1.22.13.5792. As a workaround, use the fixed code in `ttReportHelper.class.php` from version 1.22.13.5792.https://nvd.nist.gov/vuln/detail/CVE-2023-32306
CVE-2023-1096SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user.https://nvd.nist.gov/vuln/detail/CVE-2023-1096
CVE-2023-20877VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.https://nvd.nist.gov/vuln/detail/CVE-2023-20877
CVE-2023-20878VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.https://nvd.nist.gov/vuln/detail/CVE-2023-20878
CVE-2023-20879VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.https://nvd.nist.gov/vuln/detail/CVE-2023-20879
CVE-2023-20880VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.https://nvd.nist.gov/vuln/detail/CVE-2023-20880
CVE-2023-25005A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-25005
CVE-2023-25006A malicious actor may convince a user to open a malicious USD file that may trigger a use-after-free vulnerability which could result in code execution.https://nvd.nist.gov/vuln/detail/CVE-2023-25006
CVE-2023-25007A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution.https://nvd.nist.gov/vuln/detail/CVE-2023-25007
CVE-2023-25008A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds read vulnerability which could result in code execution.https://nvd.nist.gov/vuln/detail/CVE-2023-25008
CVE-2023-25009A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds write vulnerability which could result in code execution.https://nvd.nist.gov/vuln/detail/CVE-2023-25009
CVE-2023-2088A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality.https://nvd.nist.gov/vuln/detail/CVE-2023-2088
CVE-2023-2181An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI.https://nvd.nist.gov/vuln/detail/CVE-2023-2181
CVE-2023-32303Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in version 2.0.1. As a workaround, set the secret file permissions to only user read/write by hand.\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-32303
CVE-2023-2689A vulnerability classified as critical was found in SourceCodester Billing Management System 1.0. This vulnerability affects unknown code of the file editproduct.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228970 is the identifier assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2689
CVE-2023-2690A vulnerability, which was classified as critical, has been found in SourceCodester Personnel Property Equipment System 1.0. This issue affects some unknown processing of the file admin/returned_reuse_form.php of the component GET Parameter Handler. The manipulation of the argument client_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228971.https://nvd.nist.gov/vuln/detail/CVE-2023-2690
CVE-2023-2691A vulnerability, which was classified as problematic, was found in SourceCodester Personnel Property Equipment System 1.0. Affected is an unknown function of the file admin/add_item.php of the component POST Parameter Handler. The manipulation of the argument item_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228972.https://nvd.nist.gov/vuln/detail/CVE-2023-2691
CVE-2023-2692A vulnerability has been found in SourceCodester ICT Laboratory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/room_info.php of the component GET Parameter Handler. The manipulation of the argument name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228973 was assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2692
CVE-2023-2693A vulnerability was found in SourceCodester Online Exam System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /mahasiswa/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228974 is the identifier assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2693
CVE-2023-2694A vulnerability was found in SourceCodester Online Exam System 1.0. It has been classified as critical. This affects an unknown part of the file /dosen/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228975.https://nvd.nist.gov/vuln/detail/CVE-2023-2694
CVE-2023-2695A vulnerability was found in SourceCodester Online Exam System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /kelas/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228976.https://nvd.nist.gov/vuln/detail/CVE-2023-2695
CVE-2023-2696A vulnerability was found in SourceCodester Online Exam System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /matkul/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228977 was assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2696
CVE-2023-2697A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /jurusan/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-228978 is the identifier assigned to this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-2697
CVE-2023-2698A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=items/manage_item of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228979.https://nvd.nist.gov/vuln/detail/CVE-2023-2698
CVE-2023-2699A vulnerability, which was classified as critical, has been found in SourceCodester Lost and Found Information System 1.0. Affected by this issue is some unknown functionality of the file admin/?page=items/view_item of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228980.https://nvd.nist.gov/vuln/detail/CVE-2023-2699
CVE-2023-32758giturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep through 1.21.0, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package's author placed a ReDoS attack payload in a URL used by the package.https://nvd.nist.gov/vuln/detail/CVE-2023-32758
CVE-2023-32784In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.https://nvd.nist.gov/vuln/detail/CVE-2023-32784
CVE-2023-22318Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5.https://nvd.nist.gov/vuln/detail/CVE-2023-22318
CVE-2023-22684Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin <= 1.5.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-22684
CVE-2023-22690Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.775 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-22690
CVE-2023-22703Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin WCP Contact Form plugin <= 3.1.0 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-22703
CVE-2023-23445\nImproper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers\n1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote\nattacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the\nREST interface.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-23445
CVE-2023-23446\nImproper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers\n1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface.\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-23446
CVE-2023-23447\nUncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged\nremote attacker to influence the availability of the webserver by invocing several open file requests via\nthe REST interface.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-23447
CVE-2023-23448\nInclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a\nremote attacker to gain information about valid usernames via analysis of source code.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-23448
CVE-2023-23449\nObservable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker\nto gain information about valid usernames by analyzing challenge responses from the server via the\nREST interface.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-23449
CVE-2023-23450\nUse of Password Hash Instead of Password for Authentication in SICK FTMg AIR\nFLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526\nallows an unprivileged remote attacker to use a password hash instead of an actual password to login\nto a valid user account via the REST interface.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-23450
CVE-2023-31408\nCleartext Storage of Sensitive Information in SICK FTMg AIR FLOW SENSOR with\nPartnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote\nattacker to potentially steal user credentials that are stored in the user’s browsers local storage via\ncross-site-scripting attacks.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31408
CVE-2023-31409\nUncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an remote attacker to influence the availability of the webserver by invocing a Slowloris style attack via HTTP requests.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31409
CVE-2023-22706Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.48 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-22706
CVE-2023-22717Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in nCrafts FormCraft plugin <= 1.2.6 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-22717
CVE-2023-23654Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SparkPost plugin <= 3.2.5 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23654
CVE-2023-23674Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in RVOLA WP Original Media Path plugin <= 2.4.0 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23674
CVE-2023-23683Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ozan Canakli White Label Branding for Elementor Page Builder plugin <= 1.0.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23683
CVE-2023-23688Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23688
CVE-2023-31986A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations.https://nvd.nist.gov/vuln/detail/CVE-2023-31986
CVE-2022-4774The Bit Form WordPress plugin before 1.9 does not validate the file types uploaded via it's file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server, leading to Remote Code Execution.https://nvd.nist.gov/vuln/detail/CVE-2022-4774
CVE-2023-0233The ActiveCampaign WordPress plugin before 8.1.12 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attackshttps://nvd.nist.gov/vuln/detail/CVE-2023-0233
CVE-2023-0490The f(x) TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.https://nvd.nist.gov/vuln/detail/CVE-2023-0490
CVE-2023-0520The RapidExpCart WordPress plugin through 1.0 does not sanitize and escape the url parameter in the rapidexpcart endpoint before storing it and outputting it back in the page, leading to a Stored Cross-Site Scripting vulnerability which could be used against high-privilege users such as admin, furthermore lack of csrf protection means an attacker can trick a logged in admin to perform the attack by submitting a hidden form.https://nvd.nist.gov/vuln/detail/CVE-2023-0520
CVE-2023-0600The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks.https://nvd.nist.gov/vuln/detail/CVE-2023-0600
CVE-2023-0644The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.https://nvd.nist.gov/vuln/detail/CVE-2023-0644
CVE-2023-0761The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attackhttps://nvd.nist.gov/vuln/detail/CVE-2023-0761
CVE-2023-0762The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attackhttps://nvd.nist.gov/vuln/detail/CVE-2023-0762
CVE-2023-0763The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attackhttps://nvd.nist.gov/vuln/detail/CVE-2023-0763
CVE-2023-0812The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.1 does not have proper authorization or nonce values for some POST requests, leading to unauthenticated data disclosure.https://nvd.nist.gov/vuln/detail/CVE-2023-0812
CVE-2023-0892The BizLibrary WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)https://nvd.nist.gov/vuln/detail/CVE-2023-0892
CVE-2023-1019The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks.https://nvd.nist.gov/vuln/detail/CVE-2023-1019
CVE-2023-1207This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-1207
CVE-2023-1549The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is presenthttps://nvd.nist.gov/vuln/detail/CVE-2023-1549
CVE-2023-1596The tagDiv Composer WordPress plugin before 4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as adminhttps://nvd.nist.gov/vuln/detail/CVE-2023-1596
CVE-2023-1835The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as adminhttps://nvd.nist.gov/vuln/detail/CVE-2023-1835
CVE-2023-1839The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.6 does not sanitize and escape some of its setting fields, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).https://nvd.nist.gov/vuln/detail/CVE-2023-1839
CVE-2023-1890The Tablesome WordPress plugin before 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scriptinghttps://nvd.nist.gov/vuln/detail/CVE-2023-1890
CVE-2023-1915The Thumbnail carousel slider WordPress plugin before 1.1.10 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting vulnerability which could be used against high privilege users such as admin.https://nvd.nist.gov/vuln/detail/CVE-2023-1915
CVE-2023-23682Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap Creek Software EZP Maintenance Mode plugin <= 1.0.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23682
CVE-2023-29862An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters.https://nvd.nist.gov/vuln/detail/CVE-2023-29862
CVE-2023-2009Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).https://nvd.nist.gov/vuln/detail/CVE-2023-2009
CVE-2023-2179The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making them paid without actually paying for them for examplehttps://nvd.nist.gov/vuln/detail/CVE-2023-2179
CVE-2023-2180The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization (assuming they can upload a file on the server)https://nvd.nist.gov/vuln/detail/CVE-2023-2180
CVE-2023-31842Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=edit_faculty&id=.https://nvd.nist.gov/vuln/detail/CVE-2023-31842
CVE-2023-31843Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=.https://nvd.nist.gov/vuln/detail/CVE-2023-31843
CVE-2023-31844Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_subject.php?id=.https://nvd.nist.gov/vuln/detail/CVE-2023-31844
CVE-2023-31845Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_class.php?id=.https://nvd.nist.gov/vuln/detail/CVE-2023-31845
CVE-2023-29861An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary code via a crafted request to the management page of the device.https://nvd.nist.gov/vuln/detail/CVE-2023-29861
CVE-2023-31607An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31607
CVE-2023-31608An issue in the artm_div_int component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31608
CVE-2023-31609An issue in the dfe_unit_col_loci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31609
CVE-2023-31610An issue in the _IO_default_xsputn component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31610
CVE-2023-31611An issue in the __libc_longjmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31611
CVE-2023-31612An issue in the dfe_qexp_list component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31612
CVE-2023-31613An issue in the __nss_database_lookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31613
CVE-2023-31614An issue in the mp_box_deserialize_string function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.https://nvd.nist.gov/vuln/detail/CVE-2023-31614
CVE-2023-31615An issue in the chash_array component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31615
CVE-2023-31616An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31616
CVE-2023-31617An issue in the dk_set_delete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31617
CVE-2023-31618An issue in the sqlc_union_dt_wrap component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31618
CVE-2023-31619An issue in the sch_name_to_object component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31619
CVE-2023-31620An issue in the dv_compare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31620
CVE-2023-31621An issue in the kc_var_col component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31621
CVE-2023-31622An issue in the sqlc_make_policy_trig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31622
CVE-2023-31623An issue in the mp_box_copy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31623
CVE-2023-31624An issue in the sinv_check_exp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31624
CVE-2023-31625An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31625
CVE-2023-31626An issue in the gpf_notice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31626
CVE-2023-31627An issue in the strhash component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31627
CVE-2023-31628An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31628
CVE-2023-31629An issue in the sqlo_union_scope component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31629
CVE-2023-31630An issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31630
CVE-2023-31631An issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.https://nvd.nist.gov/vuln/detail/CVE-2023-31631
CVE-2023-32787The OPC UA Legacy Java Stack before 6f176f2 enables an attacker to block OPC UA server applications via uncontrolled resource consumption so that they can no longer serve client applications.https://nvd.nist.gov/vuln/detail/CVE-2023-32787
CVE-2023-30245SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the crit_id parameter of the edit_criteria.php file.https://nvd.nist.gov/vuln/detail/CVE-2023-30245
CVE-2023-32313vm2 is a sandbox that can run untrusted code with Node's built-in modules. In versions 3.9.17 and lower of vm2 it was possible to get a read-write reference to the node `inspect` method and edit options for `console.log`. As a result a threat actor can edit options for the `console.log` command. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. Users unable to upgrade may make the `inspect` method readonly with `vm.readonly(inspect)` after creating a vm.https://nvd.nist.gov/vuln/detail/CVE-2023-32313
CVE-2023-32314vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. There are no known workarounds for this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-32314
CVE-2023-31145Collabora Online is a collaborative online office suite based on LibreOffice technology. This vulnerability report describes a reflected XSS vulnerability with full CSP bypass in Nextcloud installations using the recommended bundle. The vulnerability can be exploited to perform a trivial account takeover attack. The vulnerability allows attackers to inject malicious code into web pages, which can be executed in the context of the victim's browser session. This means that an attacker can steal sensitive data, such as login credentials or personal information, or perform unauthorized actions on behalf of the victim, such as modifying or deleting data. In this specific case, the vulnerability allows for a trivial account takeover attack. An attacker can exploit the vulnerability to inject code into the victim's browser session, allowing the attacker to take over the victim's account without their knowledge or consent. This can lead to unauthorized access to sensitive information and data, as well as the ability to perform actions on behalf of the victim. Furthermore, the fact that the vulnerability bypasses the Content Security Policy (CSP) makes it more dangerous, as CSP is an important security mechanism used to prevent cross-site scripting attacks. By bypassing CSP, attackers can circumvent the security measures put in place by the web application and execute their malicious code. This issue has been patched in versions 22.05.13, 21.11.9, and 6.4.27. Users are advised to upgrade. There are no known workarounds for this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-31145
CVE-2023-32068XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions prior to 14.10.4 it's possible to exploit well known parameters in XWiki URLs to perform redirection to untrusted site. This vulnerability was partially fixed in the past for XWiki 12.10.7 and 13.3RC1 but there is still the possibility to force specific URLs to skip some checks, e.g. using URLs like `http:example.com` in the parameter would allow the redirect. The issue has now been patched against all patterns that are known for performing redirects. This issue has been patched in XWiki 14.10.4 and 15.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-32068
CVE-2023-32308anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for errors before adjusting invoice sorting order. Because of this, it was possible to craft a POST request with malicious SQL for Time Tracker database. This issue has been fixed in version 1.22.11.5781. Users are advised to upgrade. Users unable to upgrade may insert an additional check for errors in a condition before calling `ttGroupHelper::getActiveInvoices()` in invoices.php.https://nvd.nist.gov/vuln/detail/CVE-2023-32308
CVE-2023-32309PyMdown Extensions is a set of extensions for the `Python-Markdown` markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax `--8<--"/etc/passwd"` or `--8<--"/proc/self/environ"` the content of these files will be rendered in the generated documentation. Additionally, a path relative to a specified, allowed base path can also be used to render the content of a file outside the specified base paths: `--8<-- "../../../../etc/passwd"`. Within the Snippets extension, there exists a `base_path` option but the implementation is vulnerable to Directory Traversal. The vulnerable section exists in `get_snippet_path(self, path)` lines 155 to 174 in snippets.py. Any readable file on the host where the plugin is executing may have its content exposed. This can impact any use of Snippets that exposes the use of Snippets to external users. It is never recommended to use Snippets to process user-facing, dynamic content. It is designed to process known content on the backend under the control of the host, but if someone were to accidentally enable it for user-facing content, undesired information could be exposed. This issue has been addressed in version 10.0. Users are advised to upgrade. Users unable to upgrade may restrict relative paths by filtering input.https://nvd.nist.gov/vuln/detail/CVE-2023-32309
CVE-2021-0877Product: AndroidVersions: Android SoCAndroid ID: A-273754094https://nvd.nist.gov/vuln/detail/CVE-2021-0877
CVE-2023-1729A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.https://nvd.nist.gov/vuln/detail/CVE-2023-1729
CVE-2023-20673In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.https://nvd.nist.gov/vuln/detail/CVE-2023-20673
CVE-2023-20694In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only).https://nvd.nist.gov/vuln/detail/CVE-2023-20694
CVE-2023-20695In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only).https://nvd.nist.gov/vuln/detail/CVE-2023-20695
CVE-2023-20696In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only).https://nvd.nist.gov/vuln/detail/CVE-2023-20696
CVE-2023-20697In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148.https://nvd.nist.gov/vuln/detail/CVE-2023-20697
CVE-2023-20698In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.https://nvd.nist.gov/vuln/detail/CVE-2023-20698
CVE-2023-20699In adsp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07696073; Issue ID: ALPS07696073.https://nvd.nist.gov/vuln/detail/CVE-2023-20699
CVE-2023-20700In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304.https://nvd.nist.gov/vuln/detail/CVE-2023-20700
CVE-2023-20701In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643270; Issue ID: ALPS07643270.https://nvd.nist.gov/vuln/detail/CVE-2023-20701
CVE-2023-20703In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767853; Issue ID: ALPS07767853.https://nvd.nist.gov/vuln/detail/CVE-2023-20703
CVE-2023-20704In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767826; Issue ID: ALPS07767826.https://nvd.nist.gov/vuln/detail/CVE-2023-20704
CVE-2023-20705In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767870; Issue ID: ALPS07767870.https://nvd.nist.gov/vuln/detail/CVE-2023-20705
CVE-2023-20706In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860.https://nvd.nist.gov/vuln/detail/CVE-2023-20706
CVE-2023-20707In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628556; Issue ID: ALPS07628556.https://nvd.nist.gov/vuln/detail/CVE-2023-20707
CVE-2023-20708In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655.https://nvd.nist.gov/vuln/detail/CVE-2023-20708
CVE-2023-20709In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951.https://nvd.nist.gov/vuln/detail/CVE-2023-20709
CVE-2023-20710In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935.https://nvd.nist.gov/vuln/detail/CVE-2023-20710
CVE-2023-20711In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668.https://nvd.nist.gov/vuln/detail/CVE-2023-20711
CVE-2023-20717In vcu, there is a possible leak of dma buffer due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645185; Issue ID: ALPS07645185.https://nvd.nist.gov/vuln/detail/CVE-2023-20717
CVE-2023-20718In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645181; Issue ID: ALPS07645181.https://nvd.nist.gov/vuln/detail/CVE-2023-20718
CVE-2023-20719In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583.https://nvd.nist.gov/vuln/detail/CVE-2023-20719
CVE-2023-20720In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629586; Issue ID: ALPS07629586.https://nvd.nist.gov/vuln/detail/CVE-2023-20720
CVE-2023-20721In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07162155; Issue ID: ALPS07162155.https://nvd.nist.gov/vuln/detail/CVE-2023-20721
CVE-2023-20722In m4u, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07771518; Issue ID: ALPS07680084.https://nvd.nist.gov/vuln/detail/CVE-2023-20722
CVE-2023-20726In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).https://nvd.nist.gov/vuln/detail/CVE-2023-20726
CVE-2023-20914In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-189942529https://nvd.nist.gov/vuln/detail/CVE-2023-20914
CVE-2023-20930In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-250576066https://nvd.nist.gov/vuln/detail/CVE-2023-20930
CVE-2023-21102In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernelhttps://nvd.nist.gov/vuln/detail/CVE-2023-21102
CVE-2023-21103In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622https://nvd.nist.gov/vuln/detail/CVE-2023-21103
CVE-2023-21104In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-259938771https://nvd.nist.gov/vuln/detail/CVE-2023-21104
CVE-2023-21106In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-265016072References: Upstream kernelhttps://nvd.nist.gov/vuln/detail/CVE-2023-21106
CVE-2023-21107In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259385017https://nvd.nist.gov/vuln/detail/CVE-2023-21107
CVE-2023-21109In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597https://nvd.nist.gov/vuln/detail/CVE-2023-21109
CVE-2023-21110In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258422365https://nvd.nist.gov/vuln/detail/CVE-2023-21110
CVE-2023-21111In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769https://nvd.nist.gov/vuln/detail/CVE-2023-21111
CVE-2023-21112In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252763983https://nvd.nist.gov/vuln/detail/CVE-2023-21112
CVE-2023-21116In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256202273https://nvd.nist.gov/vuln/detail/CVE-2023-21116
CVE-2023-21117In registerReceiverWithFeature of ActivityManagerService.java, there is a possible way for isolated processes to register a broadcast receiver due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263358101https://nvd.nist.gov/vuln/detail/CVE-2023-21117
CVE-2023-21118In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004https://nvd.nist.gov/vuln/detail/CVE-2023-21118
CVE-2023-2124An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.https://nvd.nist.gov/vuln/detail/CVE-2023-2124
CVE-2023-2700A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.https://nvd.nist.gov/vuln/detail/CVE-2023-2700
CVE-2023-31131Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this vulnerability to overwrite data or system files potentially leading to crash or malfunction of the system. Any files which are accessible to the running process are at risk. All users are requested to upgrade to Greenplum Database version 6.23.2 or higher. There are no known workarounds for this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-31131
CVE-2023-29961D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup,https://nvd.nist.gov/vuln/detail/CVE-2023-29961
CVE-2023-2708The Video Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘search_term’ parameter in versions up to, and including, 1.0.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.https://nvd.nist.gov/vuln/detail/CVE-2023-2708
CVE-2023-2710The video carousel slider with lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.https://nvd.nist.gov/vuln/detail/CVE-2023-2710
CVE-2023-2161\nA CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that\ncould cause unauthorized read access to the file system when a malicious configuration file is\nloaded on to the software by a local user. https://nvd.nist.gov/vuln/detail/CVE-2023-2161
CVE-2023-32955Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors.https://nvd.nist.gov/vuln/detail/CVE-2023-32955
CVE-2023-32956Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors.https://nvd.nist.gov/vuln/detail/CVE-2023-32956
CVE-2023-23673Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Harish Chouhan, Themeist I Recommend This plugin <= 3.8.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23673
CVE-2023-23676Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bruno "Aesqe" Babic File Gallery plugin <= 1.8.5.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23676
CVE-2023-23727Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Formilla Live Chat by Formilla plugin <= 1.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23727
CVE-2023-2499The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. This is due to insufficient verification on the user being supplied during a Google social login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.https://nvd.nist.gov/vuln/detail/CVE-2023-2499
CVE-2023-2548The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers, with administrator-level permissions and above, to change user passwords and potentially take over super-administrator accounts in multisite setup.https://nvd.nist.gov/vuln/detail/CVE-2023-2548
CVE-2023-23641Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPmanage Uji Popup plugin <= 1.4.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23641
CVE-2023-23657Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Richard Leishman t/a Webforward Mail Subscribe List plugin <= 2.1.9 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23657
CVE-2023-23703Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Arconix Shortcodes plugin <= 2.1.7 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23703
CVE-2023-23709Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Denis WPJAM Basic plugin <= 6.2.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23709
CVE-2023-23720Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin <= 2.3.13 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-23720
CVE-2023-2730Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3.https://nvd.nist.gov/vuln/detail/CVE-2023-2730
CVE-2023-31572An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request.https://nvd.nist.gov/vuln/detail/CVE-2023-31572
CVE-2023-31576An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file.https://nvd.nist.gov/vuln/detail/CVE-2023-31576
CVE-2023-29439Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.35 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-29439
CVE-2023-2738A vulnerability classified as critical has been found in Tongda OA 11.10. This affects the function actionGetdata of the file GatewayController.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229149 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.https://nvd.nist.gov/vuln/detail/CVE-2023-2738
CVE-2023-31519Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the email parameter at login_core.php.https://nvd.nist.gov/vuln/detail/CVE-2023-31519
CVE-2023-31587Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.https://nvd.nist.gov/vuln/detail/CVE-2023-31587
CVE-2023-31856A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594_B20200910 allows attackers to execute arbitrary commands via a crafted http packet.https://nvd.nist.gov/vuln/detail/CVE-2023-31856
CVE-2023-31857Sourcecodester Online Computer and Laptop Store 1.0 allows unrestricted file upload and can lead to remote code execution. The vulnerability path is /classes/Users.php?f=save.https://nvd.nist.gov/vuln/detail/CVE-2023-31857
CVE-2023-28076\nCloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-28076
CVE-2023-2739A vulnerability classified as problematic was found in Gira HomeServer up to 4.12.0.220829 beta. This vulnerability affects unknown code of the file /hslist. The manipulation of the argument lst with the input debug%27"><img%20src=x%20onerror=alert(document.cookie)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229150 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.https://nvd.nist.gov/vuln/detail/CVE-2023-2739
CVE-2023-31890An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-31890
CVE-2023-32977Jenkins Pipeline: Job Plugin does not escape the display name of the build that caused an earlier build to be aborted, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set build display names immediately.https://nvd.nist.gov/vuln/detail/CVE-2023-32977
CVE-2023-32978A cross-site request forgery (CSRF) vulnerability in Jenkins LDAP Plugin allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.https://nvd.nist.gov/vuln/detail/CVE-2023-32978
CVE-2023-32979Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.https://nvd.nist.gov/vuln/detail/CVE-2023-32979
CVE-2023-32980A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.https://nvd.nist.gov/vuln/detail/CVE-2023-32980
CVE-2023-32981An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content.https://nvd.nist.gov/vuln/detail/CVE-2023-32981
CVE-2023-32982Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.https://nvd.nist.gov/vuln/detail/CVE-2023-32982
CVE-2023-32983Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier does not mask extra variables displayed on the configuration form, increasing the potential for attackers to observe and capture them.https://nvd.nist.gov/vuln/detail/CVE-2023-32983
CVE-2023-32984Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a crafted TestNG report file.https://nvd.nist.gov/vuln/detail/CVE-2023-32984
CVE-2023-32985Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.https://nvd.nist.gov/vuln/detail/CVE-2023-32985
CVE-2023-32986Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.https://nvd.nist.gov/vuln/detail/CVE-2023-32986
CVE-2023-32987A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.https://nvd.nist.gov/vuln/detail/CVE-2023-32987
CVE-2023-32988A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.https://nvd.nist.gov/vuln/detail/CVE-2023-32988
CVE-2023-32989A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method.https://nvd.nist.gov/vuln/detail/CVE-2023-32989
CVE-2023-2740A vulnerability, which was classified as problematic, has been found in SourceCodester Guest Management System 1.0. Affected by this issue is some unknown functionality of the file dateTest.php of the component GET Parameter Handler. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229160.https://nvd.nist.gov/vuln/detail/CVE-2023-2740
CVE-2023-32990A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method.https://nvd.nist.gov/vuln/detail/CVE-2023-32990
CVE-2023-32991A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.https://nvd.nist.gov/vuln/detail/CVE-2023-32991
CVE-2023-32992Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.https://nvd.nist.gov/vuln/detail/CVE-2023-32992
CVE-2023-32993Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.https://nvd.nist.gov/vuln/detail/CVE-2023-32993
CVE-2023-32994Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.https://nvd.nist.gov/vuln/detail/CVE-2023-32994
CVE-2023-32995A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.https://nvd.nist.gov/vuln/detail/CVE-2023-32995
CVE-2023-32996A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.https://nvd.nist.gov/vuln/detail/CVE-2023-32996
CVE-2023-32997Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login.https://nvd.nist.gov/vuln/detail/CVE-2023-32997
CVE-2023-32998A cross-site request forgery (CSRF) vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials.https://nvd.nist.gov/vuln/detail/CVE-2023-32998
CVE-2023-32999A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials.https://nvd.nist.gov/vuln/detail/CVE-2023-32999
CVE-2023-33000Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier does not mask credentials displayed on the configuration form, increasing the potential for attackers to observe and capture them.https://nvd.nist.gov/vuln/detail/CVE-2023-33000
CVE-2023-33001Jenkins HashiCorp Vault Plugin 360.v0a_1c04cf807d and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.https://nvd.nist.gov/vuln/detail/CVE-2023-33001
CVE-2023-33002Jenkins TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.https://nvd.nist.gov/vuln/detail/CVE-2023-33002
CVE-2023-33003A cross-site request forgery (CSRF) vulnerability in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers to reset profiler statistics.https://nvd.nist.gov/vuln/detail/CVE-2023-33003
CVE-2023-33004A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.https://nvd.nist.gov/vuln/detail/CVE-2023-33004
CVE-2023-33005Jenkins WSO2 Oauth Plugin 1.0 and earlier does not invalidate the previous session on login.https://nvd.nist.gov/vuln/detail/CVE-2023-33005
CVE-2023-33006A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker's account.https://nvd.nist.gov/vuln/detail/CVE-2023-33006
CVE-2023-33007Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.https://nvd.nist.gov/vuln/detail/CVE-2023-33007
CVE-2023-2196A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system.https://nvd.nist.gov/vuln/detail/CVE-2023-2196
CVE-2023-2632Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.https://nvd.nist.gov/vuln/detail/CVE-2023-2632
CVE-2023-2633Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them.https://nvd.nist.gov/vuln/detail/CVE-2023-2633
CVE-2023-2195A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL.https://nvd.nist.gov/vuln/detail/CVE-2023-2195
CVE-2023-2631A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.https://nvd.nist.gov/vuln/detail/CVE-2023-2631
CVE-2023-2721Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)https://nvd.nist.gov/vuln/detail/CVE-2023-2721
CVE-2023-2722Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)https://nvd.nist.gov/vuln/detail/CVE-2023-2722
CVE-2023-2723Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)https://nvd.nist.gov/vuln/detail/CVE-2023-2723
CVE-2023-2724Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)https://nvd.nist.gov/vuln/detail/CVE-2023-2724
CVE-2023-2725Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)https://nvd.nist.gov/vuln/detail/CVE-2023-2725
CVE-2023-2726Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium)https://nvd.nist.gov/vuln/detail/CVE-2023-2726
CVE-2023-30501Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.https://nvd.nist.gov/vuln/detail/CVE-2023-30501
CVE-2023-30502Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.https://nvd.nist.gov/vuln/detail/CVE-2023-30502
CVE-2023-30503Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.https://nvd.nist.gov/vuln/detail/CVE-2023-30503
CVE-2023-30504Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.https://nvd.nist.gov/vuln/detail/CVE-2023-30504
CVE-2023-30505Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.https://nvd.nist.gov/vuln/detail/CVE-2023-30505
CVE-2023-30506Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.https://nvd.nist.gov/vuln/detail/CVE-2023-30506
CVE-2023-30507Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.https://nvd.nist.gov/vuln/detail/CVE-2023-30507
CVE-2023-30508Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.https://nvd.nist.gov/vuln/detail/CVE-2023-30508
CVE-2023-30509Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.https://nvd.nist.gov/vuln/detail/CVE-2023-30509
CVE-2023-30510A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance.https://nvd.nist.gov/vuln/detail/CVE-2023-30510
CVE-2021-27131Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer.https://nvd.nist.gov/vuln/detail/CVE-2021-27131
CVE-2023-27742IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login.https://nvd.nist.gov/vuln/detail/CVE-2023-27742
CVE-2023-29927Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the "Windows Peer-to-Peer Network" or "Client Server Network" Sage 300 configurations, could recover the SQL connection strings being used by Sage 300 and interact directly with the underlying database(s) to create, update, and delete all company records, bypassing the program’s role-based access controls.https://nvd.nist.gov/vuln/detail/CVE-2023-29927
CVE-2023-30189Prestashop posstaticblocks <= 1.0.0 is vulnerable to SQL Injection via posstaticblocks::getPosCurrentHook().https://nvd.nist.gov/vuln/detail/CVE-2023-30189
CVE-2023-30281Insecure permissions in the ps_customer table of Prestashop scquickaccounting before v3.7.3 allows attackers to access sensitive information stored in the component.https://nvd.nist.gov/vuln/detail/CVE-2023-30281
CVE-2023-31544A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module.https://nvd.nist.gov/vuln/detail/CVE-2023-31544
CVE-2023-31677Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-31677
CVE-2023-31678Incorrect access control in Videogo v6.8.1 allows attackers to bind shared devices after the connection has been ended.https://nvd.nist.gov/vuln/detail/CVE-2023-31678
CVE-2023-31679Incorrect access control in Videogo v6.8.1 allows attackers to access images from other devices via modification of the Device Id parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-31679