Published on 17 May 2023
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:
Critical | vulnerabilities with a base score of 9.0 to 10.0 |
High | vulnerabilities with a base score of 7.0 to 8.9 |
Medium | vulnerabilities with a base score of 4.0 to 6.9 |
Low | vulnerabilities with a base score of 0.1 to 3.9 |
None | vulnerabilities with a base score of 0.0 |
For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.
CVE Number | Description | Base Score | Reference |
---|---|---|---|
CVE-2018-3907 | An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'on_url' callback. An attacker can send an HTTP request to trigger this vulnerability. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2018-3907 |
CVE-2019-18253 | An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2019-18253 |
CVE-2023-30856 | eDEX-UI is a science fiction terminal emulator. Versions 2.2.8 and prior are vulnerable to cross-site websocket hijacking. When running eDEX-UI and browsing the web, a malicious website can connect to eDEX's internal terminal control websocket, and send arbitrary commands to the shell. The project has been archived since 2021, and as of time of publication there are no plans to patch this issue and release a new version. Some workarounds are available, including shutting down eDEX-UI when browsing the web and ensuring the eDEX terminal runs with lowest possible privileges. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-30856 |
CVE-2023-2564 | OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-2564 |
CVE-2023-2583 | Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-2583 |
CVE-2018-3903 | On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call overflows the destination buffer, which has a size of 512 bytes. An attacker can send an arbitrarily long "url" value in order to overwrite the saved-PC with 0x42424242. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2018-3903 |
CVE-2018-3905 | An exploitable buffer overflow vulnerability exists in the camera "create" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the "state" field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2018-3905 |
CVE-2018-3866 | An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strcpy at [8] overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long 'callbackUrl' value in order to exploit this vulnerability. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2018-3866 |
CVE-2018-3904 | An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2018-3904 |
CVE-2023-22651 | Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to\n the misconfiguration of the Webhook. This component enforces validation\n rules and security checks before resources are admitted into the \nKubernetes cluster.\nThe issue only affects users that upgrade from 2.6.x or 2.7.x to 2.7.2. Users that did a fresh install of 2.7.2 (and did not follow an upgrade path) are not affected.\n\n | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-22651 |
CVE-2023-27407 | A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user input, making it susceptible to command injection. This could allow an authenticated remote attacker to access the underlying operating system as the root user. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-27407 |
CVE-2018-14805 | ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2018-14805 |
CVE-2019-0160 | Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-0160 |
CVE-2019-5620 | ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5620 |
CVE-2022-26562 | An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core <= v11.0.2.51 contains an issue which allows attackers to authenticate even if the user account or password is expired. It also exists in the predecessor Zarafa Collaboration Platform (ZCP) in provider/libserver/ECPamAuth.cpp of Zarafa >= 6.30 (introduced between 6.30.0 RC1e and 6.30.8 final). | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-26562 |
CVE-2022-41380 | The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41380 |
CVE-2022-41381 | The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41381 |
CVE-2022-41382 | The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41382 |
CVE-2022-41383 | The d8s-archives package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41383 |
CVE-2022-41384 | The d8s-domains package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41384 |
CVE-2022-41385 | The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41385 |
CVE-2022-41386 | The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41386 |
CVE-2022-41387 | The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41387 |
CVE-2022-42036 | The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-42036 |
CVE-2022-42037 | The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-42037 |
CVE-2022-42039 | The d8s-lists package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-42039 |
CVE-2022-42040 | The d8s-algorithms package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-42040 |
CVE-2022-42041 | The d8s-file-system package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-42041 |
CVE-2022-42042 | The d8s-networking package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-42042 |
CVE-2022-42043 | The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-42043 |
CVE-2022-42044 | The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-42044 |
CVE-2022-38143 | A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to arbitrary out of bounds memory, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-38143 |
CVE-2022-41639 | A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41639 |
CVE-2022-41794 | A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41794 |
CVE-2022-41837 | An out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially-crafted exif metadata can lead to stack-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41837 |
CVE-2022-41838 | A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-41838 |
CVE-2022-47939 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47939 |
CVE-2022-44640 | Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC). | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-44640 |
CVE-2020-12069 | In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-12069 |
CVE-2022-48337 | GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48337 |
CVE-2023-24838 | HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24838 |
CVE-2022-43939 | \nHitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. \n\n | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-43939 |
CVE-2022-47758 | Nanoleaf firmware v7.1.1 and below is missing an SSL certificate, allowing attackers to execute arbitrary code via a DHCP hijacking attack. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47758 |
CVE-2023-27971 | Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27971 |
CVE-2023-27972 | Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27972 |
CVE-2023-26089 | European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak hard-coded secret is used for JWT signing. The affected versions are 5.15.0 through 6.27.5. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26089 |
CVE-2023-25826 | \nDue to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was previously disclosed as CVE-2020-35476. Regex validation that was implemented to restrict allowed input to the query API does not work as intended, allowing crafted commands to bypass validation.\n\n | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25826 |
CVE-2022-47757 | In imo.im 2022.11.1051, a path traversal vulnerability delivered via an unsanitized deeplink can force the application to write a file into the application's data directory. This may allow an attacker to save a shared library under a special directory which the app uses to dynamically load modules. Loading the library can lead to arbitrary code execution. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47757 |
CVE-2023-29842 | ChurchCRM 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQL Injection (Time-based) via the EN_tyid POST parameter. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29842 |
CVE-2023-30077 | Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/review_result.php?mainevent_id=, mainevent_id. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30077 |
CVE-2023-30331 | An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection (SSTI) via a crafted payload. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30331 |
CVE-2023-29827 | ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29827 |
CVE-2023-2519 | A vulnerability has been found in Caton CTP Relay Server 1.2.9 and classified as critical. This vulnerability affects unknown code of the file /server/api/v1/login of the component API. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. VDB-228010 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2519 |
CVE-2023-2520 | A vulnerability was found in Caton Prime 2.1.2.51.e8d7225049(202303031001) and classified as critical. This issue affects some unknown processing of the file cgi-bin/tools_ping.cgi?action=Command of the component Ping Handler. The manipulation of the argument Destination leads to command injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228011. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2520 |
CVE-2023-30203 | Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event_id parameter at /php-jms/result_sheet.php. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30203 |
CVE-2023-2523 | A vulnerability was found in Weaver E-Office 9.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file App/Ajax/ajax.php?action=mobile_upload_save. The manipulation of the argument upload_quwan leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228014 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2523 |
CVE-2023-2524 | A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects an unknown part of the file /v2/#/. The manipulation leads to direct request. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-228015. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2524 |
CVE-2023-20126 | A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges. Cisco has not released firmware updates to address this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-20126 |
CVE-2023-23059 | An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which contains improper permissions within the default installation and allows attackers to execute arbitrary code and gain escalated privileges. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23059 |
CVE-2023-30264 | CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30264 |
CVE-2023-30268 | CLTPHP <=6.0 is vulnerable to Improper Input Validation. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30268 |
CVE-2023-21494 | Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21494 |
CVE-2023-21503 | Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21503 |
CVE-2023-21504 | Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21504 |
CVE-2023-30328 | An issue in the helper tool of Mailbutler GmbH Shimo VPN Client for macOS v5.0.4 allows attackers to bypass authentication via PID re-use. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30328 |
CVE-2023-2531 | Improper Restriction of Excessive Authentication Attempts in GitHub repository azuracast/azuracast prior to 0.18.3. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2531 |
CVE-2023-30122 | An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30122 |
CVE-2023-30135 | Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30135 |
CVE-2023-30090 | Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows attackers to execute arbitrary code via uploading a crafted PHP file. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30090 |
CVE-2023-30242 | NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30242 |
CVE-2023-30013 | TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30013 |
CVE-2023-30053 | TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30053 |
CVE-2023-30054 | TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30054 |
CVE-2016-15031 | A vulnerability was found in PHP-Login 1.0. It has been declared as critical. This vulnerability affects the function checkLogin of the file login/scripts/class.loginscript.php of the component POST Parameter Handler. The manipulation of the argument myusername leads to sql injection. The attack can be initiated remotely. Upgrading to version 2.0 is able to address this issue. The name of the patch is 0083ec652786ddbb81335ea20da590df40035679. It is recommended to upgrade the affected component. VDB-228022 is the identifier assigned to this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2016-15031 |
CVE-2023-31047 | In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation suggested otherwise. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31047 |
CVE-2023-29944 | Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29944 |
CVE-2023-30185 | CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \\attachment\\SystemAttachmentServices.php. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30185 |
CVE-2023-30018 | Judging Management System v1.0 is vulnerable to SQL Injection. via /php-jms/review_se_result.php?mainevent_id=. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30018 |
CVE-2023-31039 | Security vulnerability in Apache bRPC <1.5.0 on all platforms allows attackers to execute arbitrary code via ServerOptions::pid_file.\nAn attacker that can influence the ServerOptions pid_file parameter with which the bRPC server is started can execute arbitrary code with the permissions of the bRPC process.\n\nSolution:\n1. upgrade to bRPC >= 1.5.0, download link: https://dist.apache.org/repos/dist/release/brpc/1.5.0/ https://dist.apache.org/repos/dist/release/brpc/1.5.0/ \n2. If you are using an old version of bRPC and hard to upgrade, you can apply this patch: https://github.com/apache/brpc/pull/2218 https://github.com/apache/brpc/pull/2218 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31039 |
CVE-2023-25754 | Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0.\n\n | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25754 |
CVE-2020-23966 | SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET request. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-23966 |
CVE-2022-4118 | The Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop WordPress plugin through 1.7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by authenticated users | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-4118 |
CVE-2023-1650 | The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-1650 |
CVE-2023-22779 | There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22779 |
CVE-2023-22780 | There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22780 |
CVE-2023-22781 | There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22781 |
CVE-2023-22782 | There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22782 |
CVE-2023-22783 | There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22783 |
CVE-2023-22784 | There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22784 |
CVE-2023-22785 | There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22785 |
CVE-2023-22786 | There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22786 |
CVE-2023-29693 | H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29693 |
CVE-2023-29696 | H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29696 |
CVE-2023-30092 | SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30092 |
CVE-2023-23526 | This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23526 |
CVE-2023-27953 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27953 |
CVE-2023-28201 | This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28201 |
CVE-2023-24507 | \n\n\nAgilePoint NX v8.0 SU2.2 & SU2.3 – Insecure File Upload - Vulnerability allows insecure file upload, by an unspecified request.\n\n | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24507 |
CVE-2023-31129 | The Contiki-NG operating system versions 4.8 and prior can be triggered to dereference a NULL pointer in the message handling code for IPv6 router solicitiations. Contiki-NG contains an implementation of IPv6 Neighbor Discovery (ND) in the module `os/net/ipv6/uip-nd6.c`. The ND protocol includes a message type called Router Solicitation (RS), which is used to locate routers and update their address information via the SLLAO (Source Link-Layer Address Option). If the indicated source address changes, a given neighbor entry is set to the STALE state.\n\nThe message handler does not check for RS messages with an SLLAO that indicates a link-layer address change that a neighbor entry can actually be created for the indicated address. The resulting pointer is used without a check, leading to the dereference of a NULL pointer of type `uip_ds6_nbr_t`.\n\nThe problem has been patched in the `develop` branch of Contiki-NG, and will be included in the upcoming 4.9 release. As a workaround, users can apply Contiki-NG pull request #2271 to patch the problem directly. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31129 |
CVE-2023-31182 | \n EasyTor Applications – Authorization Bypass - EasyTor Applications may allow authorization bypass via unspecified method.\n\n\n\n\n | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31182 |
CVE-2023-2594 | A vulnerability, which was classified as critical, was found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the component Registration. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228396. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2594 |
CVE-2023-2595 | A vulnerability has been found in SourceCodester Billing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax_service.php of the component POST Parameter Handler. The manipulation of the argument drop_services leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228397 was assigned to this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2595 |
CVE-2023-2596 | A vulnerability was found in SourceCodester Online Reviewer System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /reviewer/system/system/admins/manage/users/user-update.php of the component GET Parameter Handler. The manipulation of the argument user_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228398 is the identifier assigned to this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2596 |
CVE-2023-31975 | yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31975 |
CVE-2023-29460 | An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of confidentiality, integrity, and availability.\n | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29460 |
CVE-2023-29461 | An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. \n\n potentially resulting in a complete loss of confidentiality, integrity, and availability.\n | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29461 |
CVE-2023-31143 | mage-ai is an open-source data pipeline tool for transforming and integrating data. Those who use Mage starting in version 0.8.34 and prior to 0.8.72 with user authentication enabled may be affected by a vulnerability. The terminal could be accessed by users who are not signed in or do not have editor permissions. Version 0.8.72 contains a fix for this issue. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31143 |
CVE-2023-24941 | Windows Network File System Remote Code Execution Vulnerability | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24941 |
CVE-2023-24943 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24943 |
CVE-2023-32569 | An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-32569 |
CVE-2023-2619 | A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects the function exec of the file disapprove_delete.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228549 was assigned to this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2619 |
CVE-2023-1698 | In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-1698 |
CVE-2023-31126 | `org.xwiki.commons:xwiki-commons-xml` is an XML library used by the open-source wiki platform XWiki. The HTML sanitizer, introduced in version 14.6-rc-1, allows the injection of arbitrary HTML code and thus cross-site scripting via invalid data attributes. This vulnerability does not affect restricted cleaning in HTMLCleaner as there attributes are cleaned and thus characters like `/` and `>` are removed in all attribute names. This problem has been patched in XWiki 14.10.4 and 15.0 RC1 by making sure that data attributes only contain allowed characters. There are no known workarounds apart from upgrading to a version including the fix. | 9.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-31126 |
CVE-2023-32113 | SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.\n\n | 9.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-32113 |
CVE-2022-41649 | A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive process information. An attacker can provide a malicious file to trigger this vulnerability. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-41649 |
CVE-2022-32528 | \nA CWE-306: Missing Authentication for Critical Function vulnerability exists that could\ncause access to manipulate and read specific files in the IGSS project report directory,\npotentially leading to a denial-of-service condition when an attacker sends specific messages.\n\n Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)\n\n | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-32528 |
CVE-2023-27958 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-27958 |
CVE-2023-31123 | `effectindex/tripreporter` is a community-powered, universal platform for submitting and analyzing trip reports. Prior to commit bd80ba833b9023d39ca22e29874296c8729dd53b, any user with an account on an instance of `effectindex/tripreporter`, e.g. `subjective.report`, may be affected by an improper password verification vulnerability. The vulnerability allows any user with a password matching the password requirements to log in as any user. This allows access to accounts / data loss of the user. This issue is patched in commit bd80ba833b9023d39ca22e29874296c8729dd53b. No action necessary for users of `subjective.report`, and anyone running their own instance should update to this commit or newer as soon as possible. As a workaround, someone running their own instance may apply the patch manually. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31123 |
CVE-2023-31178 | AgilePoint NX v8.0 SU2.2 & SU2.3 – Arbitrary File Delete Vulnerability allows arbitrary file deletion, by an unspecified request.\n\n | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31178 |
CVE-2023-30744 | In SAP AS NetWeaver JAVA - versions SERVERCORE 7.50, J2EE-FRMW 7.50, CORE-TOOLS 7.50, an unauthenticated attacker can attach to an open interface and make use of an open naming and directory API to instantiate an object which has methods which can be called without further authorization and authentication. A subsequent call to one of these methods can read or change the state of existing services without any effect on availability.\n\n | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30744 |
CVE-2023-32071 | XWiki Platform is a generic wiki platform. Starting in versions 2.2-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, it's possible to execute javascript with the right of any user by leading him to a special URL on the wiki targeting a page which contains an attachment. This has been patched in XWiki 15.0-rc-1, 14.10.4, and 14.4.8. The easiest possible workaround is to edit file `<xwiki app>/templates/importinline.vm` and apply the modification described in commit 28905f7f518cc6f21ea61fe37e9e1ed97ef36f01. | 9 | https://nvd.nist.gov/vuln/detail/CVE-2023-32071 |
CVE Number | Description | Base Score | Reference |
---|---|---|---|
CVE-2015-8823 | Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2015-8823 |
CVE-2017-6744 | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.\r\n\r The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.\r\n\r There are workarounds that address these vulnerabilities. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-6744 |
CVE-2017-16731 | An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). A vulnerability exists in the authentication of Ellipse to LDAP/AD using the LDAP protocol. An attacker could exploit the vulnerability by sniffing local network traffic, allowing the discovery of authentication credentials. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-16731 |
CVE-2018-3864 | An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "password" value in order to exploit this vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2018-3864 |
CVE-2019-7225 | The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-7225 |
CVE-2019-9013 | An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component are affected regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (also part of the CODESYS Development System setup), CODESYS V3 Simulation Runtime (part of the CODESYS Development System), CODESYS Control V3 Runtime System Toolkit, CODESYS HMI V3. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-9013 |
CVE-2020-15888 | Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-15888 |
CVE-2021-3653 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-3653 |
CVE-2021-31888 | A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018) | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-31888 |
CVE-2021-33621 | The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-33621 |
CVE-2022-47942 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47942 |
CVE-2022-45608 | An issue was discovered in ThingsBoard 3.4.1, allows low privileged attackers (CUSTOMER_USER) to gain escalated privileges (vertically) and become an Administrator (TENANT_ADMIN) or (SYS_ADMIN) on the web application. It is important to note that in order to accomplish this, the attacker must know the corresponding API's parameter (authority : value). | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-45608 |
CVE-2023-24788 | NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24788 |
CVE-2023-28205 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3.1, iOS 16.4.1 and iPadOS 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28205 |
CVE-2023-27976 | \nA CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause\nremote code execution when a valid user visits a malicious link provided through the web\nendpoints. Affected Products: EcoStruxure Control Expert (V15.1 and above) | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27976 |
CVE-2023-2260 | Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2260 |
CVE-2023-30624 | Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled with LLVM 16 which causes some writes, which are critical for correctness, to be optimized away. Vulnerable versions of Wasmtime compiled with Rust 1.70, which is currently in beta, or later are known to have incorrectly compiled functions. Versions of Wasmtime compiled with the current Rust stable release, 1.69, and prior are not known at this time to have any issues, but can theoretically exhibit potential issues.\n\nThe underlying problem is that Wasmtime's runtime state for an instance involves a Rust-defined structure called `Instance` which has a trailing `VMContext` structure after it. This `VMContext` structure has a runtime-defined layout that is unique per-module. This representation cannot be expressed with safe code in Rust so `unsafe` code is required to maintain this state. The code doing this, however, has methods which take `&self` as an argument but modify data in the `VMContext` part of the allocation. This means that pointers derived from `&self` are mutated. This is typically not allowed, except in the presence of `UnsafeCell`, in Rust. When compiled to LLVM these functions have `noalias readonly` parameters which means it's UB to write through the pointers.\n\nWasmtime's internal representation and management of `VMContext` has been updated to use `&mut self` methods where appropriate. Additionally verification tools for `unsafe` code in Rust, such as `cargo miri`, are planned to be executed on the `main` branch soon to fix any Rust-level issues that may be exploited in future compiler versions.\n\nPrecomplied binaries available for Wasmtime from GitHub releases have been compiled with at most LLVM 15 so are not known to be vulnerable. As mentioned above, however, it's still recommended to update.\n\nWasmtime version 6.0.2, 7.0.1, and 8.0.1 have been issued which contain the patch necessary to work correctly on LLVM 16 and have no known UB on LLVM 15 and earlier. If Wasmtime is compiled with Rust 1.69 and prior, which use LLVM 15, then there are no known issues. There is a theoretical possibility for undefined behavior to exploited, however, so it's recommended that users upgrade to a patched version of Wasmtime. Users using beta Rust (1.70 at this time) or nightly Rust (1.71 at this time) must update to a patched version to work correctly. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30624 |
CVE-2023-29057 | A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29057 |
CVE-2023-0683 | A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-0683 |
CVE-2023-25492 | A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25492 |
CVE-2022-47875 | A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47875 |
CVE-2022-47876 | The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47876 |
CVE-2022-47878 | Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47878 |
CVE-2023-26546 | European Chemicals Agency IUCLID before 6.27.6 allows remote authenticated users to execute arbitrary code via Server Side Template Injection (SSTI) with a crafted template file. The attacker must have template manager permission. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26546 |
CVE-2022-30759 | In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30759 |
CVE-2023-2461 | Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2461 |
CVE-2023-1385 | Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services.\n\nThis issue affects:\n\nAmazon Fire TV Stick 3rd gen versions prior to 6.2.9.5.\nInsignia TV with FireOS 7.6.3.3. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-1385 |
CVE-2023-28742 | \nWhen DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh.\n\n \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28742 |
CVE-2023-22640 | A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22640 |
CVE-2023-27568 | SQL injection vulnerability inSpryker Commerce OS 0.9 that allows for access to sensitive data via customer/order?orderSearchForm[searchText]= | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27568 |
CVE-2023-31099 | Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31099 |
CVE-2022-4259 | Due to improper input validation in the Alerts controller, a SQL injection vulnerability in Nozomi Networks Guardian and CMC allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-4259 |
CVE-2023-24958 | A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24958 |
CVE-2023-31414 | Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31414 |
CVE-2023-31415 | Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31415 |
CVE-2022-45048 | Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. Users are recommended to update to version 2.4.0.\n\n\n | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-45048 |
CVE-2023-2551 | PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2551 |
CVE-2023-2552 | Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2552 |
CVE-2023-30065 | MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30065 |
CVE-2023-31038 | SQL injection in Log4cxx when using the ODBC appender to send log messages to a database. No fields sent to the database were properly escaped for SQL injection. This has been the case since at least version 0.9.0(released 2003-08-06)\n\n\n\n\nNote that Log4cxx is a C++ framework, so only C++ applications are affected.\n\nBefore version 1.1.0, the ODBC appender was automatically part of Log4cxx if the library was found when compiling the library. As of version 1.1.0, this must be both explicitly enabled in order to be compiled in.\n\n\n\n\nThree preconditions must be met for this vulnerability to be possible:\n\n1. Log4cxx compiled with ODBC support(before version 1.1.0, this was auto-detected at compile time)\n\n2. ODBCAppender enabled for logging messages to, generally done via a config file\n\n3. User input is logged at some point. If your application does not have user input, it is unlikely to be affected.\n\n\n\n\n\nUsers are recommended to upgrade to version 1.1.0 which properly binds the parameters to the SQL statement, or migrate to the new DBAppender class which supports an ODBC connection in addition to other databases. \nNote that this fix does require a configuration file update, as the old configuration files will not configure properly. An example is shown below, and more information may be found in the Log4cxx documentation on the ODBCAppender.\n\n\n\n\n\nExample of old configuration snippet:\n\n<appender name="SqlODBCAppender" class="ODBCAppender">\n\n <param name="sql" value="INSERT INTO logs (message) VALUES ('%m')" />\n\n ... other params here ...\n\n</appender>\n\n\n\n\nThe migrated configuration snippet with new ColumnMapping parameters:\n\n\n<appender name="SqlODBCAppender" class="ODBCAppender">\n\n\n\n\n <param name="sql" value="INSERT INTO logs (message) VALUES (?)" />\n\n <param name="ColumnMapping" value="message"/>\n ... other params here ...\n\n\n</appender>\n\n\n\n\n\n | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31038 |
CVE-2023-2573 | Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the NTP server input field, which can be triggered by authenticated users via a crafted POST request.\n\n\n\n | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2573 |
CVE-2023-2574 | Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request.\n | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2574 |
CVE-2023-2575 | Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2575 |
CVE-2020-18131 | Cross Site Request Forgery (CSRF) vulnerability in Bluethrust Clan Scripts v4 allows attackers to escilate privledges to an arbitrary account via a crafted request to /members/console.php?cID=5. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-18131 |
CVE-2020-22755 | File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-22755 |
CVE-2020-36065 | Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-36065 |
CVE-2021-28999 | SQL Injection vulnerability in CMS Made Simple through 2.2.15 allows remote attackers to execute arbitrary commands via the m1_sortby parameter to modules/News/function.admin_articlestab.php. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-28999 |
CVE-2023-0603 | The Sloth Logo Customizer WordPress plugin through 2.0.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-0603 |
CVE-2023-0768 | The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-0768 |
CVE-2023-22788 | Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22788 |
CVE-2023-22789 | Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22789 |
CVE-2023-22790 | Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22790 |
CVE-2023-30844 | Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in `mutagen` and prior to version 0.17.1 in `mutagen-compose`, Mutagen `list` and `monitor` commands are susceptible to control characters that could be provided by remote endpoints. This could cause terminal corruption, either intentional or unintentional, if these characters were present in error messages or file paths/names. This could be used as an attack vector if synchronizing with an untrusted remote endpoint, synchronizing files not under control of the user, or forwarding to/from an untrusted remote endpoint. On very old systems with terminals susceptible to issues such as CVE-2003-0069, the issue could theoretically cause code execution. The problem has been patched in Mutagen v0.16.6 and v0.17.1. Earlier versions of Mutagen are no longer supported and will not be patched. Versions of Mutagen after v0.18.0 will also have the patch merged. As a workaround, avoiding synchronization of untrusted files or interaction with untrusted remote endpoints should mitigate any risk. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30844 |
CVE-2023-1031 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `settings` endpoint and first_name parameter. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-1031 |
CVE-2023-1094 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/food` endpoint and food parameter. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-1094 |
CVE-2023-23532 | This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to break out of its sandbox | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23532 |
CVE-2023-27934 | A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27934 |
CVE-2023-27935 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected app termination or arbitrary code execution | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27935 |
CVE-2023-31127 | libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual\nauthentication, the attacker may be able to establish the session with `KEY_EXCHANGE` and `PSK_FINISH` to bypass the mutual authentication. This is most likely to happen when the Requester begins a session using one method (DHE, for example) and then uses the other method's finish (PSK_FINISH in this example) to establish the session. The session hashes would be expected to fail in this case, but the condition was not detected.\n\nThis issue only impacts the SPDM responder, which supports `KEY_EX_CAP=1 and `PSK_CAP=10b` at same time with mutual authentication requirement. The SPDM requester is not impacted. The SPDM responder is not impacted if `KEY_EX_CAP=0` or `PSK_CAP=0` or `PSK_CAP=01b`. The SPDM responder is not impacted if mutual authentication is not required.\n\nlibspdm 1.0, 2.0, 2.1, 2.2, 2.3 are all impacted. Older branches are not maintained, but users of the 2.3 branch may receive a patch in version 2.3.2. The SPDM specification (DSP0274) does not contain this vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31127 |
CVE-2023-31976 | libming v0.4.8 was discovered to contain a stack buffer overflow via the function makeswf_preprocess at /util/makeswf_utils.c. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31976 |
CVE-2020-23363 | Cross Site Request Forgery (CSRF) vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-23363 |
CVE-2023-32069 | XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-2 and prior to versions 14.10.4 and 15.0-rc-1, it's possible for a user to execute anything with the right of the author of the XWiki.ClassSheet document. This has been patched in XWiki 15.0-rc-1 and 14.10.4. There are no known workarounds. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-32069 |
CVE-2023-24947 | Windows Bluetooth Driver Remote Code Execution Vulnerability | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24947 |
CVE-2023-25832 | There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.0 and below that may allow an attacker to trick an authorized user into executing unwanted actions. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25832 |
CVE-2022-45846 | Cross-Site Request Forgery (CSRF) vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin < 5.6.9 versions. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-45846 |
CVE-2023-31566 | Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted(). | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31566 |
CVE-2023-31567 | Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31567 |
CVE-2023-31568 | Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31568 |
CVE-2022-47379 | An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47379 |
CVE-2022-47380 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47380 |
CVE-2022-47381 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47381 |
CVE-2022-47382 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47382 |
CVE-2022-47383 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47383 |
CVE-2022-47384 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47384 |
CVE-2022-47385 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47385 |
CVE-2022-47386 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47386 |
CVE-2022-47387 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47387 |
CVE-2022-47388 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47388 |
CVE-2022-47389 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47389 |
CVE-2022-47390 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47390 |
CVE-2023-21505 | Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox. | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-21505 |
CVE-2022-46720 | An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to break out of its sandbox | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2022-46720 |
CVE-2023-27944 | This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to break out of its sandbox | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-27944 |
CVE-2023-27967 | The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-27967 |
CVE-2018-18559 | In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2018-18559 |
CVE-2019-6974 | In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2019-6974 |
CVE-2022-41981 | A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-41981 |
CVE-2022-43597 | Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT8`. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-43597 |
CVE-2022-43598 | Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-43598 |
CVE-2022-43599 | Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8` | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-43599 |
CVE-2022-43600 | Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16` | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-43600 |
CVE-2022-43601 | Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16` | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-43601 |
CVE-2022-43602 | Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8` | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-43602 |
CVE-2022-47943 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-47943 |
CVE-2023-31435 | Multiple components (such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews) in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31435 |
CVE-2023-28656 | \nNGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment. \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n\n\n | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-28656 |
CVE-2023-30399 | Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30399 |
CVE-2021-40331 | An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled\nThis issue affects Apache Ranger Hive Plugin: from 2.0.0 through 2.3.0. Users are recommended to upgrade to version 2.4.0 or later.\n\n\n | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-40331 |
CVE-2023-2534 | Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain live insight into overall system usage. User IDs can easily be correlated with real names e. g. via\nticket histories by any user. (Fuzzing for garnering other adjacent user/sensitive data). Subscribing to all possible push events could also lead to performance implications on the server side, depending on the size of the installation\nand the number of active users. (Flooding)This issue affects OTRS: from 8.0.X before 8.0.32.\n\n | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-2534 |
CVE-2023-24903 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-24903 |
CVE-2023-28283 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-28283 |
CVE-2018-16884 | A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2018-16884 |
CVE-2019-15613 | A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2019-15613 |
CVE-2016-9777 | KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2016-9777 |
CVE-2018-1168 | This vulnerability allows local attackers to escalate privileges on vulnerable installations of ABB MicroSCADA 9.3 with FP 1-2-3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of the access controls for the installed product files. The installation procedure leaves critical files open to manipulation by any authenticated user. An attacker can leverage this vulnerability to escalate privileges to SYSTEM. Was ZDI-CAN-5097. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2018-1168 |
CVE-2018-3916 | An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 136 bytes. An attacker can send an arbitrarily long 'directory' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2018-3916 |
CVE-2020-15777 | An issue was discovered in the Maven Extension plugin before 1.6 for Gradle Enterprise. The extension uses a socket connection to send serialized Java objects. Deserialization is not restricted to an allow-list, thus allowing an attacker to achieve code execution via a malicious deserialization gadget chain. The socket is not bound exclusively to localhost. The port this socket is assigned to is randomly selected and is not intentionally exposed to the public (either by design or documentation). This could potentially be used to achieve remote code execution and local privilege escalation. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-15777 |
CVE-2020-27786 | A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-27786 |
CVE-2021-35039 | kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-35039 |
CVE-2021-35526 | Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data Manager – SDM600 allows attacker to gain access to sensitive information. This issue affects: Hitachi ABB Power Grids System Data Manager – SDM600 1.2 versions prior to FP2 HF6 (Build Nr. 1.2.14002.257). | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-35526 |
CVE-2021-42008 | The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-42008 |
CVE-2022-23222 | kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-23222 |
CVE-2021-22600 | A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-22600 |
CVE-2022-24122 | kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-24122 |
CVE-2022-0492 | A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-0492 |
CVE-2021-4197 | An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-4197 |
CVE-2022-28893 | The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28893 |
CVE-2022-1882 | A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1882 |
CVE-2022-1943 | A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1943 |
CVE-2022-32250 | net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-32250 |
CVE-2022-1998 | A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1998 |
CVE-2022-34918 | An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-34918 |
CVE-2022-3545 | A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-3545 |
CVE-2022-47518 | An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47518 |
CVE-2022-47519 | An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47519 |
CVE-2022-34670 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-34670 |
CVE-2022-4696 | There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_SPLICE operation. If IORING_OP_SPLICE is missing the IO_WQ_WORK_FILES flag, which signals that the operation won't use current->nsproxy, so its reference counter is not increased. This assumption is not always true as calling io_splice on specific files will call the get_uts function which will use current->nsproxy leading to invalidly decreasing its reference counter later causing the use-after-free vulnerability. We recommend upgrading to version 5.10.160 or above | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-4696 |
CVE-2022-4139 | An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-4139 |
CVE-2022-48339 | An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48339 |
CVE-2023-26605 | In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26605 |
CVE-2023-27010 | Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27010 |
CVE-2023-28617 | org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28617 |
CVE-2023-0386 | A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-0386 |
CVE-2023-20993 | In multiple functions of SnoozeHelper.java, there is a possible failure to persist settings due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261588851 | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-20993 |
CVE-2023-1077 | In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-1077 |
CVE-2023-0179 | A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-0179 |
CVE-2023-0664 | A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-0664 |
CVE-2023-1579 | Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-1579 |
CVE-2023-28248 | Windows Kernel Elevation of Privilege Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28248 |
CVE-2023-28293 | Windows Kernel Elevation of Privilege Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28293 |
CVE-2023-29007 | Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29007 |
CVE-2023-26286 | IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX runtime services library to execute arbitrary commands. IBM X-Force ID: 248421. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26286 |
CVE-2023-31436 | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31436 |
CVE-2022-4568 | A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-4568 |
CVE-2023-21665 | Memory corruption in Graphics while importing a file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21665 |
CVE-2023-21666 | Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21666 |
CVE-2017-11197 | In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-11197 |
CVE-2020-22429 | redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /src/header/netdb/mod.rs. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-22429 |
CVE-2023-26203 | A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an authenticated attacker to access to the database via shell commands. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26203 |
CVE-2023-25438 | An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote attackers to execute arbitrary code and gain escalated privileges via modifying specific files. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25438 |
CVE-2023-31284 | illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31284 |
CVE-2023-21484 | Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21484 |
CVE-2023-21488 | Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21488 |
CVE-2023-21491 | Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21491 |
CVE-2023-21497 | Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21497 |
CVE-2023-21498 | Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21498 |
CVE-2023-21499 | Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21499 |
CVE-2023-21501 | Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21501 |
CVE-2023-21502 | Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21502 |
CVE-2023-21506 | Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21506 |
CVE-2023-21508 | Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21508 |
CVE-2023-21509 | Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21509 |
CVE-2023-28068 | \nDell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path\n\n | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28068 |
CVE-2023-30257 | A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build Number v1.0.4 allows attackers to escalate privileges to root. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30257 |
CVE-2021-27280 | OS Command injection vulnerability in mblog 3.5.0 allows attackers to execute arbitrary code via crafted theme when it gets selected. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-27280 |
CVE-2023-30840 | Fluid is an open source Kubernetes-native distributed dataset orchestrator and accelerator for data-intensive applications. Starting in version 0.7.0 and prior to version 0.8.6, if a malicious user gains control of a Kubernetes node running fluid csi pod (controlled by the `csi-nodeplugin-fluid` node-daemonset), they can leverage the fluid-csi service account to modify specs of all the nodes in the cluster. However, since this service account lacks `list node` permissions, the attacker may need to use other techniques to identify vulnerable nodes.\n\nOnce the attacker identifies and modifies the node specs, they can manipulate system-level-privileged components to access all secrets in the cluster or execute pods on other nodes. This allows them to elevate privileges beyond the compromised node and potentially gain full privileged access to the whole cluster.\n\nTo exploit this vulnerability, the attacker can make all other nodes unschedulable (for example, patch node with taints) and wait for system-critical components with high privilege to appear on the compromised node. However, this attack requires two prerequisites: a compromised node and identifying all vulnerable nodes through other means.\n\nVersion 0.8.6 contains a patch for this issue. As a workaround, delete the `csi-nodeplugin-fluid` daemonset in `fluid-system` namespace and avoid using CSI mode to mount FUSE file systems. Alternatively, using sidecar mode to mount FUSE file systems is recommended. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30840 |
CVE-2023-23525 | This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to gain root privileges | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23525 |
CVE-2023-23536 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23536 |
CVE-2023-23540 | The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23540 |
CVE-2023-27936 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. An app may be able to cause unexpected system termination or write kernel memory | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27936 |
CVE-2023-27937 | An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27937 |
CVE-2023-27938 | An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27938 |
CVE-2023-27946 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27946 |
CVE-2023-27949 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27949 |
CVE-2023-27957 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27957 |
CVE-2023-27959 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27959 |
CVE-2023-27960 | This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macOS 10.4.8. An app may be able to gain elevated privileges during the installation of GarageBand | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27960 |
CVE-2023-27965 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27965 |
CVE-2023-27969 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27969 |
CVE-2023-27970 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-27970 |
CVE-2023-28181 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28181 |
CVE-2023-32233 | In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-32233 |
CVE-2022-44433 | In phoneEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-44433 |
CVE-2022-48243 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48243 |
CVE-2022-48244 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48244 |
CVE-2022-48245 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48245 |
CVE-2022-48246 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48246 |
CVE-2022-48247 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48247 |
CVE-2022-48248 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48248 |
CVE-2022-48249 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48249 |
CVE-2022-48250 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48250 |
CVE-2022-48368 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48368 |
CVE-2022-48369 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48369 |
CVE-2022-48383 | .In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48383 |
CVE-2022-48384 | In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48384 |
CVE-2022-48388 | In powerEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-48388 |
CVE-2023-29092 | An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29092 |
CVE-2023-30237 | CyberGhostVPN Windows Client before v8.3.10.10015 was discovered to contain a DLL injection vulnerability via the component Dashboard.exe. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30237 |
CVE-2023-31972 | yasm v1.3.0 was discovered to contain a use after free via the function pp_getline at /nasm/nasm-pp.c. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31972 |
CVE-2023-31974 | yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31974 |
CVE-2023-31973 | yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31973 |
CVE-2023-31979 | Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31979 |
CVE-2023-31981 | Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31981 |
CVE-2023-31982 | Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31982 |
CVE-2021-31240 | An issue found in libming v.0.4.8 allows a local attacker to execute arbitrary code via the parseSWF_IMPORTASSETS function in the parser.c file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-31240 |
CVE-2023-24902 | Win32k Elevation of Privilege Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24902 |
CVE-2023-24905 | Remote Desktop Client Remote Code Execution Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24905 |
CVE-2023-24946 | Windows Backup Service Elevation of Privilege Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24946 |
CVE-2023-24949 | Windows Kernel Elevation of Privilege Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24949 |
CVE-2023-24953 | Microsoft Excel Remote Code Execution Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24953 |
CVE-2023-29336 | Win32k Elevation of Privilege Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29336 |
CVE-2023-29340 | AV1 Video Extension Remote Code Execution Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29340 |
CVE-2023-29341 | AV1 Video Extension Remote Code Execution Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29341 |
CVE-2023-29343 | SysInternals Sysmon for Windows Elevation of Privilege Vulnerability | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29343 |
CVE-2023-2609 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2609 |
CVE-2023-2610 | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2610 |
CVE-2023-31906 | Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31906 |
CVE-2023-31907 | Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31907 |
CVE-2023-29273 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29273 |
CVE-2023-29274 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29274 |
CVE-2023-29275 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29275 |
CVE-2023-29276 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29276 |
CVE-2023-29278 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29278 |
CVE-2023-29280 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29280 |
CVE-2023-29281 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29281 |
CVE-2023-29282 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29282 |
CVE-2023-29283 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29283 |
CVE-2023-29284 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29284 |
CVE-2023-29285 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-29285 |
CVE-2022-4048 | Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application. | 7.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-4048 |
CVE-2019-19094 | Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2019-19094 |
CVE-2023-30740 | SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality, limited impact on integrity and availability of the application.\n\n | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-30740 |
CVE-2023-29104 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to overwrite any file the Linux user `ccuser` has write access to, or to download any file the Linux user `ccuser` has read-only access to. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-29104 |
CVE-2017-7548 | PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-7548 |
CVE-2018-3918 | An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync' operation, leading to arbitrary deletion of cameras. An attacker can send an HTTP request to trigger this vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2018-3918 |
CVE-2018-20720 | ABB Relion 630 devices 1.1 before 1.1.0.C0, 1.2 before 1.2.0.B3, and 1.3 before 1.3.0.A6 allow remote attackers to cause a denial of service (reboot) via a reboot command in an SPA message. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2018-20720 |
CVE-2019-9012 | An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-9012 |
CVE-2019-18247 | An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-18247 |
CVE-2019-19097 | ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-19097 |
CVE-2020-16170 | Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value via unspecified vectors. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-16170 |
CVE-2020-27813 | An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-27813 |
CVE-2021-20407 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system. IBM X-Force ID: 196185.\n\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-20407 |
CVE-2021-20409 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 196188.\n\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-20409 |
CVE-2021-26845 | Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.2; 6.1 versions prior to 6.1.4; 6.3 versions prior to 6.3. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-26845 |
CVE-2021-27196 | Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-27196 |
CVE-2021-29063 | A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-29063 |
CVE-2021-35527 | Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials that are stored by the browser. This issue affects: Hitachi ABB Power Grids eSOMS version 6.3 and prior versions. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-35527 |
CVE-2002-20001 | The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2002-20001 |
CVE-2021-35533 | Improper Input Validation vulnerability in the APDU parser in the Bidirectional Communication Interface (BCI) IEC 60870-5-104 function of Hitachi Energy RTU500 series allows an attacker to cause the receiving RTU500 CMU of which the BCI is enabled to reboot when receiving a specially crafted message. By default, BCI IEC 60870-5-104 function is disabled (not configured). This issue affects: Hitachi Energy RTU500 series CMU Firmware version 12.0.* (all versions); CMU Firmware version 12.2.* (all versions); CMU Firmware version 12.4.* (all versions). | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-35533 |
CVE-2022-28613 | A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that is caused by the validation error in the length information carried in MBAP header allows an ATTACKER to reboot the device by sending a special crafted message. This issue affects: Hitachi Energy RTU500 series CMU Firmware 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.*. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-28613 |
CVE-2022-36946 | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-36946 |
CVE-2022-2591 | A vulnerability classified as critical has been found in TEM FLEX-1085 1.6.0. Affected is an unknown function of the file /sistema/flash/reboot. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-2591 |
CVE-2021-42521 | There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may crash the application. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-42521 |
CVE-2022-3526 | A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211024. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-3526 |
CVE-2022-35266 | A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_firmware/` API. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-35266 |
CVE-2022-45061 | An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-45061 |
CVE-2022-41988 | An information disclosure vulnerability exists in the OpenImageIO::decode_iptc_iim() functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-41988 |
CVE-2022-41999 | A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. A specially-crafted .dds can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-41999 |
CVE-2022-47941 | An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47941 |
CVE-2023-26081 | In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-26081 |
CVE-2023-25824 | Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions from 0.9.0 to 0.12.0 (including) did not properly fail blocking read operations on TLS connections when the transport hit timeouts. Instead it entered an endless loop retrying the read operation, consuming CPU resources. This could be exploited for denial of service attacks. If trace level logging was enabled, it would also produce an excessive amount of log output during the loop, consuming disk space. The problem has been fixed in commit d7eec4e598158ab6a98bf505354e84352f9715ec, please update to version 0.12.1. There are no workarounds, users who cannot update should apply the errno fix detailed in the security advisory. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-25824 |
CVE-2022-41723 | A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-41723 |
CVE-2023-27783 | An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27783 |
CVE-2023-27784 | An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27784 |
CVE-2023-27785 | An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27785 |
CVE-2023-27786 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27786 |
CVE-2023-27787 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27787 |
CVE-2023-27788 | An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27788 |
CVE-2023-27789 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27789 |
CVE-2023-1681 | A vulnerability, which was classified as problematic, was found in Xunrui CMS 4.61. Affected is an unknown function of the file /config/myfield/test.php. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224238 is the identifier assigned to this vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-1681 |
CVE-2023-1682 | A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dayrui/My/Config/Install.txt. The manipulation leads to direct request. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224239. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-1682 |
CVE-2023-1683 | A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/system_log.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224240. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-1683 |
CVE-2023-29085 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29085 |
CVE-2023-29086 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29086 |
CVE-2023-29087 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After header. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29087 |
CVE-2023-29088 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Session-Expires header. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29088 |
CVE-2023-29089 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29089 |
CVE-2023-29090 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Via header. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29090 |
CVE-2023-29091 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29091 |
CVE-2023-30608 | sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known workarounds for this issue.\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30608 |
CVE-2023-25619 | \nA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that\ncould cause denial of service of the controller when communicating over the Modbus TCP\nprotocol. \n\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-25619 |
CVE-2023-25652 | Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-25652 |
CVE-2023-27559 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27559 |
CVE-2023-28770 | The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28770 |
CVE-2023-29255 | IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29255 |
CVE-2023-27556 | IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service. IBM X-Force ID: 249190. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27556 |
CVE-2023-27555 | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27555 |
CVE-2023-26021 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-26021 |
CVE-2023-26022 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-26022 |
CVE-2022-48482 | 3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48482 |
CVE-2022-48483 | 3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters. NOTE: this issue exists because of an incomplete fix for CVE-2022-28005. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48483 |
CVE-2022-40504 | Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-40504 |
CVE-2023-30861 | Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches `Set-Cookie` headers, it may send one client's `session` cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met.\n\n1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.\n2. The application sets `session.permanent = True`\n3. The application does not access or modify the session at any point during a request.\n4. `SESSION_REFRESH_EACH_REQUEST` enabled (the default).\n5. The application does not set a `Cache-Control` header to indicate that a page is private or should not be cached.\n\nThis happens because vulnerable versions of Flask only set the `Vary: Cookie` header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified. This issue has been fixed in versions 2.3.2 and 2.2.5. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30861 |
CVE-2023-30403 | An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to bypass login by connecting to the web app after a successful attempt by a legitimate user. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30403 |
CVE-2022-40302 | An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-40302 |
CVE-2022-40318 | An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. NOTE: this behavior occurs in bgp_open_option_parse in the bgp_open.c file, a different location (with a different attack vector) relative to CVE-2022-40302. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-40318 |
CVE-2022-43681 | An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-43681 |
CVE-2023-24594 | \nWhen an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24594 |
CVE-2023-29163 | \nWhen UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29163 |
CVE-2022-45860 | A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in device registration page may allow an unauthenticated attacker to perform password spraying attacks with an increased chance of success. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-45860 |
CVE-2023-25934 | \nDELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request.\n\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-25934 |
CVE-2017-20184 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Carlo Gavazzi Powersoft up to version 2.1.1.1 allows an unauthenticated, remote attacker to download any file from the affected device. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-20184 |
CVE-2023-29994 | In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29994 |
CVE-2023-29995 | In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29995 |
CVE-2023-29996 | In NanoMQ v0.15.0-0, segment fault with Null Pointer Dereference occurs in the process of decoding subinfo_decode and unsubinfo_decode. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29996 |
CVE-2023-25289 | Directory Traversal vulnerability in virtualreception Digital Receptie version win7sp1_rtm.101119-1850 6.1.7601.1.0.65792 in embedded web server, allows attacker to gain sensitive information via a crafted GET request. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-25289 |
CVE-2023-30282 | PrestaShop scexportcustomers <= 3.6.1 is vulnerable to Incorrect Access Control. Due to a lack of permissions' control, a guest can access exports from the module which can lead to leak of personal information from customer table. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30282 |
CVE-2023-32235 | Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-32235 |
CVE-2023-30243 | Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30243 |
CVE-2023-26285 | IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-26285 |
CVE-2023-29350 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29350 |
CVE-2022-22313 | IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-22313 |
CVE-2023-32290 | The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is expected by a server. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-32290 |
CVE-2023-22787 | An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-22787 |
CVE-2023-30551 | Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory (OOM) conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can cause an out of memory crash if files within the META-INF directory of the JAR are sufficiently large. Parsing of an APK file submitted to Rekor can cause an out of memory crash if the .SIGN or .PKGINFO files within the APK are sufficiently large. The OOM crash has been patched in Rekor version 1.1.1. There are no known workarounds. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30551 |
CVE-2023-30855 | Pimcore is an open source data and experience management platform. Versions of Pimcore prior to 10.5.18 are vulnerable to path traversal. The impact of this path traversal and arbitrary extension is limited to creation of arbitrary files and appending data to existing files. When combined with the SQL Injection, the exported data `RESTRICTED DIFFUSION 9 / 9` can be controlled and a webshell can be uploaded. Attackers can use that to execute arbitrary PHP code on the server with the permissions of the webserver. Users may upgrade to version 10.5.18 to receive a patch or, as a workaround, apply the patch manually. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30855 |
CVE-2023-27963 | The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A shortcut may be able to use sensitive data with certain actions without prompting the user | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27963 |
CVE-2023-24505 | \nMilesight NCR/camera version 71.8.0.6-r5 discloses sensitive information through an unspecified request. \n\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24505 |
CVE-2023-24506 | \n\n\nMilesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request. \n\n \n\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24506 |
CVE-2023-31133 | Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack.\n\nGhost(Pro) has already been patched. Maintainers can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added. Self-hosters are impacted if running Ghost a version below v5.46.1. v5.46.1 contains a fix for this issue. As a workaround, add a block for requests to `/ghost/api/content/*` where the `filter` query parameter contains `password` or `email`. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31133 |
CVE-2023-31179 | AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal - Vulnerability allows path traversal and downloading files from the server, by an unspecified request.\n\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31179 |
CVE-2023-31181 | \nWJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - CWE-22: Path Traversal\n\n\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31181 |
CVE-2021-31239 | An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-31239 |
CVE-2023-32111 | In SAP PowerDesigner (Proxy) - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application.\n\n | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-32111 |
CVE-2021-44283 | A buffer overflow in the component /Enclave.cpp of Electronics and Telecommunications Research Institute ShieldStore commit 58d455617f99705f0ffd8a27616abdf77bdc1bdc allows attackers to cause an information leak via a crafted structure from an untrusted operating system. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-44283 |
CVE-2023-29105 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS). | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29105 |
CVE-2023-29106 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29106 |
CVE-2023-31137 | MaraDNS is open-source software that implements the Domain Name System (DNS). In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination.\n\nThe vulnerability exists in the `decomp_get_rddata` function within the `Decompress.c` file. When handling a DNS packet with an Answer RR of qtype 16 (TXT record) and any qclass, if the `rdlength` is smaller than `rdata`, the result of the line `Decompress.c:886` is a negative number `len = rdlength - total;`. This value is then passed to the `decomp_append_bytes` function without proper validation, causing the program to attempt to allocate a massive chunk of memory that is impossible to allocate. Consequently, the program exits with an error code of 64, causing a Denial of Service.\n\nOne proposed fix for this vulnerability is to patch `Decompress.c:887` by breaking `if(len <= 0)`, which has been incorporated in version 3.5.0036 via commit bab062bde40b2ae8a91eecd522e84d8b993bab58. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31137 |
CVE-2023-31139 | DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.37 branch and prior to versions 2.37.9.1, 2.38.3.1, and 2.39.1.2, Personal Access Tokens (PATs) generate unrestricted session cookies. This may lead to a bypass of other access restrictions (for example, based on allowed IP addresses or HTTP methods). DHIS2 implementers should upgrade to a supported version of DHIS2: 2.37.9.1, 2.38.3.1, or 2.39.1.2. Implementers can work around this issue by adding extra access control validations on a reverse proxy. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31139 |
CVE-2023-31476 | An issue was discovered on GL.iNet devices running firmware before 3.216. There is an arbitrary file write in which an empty file can be created almost anywhere on the filesystem, as long as the filename and path is no more than 6 characters (the working directory is /www). | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31476 |
CVE-2023-31490 | An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31490 |
CVE-2023-24898 | Windows SMB Denial of Service Vulnerability | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24898 |
CVE-2023-24901 | Windows NFS Portmapper Information Disclosure Vulnerability | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24901 |
CVE-2023-24939 | Server for NFS Denial of Service Vulnerability | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24939 |
CVE-2023-24940 | Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24940 |
CVE-2023-24942 | Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24942 |
CVE-2023-29325 | Windows OLE Remote Code Execution Vulnerability | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29325 |
CVE-2023-29335 | Microsoft Word Security Feature Bypass Vulnerability | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29335 |
CVE-2023-31474 | An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31474 |
CVE-2023-30056 | A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30056 |
CVE-2023-28127 | A path traversal vulnerability exists in Avalanche version 6.3.x and below that when exploited could result in possible information disclosure. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28127 |
CVE-2023-2156 | A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-2156 |
CVE-2023-27510 | JB Inquiry form contains an exposure of private personal information to an unauthorized actor vulnerability, which may allow a remote unauthenticated attacker to obtain information entered from forms created using the affected product. The affected products and versions are as follows: JB Inquiry form versions 0.6.1 and 0.6.0, JB Inquiry form versions 0.5.2, 0.5.1 and 0.5.0, and JB Inquiry form version 0.40. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27510 |
CVE-2023-27527 | Shinseiyo Sogo Soft (7.9A) and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27527 |
CVE-2022-47391 | In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47391 |
CVE-2022-24738 | Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. In versions of evmos prior to 2.0.1 attackers are able to drain unclaimed funds from user addresses. To do this an attacker must create a new chain which does not enforce signature verification and connects it to the target evmos instance. The attacker can use this joined chain to transfer unclaimed funds. Users are advised to upgrade. There are no known workarounds for this issue. | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-24738 |
CVE-2022-45858 | A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks. | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-45858 |
CVE-2023-24948 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-24948 |
CVE-2021-26356 | A TOCTOU in ASP bootloader may allow an attacker\nto tamper with the SPI ROM following data read to memory potentially resulting\nin S3 data corruption and information disclosure.\n\n\n\n\n\n\n\n\n | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2021-26356 |
CVE-2022-42257 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-42257 |
CVE-2022-42258 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-42258 |
CVE-2023-30944 | The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-30944 |
CVE-2020-14678 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-14678 |
CVE-2020-14697 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-14697 |
CVE-2020-25643 | A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-25643 |
CVE-2021-35529 | Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power Grids Retail Operations and Counterparty Settlement Billing (CSB) allows an attacker or unauthorized user to access database credentials, shut down the product and access or alter. This issue affects: Hitachi ABB Power Grids Retail Operations version 5.7.2 and prior versions. Hitachi ABB Power Grids Counterparty Settlement Billing (CSB) version 5.7.2 and prior versions. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2021-35529 |
CVE-2022-43769 | \nHitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream. \n\n | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-43769 |
CVE-2023-29257 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-29257 |
CVE-2023-23470 | IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. By using a specially crafted SQL operation, the administrator could exploit the vulnerability to perform additional administrator operations. IBM X-Force ID: 244510. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-23470 |
CVE-2023-2522 | A vulnerability was found in Chengdu VEC40G 3.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /send_order.cgi?parameter=access_detect of the component Network Detection. The manipulation of the argument COUNT with the input 3 | netstat -an leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228013 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-2522 |
CVE-2023-2554 | External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-2554 |
CVE-2023-29963 | S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-29963 |
CVE-2021-28998 | File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2021-28998 |
CVE-2023-1347 | The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-1347 |
CVE-2023-1408 | The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-1408 |
CVE-2023-2114 | The NEX-Forms WordPress plugin before 8.4 does not properly escape the `table` parameter, which is populated with user input, before concatenating it to an SQL query. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-2114 |
CVE-2023-28762 | SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with administrator privileges to get the login token of any logged-in BI user over the network without any user interaction. The attacker can impersonate any user on the platform resulting into accessing and modifying data. The attacker can also make the system partially or entirely unavailable.\n\n | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-28762 |
CVE-2023-28832 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-28832 |
CVE-2023-24955 | Microsoft SharePoint Server Remote Code Execution Vulnerability | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-24955 |
CVE-2023-28128 | An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-28128 |
CVE-2023-32568 | An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with root/administrator level privileges can leverage this to read sensitive data stored on the servers, modify data or server configuration, and delete data or application configuration. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-32568 |
CVE-2019-18998 | Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can access the resource directly. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2019-18998 |
CVE-2022-34677 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-34677 |
CVE-2023-23398 | Microsoft Excel Spoofing Vulnerability | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-23398 |
CVE-2023-1380 | A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-1380 |
CVE-2023-1652 | A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-1652 |
CVE-2023-2460 | Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium) | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-2460 |
CVE-2023-28724 | \nNGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-28724 |
CVE-2023-27993 | A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a privileged attacker to delete arbitrary directories from the underlying file system via crafted CLI commands. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-27993 |
CVE-2023-21490 | Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-21490 |
CVE-2023-27968 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-27968 |
CVE-2020-23362 | Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to escalate privileges via the cover_id parameter. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2020-23362 |
CVE-2023-24904 | Windows Installer Elevation of Privilege Vulnerability | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-24904 |
CVE-2023-29030 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-29030 |
CVE-2023-29031 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-29031 |
CVE-2021-3609 | .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. | 7 | https://nvd.nist.gov/vuln/detail/CVE-2021-3609 |
CVE-2023-24899 | Windows Graphics Component Elevation of Privilege Vulnerability | 7 | https://nvd.nist.gov/vuln/detail/CVE-2023-24899 |
CVE-2021-25220 | BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-25220 |
CVE-2022-34674 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-34674 |
CVE-2023-28092 | A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.\n\n | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28092 |
CVE-2023-21489 | Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-21489 |
CVE-2021-22278 | A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2021-22278 |
CVE-2023-32269 | An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-32269 |
CVE-2023-27933 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. An app with root privileges may be able to execute arbitrary code with kernel privileges | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-27933 |
CVE-2023-2513 | A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-2513 |
CVE-2023-24932 | Secure Boot Security Feature Bypass Vulnerability | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-24932 |
CVE-2023-30024 | The MagicJack device, a VoIP solution for internet phone calls, contains a hidden NAND flash memory partition allowing unauthorized read/write access. Attackers can exploit this by replacing the original software with a malicious version, leading to ransomware deployment on the host computer. Affected devices have firmware versions prior to magicJack A921 USB Phone Jack Rev 3.0 V1.4. | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-30024 |
CVE-2017-15583 | The embedded web server on ABB Fox515T 1.0 devices is vulnerable to Local File Inclusion. It accepts a parameter that specifies a file for display or for use as a template. The filename is not validated; an attacker could retrieve any file. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-15583 |
CVE-2019-19000 | For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-19000 |
CVE-2019-19001 | For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-19001 |
CVE-2019-19093 | eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in lower access security due to insecure user passwords. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-19093 |
CVE-2020-14680 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-14680 |
CVE-2020-16168 | Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-16168 |
CVE-2022-0108 | Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-0108 |
CVE-2022-35256 | The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-35256 |
CVE-2022-23548 | Discourse is an option source discussion platform. Prior to version 2.8.14 on the `stable` branch and version 2.9.0.beta16 on the `beta` and `tests-passed` branches, parsing posts can be susceptible to regular expression denial of service (ReDoS) attacks. This issue is patched in versions 2.8.14 and 2.9.0.beta16. There are no known workarounds. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-23548 |
CVE-2022-3162 | Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-3162 |
CVE-2023-0614 | The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-0614 |
CVE-2023-30456 | An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30456 |
CVE-2023-30512 | CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30512 |
CVE-2023-25620 | \n\n\nA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that\ncould cause denial of service of the controller when a malicious project file is loaded onto the\ncontroller by an authenticated user. \n\n \n\n | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-25620 |
CVE-2023-30853 | Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets configured for the repository.\n\nSecrets configured for GitHub Actions are normally passed to the Gradle Build Tool via environment variables. Due to the way that the Gradle Build Tool records these environment variables, they may be persisted into an entry in the GitHub Actions cache. This data stored in the GitHub Actions cache can be read by a GitHub Actions workflow running in an untrusted context, such as that running for a Pull Request submitted by a developer via a repository fork.\n\nThis vulnerability was discovered internally through code review, and we have not seen any evidence of it being exploited in the wild. However, in addition to upgrading the Gradle Build Action, affected users should delete any potentially vulnerable cache entries and may choose to rotate any potentially affected secrets.\n\nGradle Build Action v2.4.2 and newer no longer saves this sensitive data for later use, preventing ongoing leakage of secrets via the GitHub Actions Cache.\n\nWhile upgrading to the latest version of the Gradle Build Action will prevent leakage of secrets going forward, additional actions may be required due to current or previous GitHub Actions Cache entries containing this information.\n\nCurrent cache entries will remain vulnerable until they are forcibly deleted or they expire naturally after 7 days of not being used. Potentially vulnerable entries can be easily identified in the GitHub UI by searching for a cache entry with key matching `configuration-cache-*`. The maintainers recommend that users of the Gradle Build Action inspect their list of cache entries and manually delete any that match this pattern.\n\nWhile maintainers have not seen any evidence of this vulnerability being exploited, they recommend cycling any repository secrets if you cannot be certain that these have not been compromised. Compromise could occur if a user runs a GitHub Actions workflow for a pull request attempting to exploit this data. \nWarning signs to look for in a pull request include:\n- Making changes to GitHub Actions workflow files in a way that may attempt to read/extract data from the Gradle User Home or `<project-root>/.gradle` directories.\n- Making changes to Gradle build files or other executable files that may be invoked by a GitHub Actions workflow, in a way that may attempt to read/extract information from these locations.\n\nSome workarounds to limit the impact of this vulnerability are available:\n- If the Gradle project does not opt-in to using the configuration cache, then it is not vulnerable. \n- If the Gradle project does opt-in to using the configuration-cache by default, then the `--no-configuration-cache` command-line argument can be used to disable this feature in a GitHub Actions workflow.\n\nIn any case, we recommend that users carefully inspect any pull request before approving the execution of GitHub Actions workflows. It may be prudent to require approval for all PRs from external contributors. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30853 |
CVE-2023-29867 | Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29867 |
CVE-2023-29868 | Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29868 |
CVE-2022-47874 | Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47874 |
CVE-2023-2459 | Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. (Chromium security severity: Medium) | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-2459 |
CVE-2023-28406 | A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which may allow an authenticated attacker to read files with .xml extension. Access to restricted information is limited and the attacker does not control what information is obtained. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28406 |
CVE-2022-43919 | IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-43919 |
CVE-2023-29659 | A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29659 |
CVE-2020-22334 | Cross Site Request Forgery (CSRF) vulnerability in beescms v4 allows attackers to delete the administrator account via crafted request to /admin/admin_admin.php. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-22334 |
CVE-2023-0522 | The Enable/Disable Auto Login when Register WordPress plugin through 1.1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-0522 |
CVE-2023-1979 | The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password. The content is then only accessible to website visitors after entering the password. In WordPress, users with the "Author" role can create stories, but don't have the ability to edit password protected stories. The vulnerability allowed users with said role to bypass this permission check when trying to duplicate the protected story in the plugin's own dashboard, giving them access to the seemingly protected content. We recommend upgrading to version 1.32 or beyond commit ad49781c2a35c5c92ef704d4b621ab4e5cb77d68 https://github.com/GoogleForCreators/web-stories-wp/commit/ad49781c2a35c5c92ef704d4b621ab4e5cb77d68 \n | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-1979 |
CVE-2023-23528 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-23528 |
CVE-2023-27954 | The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be able to track sensitive user information | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27954 |
CVE-2023-28180 | A denial-of-service issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. A user in a privileged network position may be able to cause a denial-of-service | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28180 |
CVE-2023-28182 | The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28182 |
CVE-2023-2478 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.9.7, all versions starting from 15.10 before 15.10.6, all versions starting from 15.11 before 15.11.2. Under certain conditions, a malicious unauthorized GitLab user may use a GraphQL endpoint to attach a malicious runner to any project. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-2478 |
CVE-2023-31125 | Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. An uncaught exception vulnerability was introduced in version 5.1.0 and included in version 4.1.0 of the `socket.io` parent package. Older versions are not impacted. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the `engine.io` package, including those who use depending packages like `socket.io`. This issue was fixed in version 6.4.2 of Engine.IO. There is no known workaround except upgrading to a safe version.\n | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31125 |
CVE-2023-31140 | OpenProject is open source project management software. Starting with version 7.4.0 and prior to version 12.5.4, when a user registers and confirms their first two-factor authentication (2FA) device for an account, existing logged in sessions for that user account are not terminated. Likewise, if an administrators creates a mobile phone 2FA device on behalf of a user, their existing sessions are not terminated. The issue has been resolved in OpenProject version 12.5.4 by actively terminating sessions of user accounts having registered and confirmed a 2FA device. As a workaround, users who register the first 2FA device on their account can manually log out to terminate all other active sessions. This is the default behavior of OpenProject but might be disabled through a configuration option. Double check that this option is not overridden if one plans to employ the workaround. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31140 |
CVE-2022-4537 | The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.0.18. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address from logging in. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-4537 |
CVE-2023-31138 | DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.36 branch and prior to versions 2.37.9.1, 2.38.3.1, and 2.39.1.2, using object model traversal in the payload of a PATCH request, authenticated users with write access to an object may be able to modify related objects that they should not have access to. DHIS2 implementers should upgrade to a supported version of DHIS2 to receive a patch: 2.37.9.1, 2.38.3.1, or 2.39.1.2. It is possible to work around this issue by blocking all PATCH requests on a reverse proxy, but this may cause some issues with the functionality of built-in applications using legacy PATCH requests. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31138 |
CVE-2023-32060 | DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.35 branch and prior to versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0, when the Category Option Combination Sharing settings are configured to control access to specific tracker program events or program stages, the `/trackedEntityInstances` and `/events` API endpoints may include all events regardless of the sharing settings applied to the category option combinations. When this specific configuration is present, users may have access to events which they should not be able to see based on the sharing settings of the category options. The events will not appear in the user interface for web-based Tracker Capture or Capture applications, but if the Android Capture App is used they will be displayed to the user. Versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0 contain a fix for this issue. No workaround is known. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-32060 |
CVE-2023-24944 | Windows Bluetooth Driver Information Disclosure Vulnerability | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24944 |
CVE-2023-24950 | Microsoft SharePoint Server Spoofing Vulnerability | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24950 |
CVE-2023-24954 | Microsoft SharePoint Server Information Disclosure Vulnerability | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24954 |
CVE-2023-29324 | Windows MSHTML Platform Security Feature Bypass Vulnerability | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29324 |
CVE-2023-22361 | Improper privilege management vulnerability in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier allows a remote authenticated attacker to alter a WebUI password of the product. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-22361 |
CVE-2023-29024 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nA cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n\n\n | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29024 |
CVE-2022-47378 | Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47378 |
CVE-2022-47392 | An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47392 |
CVE-2022-47393 | An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47393 |
CVE-2023-1544 | A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-1544 |
CVE-2023-27945 | This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3. A sandboxed app may be able to collect system logs | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-27945 |
CVE-2023-27966 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-27966 |
CVE-2020-8120 | A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 was discovered in the svg generation. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2020-8120 |
CVE-2019-19003 | For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2019-19003 |
CVE-2019-19089 | For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text interpreted as JavaScript. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2019-19089 |
CVE-2019-19096 | The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2019-19096 |
CVE-2020-24188 | Cross-site scripting (XSS) vulnerability in the search functionality in Intrexx before 9.4.0 allows remote attackers to inject arbitrary web script or HTML via the request parameter. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2020-24188 |
CVE-2021-27414 | An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-27414 |
CVE-2022-43696 | OX App Suite before 7.10.6-rev20 allows XSS via upsell ads. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-43696 |
CVE-2022-43697 | OX App Suite before 7.10.6-rev30 allows XSS via an activity tracking adapter defined by jslob. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-43697 |
CVE-2022-37306 | OX App Suite before 7.10.6-rev30 allows XSS via an upsell trigger. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-37306 |
CVE-2023-30614 | Pay is a payments engine for Ruby on Rails 6.0 and higher. In versions prior to 6.3.2 a payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL could be distributed via email to specifically target certain individuals. If the targeted application contains a functionality to submit user-generated content (such as comments) the attacker could even distribute the URL using that functionality. This has been patched in version 6.3.2 and above. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30614 |
CVE-2023-30267 | CLTPHP <=6.0 is vulnerable to Cross Site Scripting (XSS) via application/home/controller/Changyan.php. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30267 |
CVE-2023-1384 | The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run\n\nThis issue affects:\n\nAmazon Fire TV Stick 3rd gen versions prior to 6.2.9.5.\nInsignia TV with FireOS versions prior to 7.6.3.3. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-1384 |
CVE-2023-27378 | \nMultiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-27378 |
CVE-2023-25827 | \nDue to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a reflected XSS vulnerability with the suggestion endpoint.\n\n | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-25827 |
CVE-2023-24744 | Cross Site Scripting (XSS) vulnerability in Rediker Software AdminPlus 6.1.91.00 allows remote attackers to run arbitrary code via the onload function within the application DOM. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-24744 |
CVE-2023-2521 | A vulnerability was found in NEXTU NEXT-7004N 3.0.1. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formFilter of the component POST Request Handler. The manipulation of the argument url with the input <svg onload=alert(1337)> leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228012. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-2521 |
CVE-2022-47449 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RexTheme Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD plugin <= 3.1.5 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-47449 |
CVE-2023-30093 | A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30093 |
CVE-2017-20183 | A vulnerability was found in External Media without Import Plugin up to 1.0.0 on WordPress. It has been declared as problematic. This vulnerability affects the function print_media_new_panel of the file external-media-without-import.php. The manipulation of the argument url/error/width/height/mime-type leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.0.1 is able to address this issue. The name of the patch is 9d2ecd159a6e2e3f710b4f1c28e2714f66502746. It is recommended to upgrade the affected component. VDB-227950 is the identifier assigned to this vulnerability. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2017-20183 |
CVE-2023-2560 | A vulnerability was found in jja8 NewBingGoGo up to 2023.5.5.2. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228167. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-2560 |
CVE-2023-2565 | A vulnerability has been found in SourceCodester Multi Language Hotel Management Software 1.0 and classified as problematic. This vulnerability affects unknown code of the file ajax.php of the component POST Parameter Handler. The manipulation of the argument complaint_type with the input --redacted-- leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228172 | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-2565 |
CVE-2022-46799 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin <= 1.0.15 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-46799 |
CVE-2020-18282 | Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2020-18282 |
CVE-2020-19660 | Cross Site Scripting (XSS) pandao editor.md 1.5.0 allows attackers to execute arbitrary code via crafted linked url values. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2020-19660 |
CVE-2020-21038 | Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2020-21038 |
CVE-2023-0421 | The Cloud Manager WordPress plugin through 1.0 does not sanitise and escape the query param ricerca before outputting it in an admin panel, allowing unauthenticated attackers to trick a logged in admin to trigger a XSS payload by clicking a link. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-0421 |
CVE-2023-0514 | The Membership Database WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-0514 |
CVE-2023-0948 | The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-0948 |
CVE-2023-1011 | The AI ChatBot WordPress plugin before 4.4.5 does not escape most of its settings before outputting them back in the dashboard, and does not have a proper CSRF check, allowing attackers to make a logged in admin set XSS payloads in them. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-1011 |
CVE-2023-1660 | The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in a function hooked to init, allowing unauthenticated users to update some settings, leading to Stored XSS due to the lack of escaping when outputting them in the admin dashboard | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-1660 |
CVE-2023-1806 | The WP Inventory Manager WordPress plugin before 2.1.0.12 does not sanitise and escape the message parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-1806 |
CVE-2022-45065 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Squirrly SEO Plugin by Squirrly SEO plugin <= 12.1.20 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-45065 |
CVE-2022-47439 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rocket Apps Open Graphite plugin <= 1.6.0 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-47439 |
CVE-2023-2582 | A prototype pollution vulnerability exists in Strikingly CMS which can result in reflected cross-site scripting (XSS) in affected applications and sites built with Strikingly. The vulnerability exists because of Strikingly JavaScript library parsing the URL fragment allows access to the __proto__ or constructor properties and the Object prototype. By leveraging an embedded gadget like jQuery, an attacker who convinces a victim to visit a specially crafted link could achieve arbitrary javascript execution in the context of the user's browser. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-2582 |
CVE-2023-30334 | AsmBB v2.9.1 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the MiniMag.asm and bbcode.asm libraries. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30334 |
CVE-2023-31180 | \nWJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - Reflected cross-site scripting (RXSS) through an unspecified request.\n\n | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31180 |
CVE-2023-31183 | \n Cybonet PineApp Mail Secure A reflected cross-site scripting (XSS) vulnerability was identified in the product, using an unspecified endpoint.\n\n\n\n\n\n\n | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31183 |
CVE-2023-22710 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in chilidevs Return and Warranty Management System for WooCommerce plugin <= 1.2.3 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-22710 |
CVE-2023-30741 | Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated attacker to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\n\n | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30741 |
CVE-2023-30742 | SAP CRM (WebClient UI) - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 700, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability.An attacker could store a malicious URL and lure the victim to click, causing the script supplied by the attacker to execute in the victim user's session. The information from the victim's session could then be modified or read by the attacker.\n\n | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30742 |
CVE-2023-30743 | Due to improper neutralization of input in SAPUI5 - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, sap.m.FormattedText SAPUI5 control allows injection of untrusted CSS. This blocks user’s interaction with the application. Further, in the absence of URL validation by the application, the vulnerability could lead to the attacker reading or modifying user’s information through phishing attack.\n\n | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30743 |
CVE-2023-31406 | Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated attacker to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\n\n | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31406 |
CVE-2022-46822 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in JC Development Team WooCommerce JazzCash Gateway Plugin plugin <= 2.0 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-46822 |
CVE-2022-46858 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Amin A.Rezapour Product Specifications for Woocommerce plugin <= 0.6.0 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-46858 |
CVE-2022-46864 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin <= 0.1 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-46864 |
CVE-2020-18280 | Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC function. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2020-18280 |
CVE-2023-31144 | Craft CMS is a content management system. Starting in version 3.0.0 and prior to versions 3.8.4 and 4.4.4, a malformed title in the feed widget can deliver a cross-site scripting payload. This issue is fixed in version 3.8.4 and 4.4.4. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31144 |
CVE-2023-31801 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skills wheel parameter. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31801 |
CVE-2023-25829 | There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-25829 |
CVE-2023-25830 | There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-25830 |
CVE-2023-25831 | There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.\n | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-25831 |
CVE-2023-24392 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin <= 1.1.7 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-24392 |
CVE-2023-27419 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Viable Blog theme <= 1.1.4 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-27419 |
CVE-2023-27455 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maui Marketing Update Image Tag Alt Attribute plugin <= 2.4.5 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-27455 |
CVE-2023-29101 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Muffingroup Betheme theme <= 26.7.5 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-29101 |
CVE-2022-47441 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin <= 1.7.0.10 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-47441 |
CVE-2022-47590 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fugu Maintenance Switch plugin <= 1.5.2 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-47590 |
CVE-2022-47600 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Mass Email To users plugin <= 1.1.4 versions. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-47600 |
CVE-2023-29023 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-29023 |
CVE-2023-31508 | A cross-site scripting (XSS) vulnerability in PrestaShop v1.7.7.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter in /contactform/contactform.php. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31508 |
CVE-2020-14422 | Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2020-14422 |
CVE-2021-20600 | Uncontrolled resource consumption in Mitsubishi Electric MELSEC iQ-R series C Controller Module R12CCPU-V Firmware Versions "16" and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module starting up. System reset is required for recovery. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2021-20600 |
CVE-2022-43592 | An information disclosure vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-43592 |
CVE-2022-43593 | A denial of service vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to null pointer dereference. An attacker can provide malicious input to trigger this vulnerability. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-43593 |
CVE-2022-43594 | Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-43594 |
CVE-2022-43595 | Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .fits files. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-43595 |
CVE-2022-43596 | An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-43596 |
CVE-2022-43603 | A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-43603 |
CVE-2023-31290 | Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input seed, resulting in only four billion possible mnemonics. The affected versions of the browser extension are 0.0.172 through 0.0.182. To steal funds efficiently, an attacker can identify all Ethereum addresses created since the 0.0.172 release, and check whether they are Ethereum addresses that could have been created by this extension. To respond to the risk, affected users need to upgrade the product version and also move funds to a new wallet address. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-31290 |
CVE-2023-25930 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-25930 |
CVE-2023-22372 | \nIn the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-22372 |
CVE-2023-24461 | \nAn improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-24461 |
CVE-2023-31141 | OpenSearch is open-source software suite for search, analytics, and observability applications. Prior to versions 1.3.10 and 2.7.0, there is an issue with the implementation of fine-grained access control rules (document-level security, field-level security and field masking) where they are not correctly applied to the queries during extremely rare race conditions potentially leading to incorrect access authorization. For this issue to be triggered, two concurrent requests need to land on the same instance exactly when query cache eviction happens, once every four hours. OpenSearch 1.3.10 and 2.7.0 contain a fix for this issue. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-31141 |
CVE-2023-28764 | SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive information as cleartext in the binaries over the network. This could allow an unauthenticated attacker with deep knowledge to gain sensitive information such as user credentials and domain names, which may have a low impact on confidentiality and no impact on the integrity and availability of the system.\n\n | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-28764 |
CVE-2023-31136 | PostgresNIO is a Swift client for PostgreSQL. Any user of PostgresNIO prior to version 1.14.2 connecting to servers with TLS enabled is vulnerable to a man-in-the-middle attacker injecting false responses to the client's first few queries, despite the use of TLS certificate verification and encryption. The vulnerability is addressed in PostgresNIO versions starting from 1.14.2. There are no known workarounds for unpatched users. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-31136 |
CVE-2023-24900 | Windows NTLM Security Support Provider Information Disclosure Vulnerability | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-24900 |
CVE-2023-28125 | An improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below that could allow an attacker to gain access to the server by registering to receive messages from the server and perform an authentication bypass. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-28125 |
CVE-2023-28126 | An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-28126 |
CVE-2023-32570 | VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-32570 |
CVE-2023-29022 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-29022 |
CVE-2023-29025 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-29025 |
CVE-2023-29026 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-29026 |
CVE-2023-29027 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-29027 |
CVE-2023-29028 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-29028 |
CVE-2023-29029 | \nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-29029 |
CVE-2023-27892 | Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With physical access to a PIN-unlocked device, attackers can extract the BIP39 mnemonic secret from the hardware wallet. | 5.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-27892 |
CVE-2017-14025 | An Improper Input Validation issue was discovered in ABB FOX515T release 1.0. An improper input validation vulnerability has been identified, allowing a local attacker to provide a malicious parameter to the script that is not validated by the application, This could enable the attacker to retrieve any file on the server. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-14025 |
CVE-2020-27784 | A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free(). | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-27784 |
CVE-2022-41553 | Insertion of Sensitive Information into Temporary File vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer probe component) allows local users to gain sensitive information. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-41553 |
CVE-2022-42853 | An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.1. An app may be able to modify protected parts of the file system. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-42853 |
CVE-2022-42865 | This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-42865 |
CVE-2022-34675 | NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-34675 |
CVE-2022-34680 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-34680 |
CVE-2022-42259 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-42259 |
CVE-2023-21776 | Windows Kernel Information Disclosure Vulnerability | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-21776 |
CVE-2022-4285 | An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-4285 |
CVE-2022-41727 | An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-41727 |
CVE-2023-1550 | Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note: NGINX Agent is included with NGINX Instance Manager and used in conjunction with NGINX API Connectivity Manager, and NGINX Management Suite Security Monitoring. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-1550 |
CVE-2022-46703 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. An app may be able to read sensitive location information | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-46703 |
CVE-2023-28271 | Windows Kernel Memory Information Disclosure Vulnerability | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28271 |
CVE-2023-1906 | A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-1906 |
CVE-2023-1548 | \nA CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to\nperform a denial of service through the console server service that is part of EcoStruxure Control Expert. Affected Products: EcoStruxure Control Expert (V15.1 and above) | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-1548 |
CVE-2022-31643 | A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31643 |
CVE-2023-30300 | An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30300 |
CVE-2023-21493 | Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-21493 |
CVE-2023-21495 | Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-21495 |
CVE-2023-21496 | Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-21496 |
CVE-2023-21500 | Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-21500 |
CVE-2023-21507 | Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-21507 |
CVE-2023-21510 | Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-21510 |
CVE-2023-21511 | Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-21511 |
CVE-2022-38707 | IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-38707 |
CVE-2023-22874 | IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-22874 |
CVE-2023-29932 | llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29932 |
CVE-2023-29933 | llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29933 |
CVE-2023-29934 | llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect(). | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29934 |
CVE-2023-29935 | llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29935 |
CVE-2023-29939 | llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr). | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29939 |
CVE-2023-29941 | llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29941 |
CVE-2023-29942 | llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29942 |
CVE-2023-30434 | IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30434 |
CVE-2020-4914 | IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-4914 |
CVE-2022-43877 | IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file. IBM X-Force ID: 240148. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-43877 |
CVE-2023-23527 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. A user may gain access to protected parts of the file system | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-23527 |
CVE-2023-23533 | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-23533 |
CVE-2023-23534 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-23534 |
CVE-2023-23535 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-23535 |
CVE-2023-23537 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-23537 |
CVE-2023-23538 | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-23538 |
CVE-2023-23542 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-sensitive data | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-23542 |
CVE-2023-27929 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27929 |
CVE-2023-27931 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27931 |
CVE-2023-27932 | This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27932 |
CVE-2023-27941 | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to disclose kernel memory | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27941 |
CVE-2023-27942 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27942 |
CVE-2023-27943 | This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Files downloaded from the internet may not have the quarantine flag applied | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27943 |
CVE-2023-27951 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An archive may be able to bypass Gatekeeper | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27951 |
CVE-2023-27955 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4. An app may be able to read arbitrary files | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27955 |
CVE-2023-27956 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27956 |
CVE-2023-27961 | Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. Importing a maliciously crafted calendar invitation may exfiltrate user information | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27961 |
CVE-2023-27962 | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to modify protected parts of the file system | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-27962 |
CVE-2023-28178 | A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app may be able to bypass Privacy preferences | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28178 |
CVE-2023-28189 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to view sensitive information | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28189 |
CVE-2023-28190 | A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28190 |
CVE-2023-28192 | A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to read sensitive location information | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28192 |
CVE-2023-28200 | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28200 |
CVE-2022-38685 | In bluetooth service, there is a possible missing permission check. This could lead to local denial of service in bluetooth service with no additional execution privileges needed. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-38685 |
CVE-2022-44419 | In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-44419 |
CVE-2022-44420 | In modem, there is a possible missing verification of HashMME value in Security Mode Command. This could local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-44420 |
CVE-2022-47340 | In h265 codec firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47340 |
CVE-2022-47487 | In thermal service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47487 |
CVE-2022-47490 | In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47490 |
CVE-2022-47492 | In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47492 |
CVE-2022-47493 | In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47493 |
CVE-2022-48231 | In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48231 |
CVE-2022-48232 | In FM service , there is a possible missing params check. This could lead to local denial of service in FM service . | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48232 |
CVE-2022-48233 | In FM service , there is a possible missing params check. This could lead to local denial of service in FM service . | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48233 |
CVE-2022-48234 | In FM service , there is a possible missing params check. This could lead to local denial of service in FM service . | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48234 |
CVE-2022-48241 | In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48241 |
CVE-2022-48242 | In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48242 |
CVE-2022-48370 | In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48370 |
CVE-2022-48371 | In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48371 |
CVE-2022-48375 | In contacts service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48375 |
CVE-2022-48376 | In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48376 |
CVE-2022-48377 | In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48377 |
CVE-2022-48378 | In engineermode service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48378 |
CVE-2022-48379 | In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-48379 |
CVE-2023-32112 | Vendor Master Hierarchy - versions SAP_APPL 500, SAP_APPL 600, SAP_APPL 602, SAP_APPL 603, SAP_APPL 604, SAP_APPL 605, SAP_APPL 606, SAP_APPL 616, SAP_APPL 617, SAP_APPL 618, S4CORE 100, does not perform necessary authorization checks for an authenticated user to access some of its function. This could lead to modification of data impacting the integrity of the system.\n\n | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-32112 |
CVE-2023-30083 | Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the newVar_N in util/decompile.c. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30083 |
CVE-2023-30084 | An issue found in libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the stackVal function in util/decompile.c. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30084 |
CVE-2023-30085 | Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the cws2fws function in util/decompile.c. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30085 |
CVE-2023-30086 | Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30086 |
CVE-2023-30087 | Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30087 |
CVE-2023-30088 | An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30088 |
CVE-2023-31489 | An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31489 |
CVE-2023-24945 | Windows iSCSI Target Service Information Disclosure Vulnerability | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-24945 |
CVE-2023-28251 | Windows Driver Revocation List Security Feature Bypass Vulnerability | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-28251 |
CVE-2023-29277 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29277 |
CVE-2023-29279 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29279 |
CVE-2023-29286 | Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29286 |
CVE-2019-19002 | For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2019-19002 |
CVE-2019-19095 | Lack of adequate input/output validation for ABB eSOMS versions 4.0 to 6.0.2 might allow an attacker to attack such as stored cross-site scripting by storing malicious content in the database. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2019-19095 |
CVE-2021-27416 | An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of confidential information, or even the takeover of the user’s session. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2021-27416 |
CVE-2022-46265 | A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to malicious websites. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-46265 |
CVE-2023-31223 | Dradis before 4.8.0 allows persistent XSS by authenticated author users, related to avatars. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-31223 |
CVE-2023-29638 | Cross Site Scripting (XSS) vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-29638 |
CVE-2023-30639 | Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. 6.11.P4 (6.11.0.4) is also a fixed release. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30639 |
CVE-2023-31434 | The parameters nutzer_titel, nutzer_vn, and nutzer_nn in the user profile, and langID and ONLINEID in direct links, in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 do not validate input, which allows authenticated attackers to inject HTML Code and XSS payloads in multiple locations. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-31434 |
CVE-2023-29240 | \nAn authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-29240 |
CVE-2023-30619 | Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute uncontrolled code. This issue has been patched in version 14.7.99.143.\n | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30619 |
CVE-2023-30184 | A stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter at /index.php/archives/1/comment. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30184 |
CVE-2023-30094 | A stored cross-site scripting (XSS) vulnerability in TotalJS Flow v10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30094 |
CVE-2023-30095 | A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30095 |
CVE-2023-30096 | A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30096 |
CVE-2023-30097 | A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30097 |
CVE-2023-30216 | Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30216 |
CVE-2022-43866 | IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239436. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-43866 |
CVE-2023-2516 | Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-2516 |
CVE-2023-2553 | Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to 2.2.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-2553 |
CVE-2023-24957 | IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 246115. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-24957 |
CVE-2023-24400 | Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA plugin <= 2.4.6 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-24400 |
CVE-2023-29247 | Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0.\n\n\n | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-29247 |
CVE-2023-23668 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin <= 2.25.1 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-23668 |
CVE-2022-45812 | Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Lees Exxp plugin <= 2.6.8 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-45812 |
CVE-2023-0267 | The Ultimate Carousel For WPBakery Page Builder WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-0267 |
CVE-2023-0268 | The Mega Addons For WPBakery Page Builder WordPress plugin before 4.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-0268 |
CVE-2023-0280 | The Ultimate Carousel For Elementor WordPress plugin through 2.1.7 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-0280 |
CVE-2023-0526 | The Post Shortcode WordPress plugin through 2.0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-0526 |
CVE-2023-0536 | The Wp-D3 WordPress plugin through 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-0536 |
CVE-2023-0537 | The Product Slider For WooCommerce Lite WordPress plugin through 1.1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-0537 |
CVE-2023-0542 | The Custom Post Type List Shortcode WordPress plugin through 1.4.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-0542 |
CVE-2023-1651 | The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in the AJAX action responsible to update the OpenAI settings, allowing any authenticated users, such as subscriber to update them. Furthermore, due to the lack of escaping of the settings, this could also lead to Stored XSS | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-1651 |
CVE-2023-1905 | The WP Popups WordPress plugin before 2.1.5.1 does not properly escape the href attribute of its spu-facebook-page shortcode before outputting it back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. This is due to an insufficient fix of CVE-2023-24003 | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-1905 |
CVE-2023-24408 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.4 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-24408 |
CVE-2023-28493 | Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Macho Themes NewsMag theme <= 2.4.4 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-28493 |
CVE-2023-30787 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/introductions` endpoint and first_met_additional_info parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30787 |
CVE-2023-30788 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people/add` endpoint and nickName, description, lastName, middleName and firstName parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30788 |
CVE-2023-30789 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/work` endpoint and job and company parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30789 |
CVE-2023-30790 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/relationships` endpoint and first_name and last_name parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30790 |
CVE-2023-23894 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Surbma Surbma | GDPR Proof Cookie Consent & Notice Bar plugin <= 17.5.3 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-23894 |
CVE-2023-29188 | SAP CRM WebClient UI - versions SAPSCORE 129, S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker with user level access can read and modify some sensitive information but cannot delete the data.\n\n | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-29188 |
CVE-2023-31407 | SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.\n\n | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-31407 |
CVE-2022-41640 | Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Rymera Web Co Wholesale Suite plugin <= 2.1.5 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-41640 |
CVE-2023-23664 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ConvertBox ConvertBox Auto Embed WordPress plugin <= 1.0.19 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-23664 |
CVE-2023-2591 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-2591 |
CVE-2023-23862 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical scroll recent post plugin <= 14.0 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-23862 |
CVE-2022-46844 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in PixelGrade PixFields plugin <= 0.7.0 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-46844 |
CVE-2023-23647 | Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Sk. Abul Hasan Team Member – Team with Slider plugin <= 4.4 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-23647 |
CVE-2023-31134 | Tauri is software for building applications for multi-platform deployment. The Tauri IPC is usually strictly isolated from external websites, but in versions 1.0.0 until 1.0.9, 1.1.0 until 1.1.4, and 1.2.0 until 1.2.5, the isolation can be bypassed by redirecting an existing Tauri window to an external website. This is either possible by an application implementing a feature for users to visit\narbitrary websites or due to a bug allowing the open redirect. This allows the external website access to the IPC layer and therefore to all configured and exposed Tauri API endpoints and application specific implemented Tauri commands. This issue has been patched in versions 1.0.9, 1.1.4, and 1.2.5. As a workaround, prevent arbitrary input in redirect features and/or only allow trusted websites access to the IPC. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-31134 |
CVE-2023-25834 | Changes to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in specific use cases. This issue may allow users to access content that they are no longer privileged to access. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-25834 |
CVE-2023-31800 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-31800 |
CVE-2023-31802 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skype and linedin_url parameters. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-31802 |
CVE-2023-31804 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the course category parameters. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-31804 |
CVE-2023-31806 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-31806 |
CVE-2023-31807 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the personal notes function. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-31807 |
CVE-2023-30057 | Multiple stored cross-site scripting (XSS) vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-30057 |
CVE-2023-25833 | There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim’s browser (no stateful change made or customer data rendered). | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-25833 |
CVE-2023-2616 | Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-2616 |
CVE-2023-27888 | Cross-site scripting vulnerability in Joruri Gw Ver 3.2.5 and earlier allows a remote authenticated attacker to inject an arbitrary script via Message Memo function of the affected product. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-27888 |
CVE-2023-2614 | Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-2614 |
CVE-2023-2615 | Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-2615 |
CVE-2023-22711 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Agent Evolution IMPress Listings plugin <= 2.6.2 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-22711 |
CVE-2023-23701 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Andrew @ Geeenville Web Design Easy Sign Up plugin <= 3.4.1 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-23701 |
CVE-2023-23786 | Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Christof Servit affiliate-toolkit plugin <= 3.3.3 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-23786 |
CVE-2022-32970 | Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Themify Themify Portfolio Post plugin <= 1.2.4 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-32970 |
CVE-2023-22696 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Custom4Web Affiliate Links Lite plugin <= 2.5 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-22696 |
CVE-2023-23873 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flector BBSpoiler plugin <= 2.01 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-23873 |
CVE-2022-27856 | Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Atlas Gondal Export All URLs plugin <= 4.1 versions. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-27856 |
CVE-2018-16872 | A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2018-16872 |
CVE-2022-35917 | Solana Pay is a protocol and set of reference implementations that enable developers to incorporate decentralized payments into their apps and services. When a Solana Pay transaction is located using a reference key, it may be checked to represent a transfer of the desired amount to the recipient, using the supplied `validateTransfer` function. An edge case regarding this mechanism could cause the validation logic to validate multiple transfers. This issue has been patched as of version `0.2.1`. Users of the Solana Pay SDK should upgrade to it. There are no known workarounds for this issue. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-35917 |
CVE-2022-2795 | By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-2795 |
CVE-2022-41717 | An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-41717 |
CVE-2022-36354 | A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensitive information leak. An attacker can provide a malicious file to trigger this vulnerability. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-36354 |
CVE-2023-27977 | A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss of data when an attacker sends specific crafted messages to the Data Server TCP port. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-27977 |
CVE-2023-27043 | The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-27043 |
CVE-2023-30943 | The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-30943 |
CVE-2023-26268 | Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions:\n * validate_doc_update\n\n * list\n\n * filter\n\n * filter views (using view functions as filters)\n\n * rewrite\n\n * update\n\n\n\nThis doesn't affect map/reduce or search (Dreyfus) index functions.\n\nUsers are recommended to upgrade to a version that is no longer affected by this issue (Apache CouchDB 3.3.2 or 3.2.3).\n\nWorkaround: Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.\n\n | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-26268 |
CVE-2022-39161 | IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. A man-in-the-middle attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 235069. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-39161 |
CVE-2023-1894 | A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-1894 |
CVE-2023-30019 | imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-30019 |
CVE-2023-23494 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to cause a denial-of-service | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-23494 |
CVE-2023-21404 | AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-21404 |
CVE-2023-29107 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint discloses some undocumented files. This could allow an unauthenticated remote attacker to gain access to additional information resources. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-29107 |
CVE-2023-28290 | Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-28290 |
CVE-2023-28317 | A vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-28317 |
CVE-2023-28318 | A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-28318 |
CVE-2023-26126 | All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.\r\r | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-26126 |
CVE-2023-31404 | Under certain conditions, SAP BusinessObjects Business Intelligence Platform (Central Management Service) - versions 420, 430, allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could let them access data sources which would otherwise be restricted.\n\n | 5 | https://nvd.nist.gov/vuln/detail/CVE-2023-31404 |
CVE-2023-29338 | Visual Studio Code Information Disclosure Vulnerability | 5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29338 |
CVE-2019-0097 | Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access. | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2019-0097 |
CVE-2020-14575 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2020-14575 |
CVE-2020-14702 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2020-14702 |
CVE-2021-20406 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184.\n\n | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2021-20406 |
CVE-2023-30205 | A stored cross-site scripting (XSS) vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the unique_id parameter in /admin/article.php. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30205 |
CVE-2023-25962 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari Accordion – Multiple Accordion or FAQs Builder plugin <= 2.3.0 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25962 |
CVE-2023-26016 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tauhidul Alam Simple Portfolio Gallery plugin <= 0.1 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26016 |
CVE-2023-26010 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPMobile.App plugin <= 11.18 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26010 |
CVE-2023-26012 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Denzel Chia | Phire Design Custom Login Page plugin <= 2.0 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26012 |
CVE-2022-47434 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PB SEO Friendly Images plugin <= 4.0.5 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47434 |
CVE-2023-2427 | Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2427 |
CVE-2023-2550 | Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2550 |
CVE-2023-26517 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff Starr Dashboard Widgets Suite plugin <= 3.2.1 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26517 |
CVE-2023-26519 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Benfica Publish to Schedule plugin <= 4.5.4 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-26519 |
CVE-2023-25491 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Samuel Marshall JCH Optimize plugin <= 3.2.2 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25491 |
CVE-2023-2566 | Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-2566 |
CVE-2023-25021 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in FareHarbor FareHarbor for WordPress plugin <= 3.6.6 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25021 |
CVE-2023-25052 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa Yandex.News Feed by Teplitsa plugin <= 1.12.5 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25052 |
CVE-2023-25452 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Pretty (prettyboymp) CMS Press plugin <= 0.2.3 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-25452 |
CVE-2023-28169 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CoreFortress Easy Event calendar plugin <= 1.0 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28169 |
CVE-2020-18132 | Cross Site Scripting (XSS) vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code via the category name field to categoryEdit. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-18132 |
CVE-2023-0544 | The WP Login Box WordPress plugin through 2.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-0544 |
CVE-2023-0894 | The Pickup | Delivery | Dine-in date time WordPress plugin through 1.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-0894 |
CVE-2023-1649 | The AI ChatBot WordPress plugin before 4.5.1 does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-1649 |
CVE-2022-47437 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Branko Borilovic WSB Brands plugin <= 1.1.8 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47437 |
CVE-2023-22791 | A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge-case combination of network configuration, a specific WLAN environment and an attacker already possessing valid user credentials on that WLAN can lead to sensitive information being disclosed via the WLAN. The scenarios in which this disclosure of potentially sensitive information can occur are complex and depend on factors that are beyond the control of the attacker. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-22791 |
CVE-2023-24376 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nico Graff WP Simple Events plugin <= 1.0 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24376 |
CVE-2023-23863 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Black and White Digital Ltd TreePress – Easy Family Trees & Ancestor Profiles plugin <= 2.0.22 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23863 |
CVE-2023-23793 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eightweb Interactive Read More Without Refresh plugin <= 3.1 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23793 |
CVE-2023-23732 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Disqus Conditional Load plugin <= 11.0.6 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23732 |
CVE-2023-23733 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Lazy Social Comments plugin <= 2.0.4 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23733 |
CVE-2023-23734 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin <= 2.2 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23734 |
CVE-2023-23883 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Gwyer WP Content Filter plugin <= 3.0.1 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23883 |
CVE-2023-23884 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanban for WordPress Kanban Boards for WordPress plugin <= 2.5.20 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23884 |
CVE-2023-24372 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in USB Memory Direct Simple Custom Author Profiles plugin <= 1.0.0 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24372 |
CVE-2023-31799 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the system annnouncements parameter. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31799 |
CVE-2023-31803 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the resource sequencing parameters. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31803 |
CVE-2023-31805 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local authenticated attacker to execute arbitrary code via the homepage function. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-31805 |
CVE-2023-23788 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Florin Arjocu Custom More Link Complete plugin <= 1.4.1 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23788 |
CVE-2023-23789 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Premmerce Premmerce Redirect Manager plugin <= 1.0.9 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23789 |
CVE-2023-23812 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joost de Valk Enhanced WP Contact Form plugin <= 2.2.3 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23812 |
CVE-2023-24418 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin <= 3.2 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24418 |
CVE-2023-28932 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPMobile.App WPMobile.App — Android and iOS Mobile Application plugin <= 11.20 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-28932 |
CVE-2023-23794 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Moss Semalt Blocker plugin <= 1.1.3 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-23794 |
CVE-2023-24406 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb ur Rehman Simple PopUp plugin <= 1.8.6 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-24406 |
CVE-2023-30746 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Booqable Rental Software Booqable Rental plugin <= 2.4.15 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-30746 |
CVE-2022-33961 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WaspThemes Visual CSS Style Editor plugin <= 7.5.8 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-33961 |
CVE-2022-46817 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Flyzoo Flyzoo Chat plugin <= 2.3.3 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-46817 |
CVE-2022-46819 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Continuous announcement scroller plugin <= 13.0 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-46819 |
CVE-2022-46861 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Zia Imtiaz Custom Login Page Styler for WordPress plugin <= 6.2 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-46861 |
CVE-2022-47137 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPManageNinja LLC Ninja Tables plugin <= 4.3.4 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47137 |
CVE-2022-47423 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ulf Benjaminsson WP-dTree plugin <= 4.4.5 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47423 |
CVE-2022-47436 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MantraBrain Yatra plugin <= 2.1.14 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47436 |
CVE-2022-47587 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cornel Raiu WP Search Analytics plugin <= 1.4.5 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47587 |
CVE-2022-47606 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tim Stephenson WP-CORS plugin <= 0.2.1 versions. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-47606 |
CVE-2023-23383 | Service Fabric Explorer Spoofing Vulnerability | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-23383 |
CVE-2022-43950 | A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, \r\n 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-43950 |
CVE-2023-29354 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-29354 |
CVE-2023-27952 | A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-27952 |
CVE-2023-1526 | Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-1526 |
CVE-2023-21485 | Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-21485 |
CVE-2023-21486 | Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-21486 |
CVE-2023-30550 | MeterSphere is an open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing, and performance testing. This IDOR vulnerability allows the administrator of a project to modify other projects under the workspace. An attacker can obtain some operating permissions. The issue has been fixed in version 2.9.0. | 4.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30550 |
CVE-2022-4432 | A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS PersistenceConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-4432 |
CVE-2022-4433 | A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-4433 |
CVE-2022-4435 | A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-4435 |
CVE-2023-2269 | A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-2269 |
CVE-2022-45859 | An insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-45859 |
CVE-2023-21492 | Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-21492 |
CVE-2022-39089 | In mlog service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-39089 |
CVE-2022-47334 | In phasecheck server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47334 |
CVE-2022-47469 | In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47469 |
CVE-2022-47470 | In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47470 |
CVE-2022-47485 | In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47485 |
CVE-2022-47486 | In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47486 |
CVE-2022-47488 | In spipe drive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47488 |
CVE-2022-47489 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47489 |
CVE-2022-47491 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47491 |
CVE-2022-47494 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47494 |
CVE-2022-47495 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47495 |
CVE-2022-47496 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47496 |
CVE-2022-47497 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47497 |
CVE-2022-47498 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47498 |
CVE-2022-47499 | In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-47499 |
CVE-2022-48235 | In MP3 encoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48235 |
CVE-2022-48236 | In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48236 |
CVE-2022-48237 | In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48237 |
CVE-2022-48238 | In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48238 |
CVE-2022-48239 | In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48239 |
CVE-2022-48240 | In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48240 |
CVE-2022-48372 | In bootcp service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48372 |
CVE-2022-48373 | In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48373 |
CVE-2022-48374 | In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48374 |
CVE-2022-48380 | In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48380 |
CVE-2022-48381 | In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48381 |
CVE-2022-48382 | In log service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48382 |
CVE-2022-48385 | In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48385 |
CVE-2022-48386 | the apipe driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48386 |
CVE-2022-48387 | the apipe driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48387 |
CVE-2022-48389 | In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-48389 |
CVE-2019-19091 | For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2019-19091 |
CVE-2022-43698 | OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-43698 |
CVE-2023-2462 | Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. (Chromium security severity: Medium) | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-2462 |
CVE-2023-2463 | Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-2463 |
CVE-2023-2464 | Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. (Chromium security severity: Medium) | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-2464 |
CVE-2023-2465 | Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-2465 |
CVE-2023-2466 | Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low) | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-2466 |
CVE-2023-2467 | Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security severity: Low) | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-2467 |
CVE-2023-2468 | Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low) | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-2468 |
CVE-2023-1383 | An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible.\n\nThis issue affects:\n\nAmazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. \nInsignia TV with FireOS versions prior to 7.6.3.3. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-1383 |
CVE-2023-22813 | \n\n\n\n\n\n\n\n\n\nA device API\nendpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a permissive CORS policy\nand missing authentication requirement for private IPs, a remote attacker on\nthe same network as the device could obtain device information by convincing a\nvictim user to visit an attacker-controlled server and issue a cross-site\nrequest.\n\n\n\nThis issue affects\nMy Cloud OS 5 Mobile App: before 4.21.0; My Cloud Home Mobile App: before 4.21.0; ibi Mobile App: before 4.21.0; My\nCloud OS 5 Web App: before 4.26.0-6126; My Cloud Home Web App: before 4.26.0-6126;\nibi Web App: before 4.26.0-6126.\n\n | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-22813 |
CVE-2023-29103 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device uses a hard-coded password to protect the diagnostic files. This could allow an authenticated attacker to access protected data. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-29103 |
CVE-2022-22508 | Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-22508 |
CVE-2023-23543 | The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A sandboxed app may be able to determine which app is currently using the camera | 3.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-23543 |
CVE-2019-19090 | For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-19090 |
CVE-2019-19092 | ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-19092 |
CVE-2023-2590 | Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-2590 |
CVE-2022-20338 | In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-171966843 | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-20338 |
CVE-2022-42442 | \nIBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform. IBM X-Force ID: 238214.\n\n\n\n | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-42442 |
CVE-2023-21487 | Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-21487 |
CVE-2023-31413 | Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-31413 |
CVE-2023-23523 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-23523 |
CVE-2023-23541 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user’s contacts | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-23541 |
CVE-2023-27928 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user’s contacts | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-27928 |
CVE-2023-28194 | The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-28194 |
CVE-2023-27408 | A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of `-rw-rw-rw-`. This file is used as a mutex for multiple applications interacting with i2c. This could allow an authenticated attacker with access to the SSH interface on the affected device to interfere with the integrity of the mutex and the data it protects. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-27408 |
CVE-2023-27409 | A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-27409 |
CVE-2023-29333 | Microsoft Access Denial of Service Vulnerability | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-29333 |
CVE-2023-27410 | A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service. | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-27410 |
CVE-2023-29128 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to write any file with the extension `.db`. | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-29128 |
CVE-2023-25815 | In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\\mingw64\\share\\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\\` (and since `C:\\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1.\n\nThis vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It does require local write access by the attacker, though, which makes this attack vector less likely. Version 2.40.1 contains a patch for this issue. Some workarounds are available. Do not work on a Windows machine with shared accounts, or alternatively create a `C:\\mingw64` folder and leave it empty. Users who have administrative rights may remove the permission to create folders in `C:\\`. | 2.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-25815 |
CVE-2001-0897 | Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) before 5.47e allows remote attackers to steal user cookies via an [IMG] tag that references an about: URL with an onerror field. | – | https://nvd.nist.gov/vuln/detail/CVE-2001-0897 |
CVE-2010-4645 | strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308. | – | https://nvd.nist.gov/vuln/detail/CVE-2010-4645 |
CVE-2013-0169 | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2013-0169 |
CVE-2015-5698 | Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | – | https://nvd.nist.gov/vuln/detail/CVE-2015-5698 |
CVE-2023-28316 | A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28316 |
CVE-2023-31478 | An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31478 |
CVE-2022-36330 | A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their privileges in order to exploit this buffer overflow vulnerability.\n\nThis issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191. \n\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2022-36330 |
CVE-2022-4008 | In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service | – | https://nvd.nist.gov/vuln/detail/CVE-2022-4008 |
CVE-2023-22441 | Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which may allow a remote attacker to obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22441 |
CVE-2023-23578 | Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier allows a remote unauthenticated attacker to connect to the product's ADB port. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23578 |
CVE-2023-23901 | Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23901 |
CVE-2023-23906 | Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23906 |
CVE-2023-24586 | Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-24586 |
CVE-2023-25070 | Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator's communication to the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25070 |
CVE-2023-25072 | Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25072 |
CVE-2023-25184 | Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, and SkySpider MB-R210 firmware Ver. 1.01.00 and earlier. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25184 |
CVE-2023-27385 | Heap-based buffer overflow vulnerability exists in CX-Drive All models V3.01 and earlier. By having a user open a specially crafted SDD file, arbitrary code may be executed and/or information may be disclosed. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27385 |
CVE-2023-27889 | Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27889 |
CVE-2023-27918 | Cross-site scripting vulnerability in Appointment and Event Booking Calendar for WordPress - Amelia versions prior to 1.0.76 allows a remote unauthenticated attacker to inject an arbitrary script by having a user who is logging in the WordPress where the product is installed visit a malicious URL. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27918 |
CVE-2023-27919 | Authentication bypass vulnerability in NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series) all versions allows a remote unauthenticated attacker to alter the information stored in the system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27919 |
CVE-2023-2617 | A vulnerability classified as problematic was found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this vulnerability is the function DecodedBitStreamParser::decodeByteSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-228547. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2617 |
CVE-2023-2618 | A vulnerability, which was classified as problematic, has been found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to memory leak. The attack may be launched remotely. The name of the patch is 2b62ff6181163eea029ed1cab11363b4996e9cd6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-228548. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2618 |
CVE-2023-30777 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins <= 6.1.5 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30777 |
CVE-2023-32573 | In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32573 |
CVE-2023-1732 | When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. In rare deployment cases (error thrown by the Read() function), this could lead to a predictable shared secret.\n\nThe tkn20 and blindrsa components did not check whether enough randomness was returned from the user provided randomness source. Typically the user provides crypto/rand.Reader, which in the vast majority of cases will always return the right number random bytes. In the cases where it does not, or the user provides a source that does not, the blinding for blindrsa is weak and integrity of the plaintext is not ensured in tkn20.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1732 |
CVE-2022-21162 | Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21162 |
CVE-2022-21239 | Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21239 |
CVE-2022-21804 | Out-of-bounds write in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21804 |
CVE-2022-25976 | Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-25976 |
CVE-2022-27180 | Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27180 |
CVE-2022-28699 | Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-28699 |
CVE-2022-29508 | Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29508 |
CVE-2022-29919 | Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29919 |
CVE-2022-30338 | Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30338 |
CVE-2022-31477 | Improper initialization for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31477 |
CVE-2022-32576 | Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32576 |
CVE-2022-32577 | Improper input validation in BIOS Firmware for some Intel(R) NUC Kits before version PY0081 may allow a privileged user to potentially enable information disclosure or denial of service via local access | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32577 |
CVE-2022-32578 | Improper access control for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32578 |
CVE-2022-32582 | Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element may allow a privileged user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32582 |
CVE-2022-32766 | Improper input validation for some Intel(R) BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32766 |
CVE-2022-33894 | Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33894 |
CVE-2022-33963 | Incorrect default permissions in the software installer for Intel(R) Unite(R) Client software for Windows before version 4.2.34870 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33963 |
CVE-2022-34147 | Improper input validation in BIOS firmware for some Intel(R) NUC 9 Extreme Laptop Kits, Intel(R) NUC Performance Kits, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, and Intel(R) NUC Compute Element may allow a privileged user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-34147 |
CVE-2022-34848 | Uncontrolled search path for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-34848 |
CVE-2022-34855 | Path traversal for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-34855 |
CVE-2022-36339 | Improper input validation in firmware for Intel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element may allow a privileged user to enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-36339 |
CVE-2022-36391 | Incorrect default permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-36391 |
CVE-2022-37327 | Improper input validation in BIOS firmware for Intel(R) NUC, Intel(R) NUC Performance Kit, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element, Intel(R) NUC Extreme, Intel(R) NUC 12 Extreme Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Enthusiast, Intel(R) NUC Essential, Intel(R) NUC Laptop Kit, Intel(R) NUC Extreme Compute Element, Intel(R) NUC Boards, Intel(R) NUC Pro Compute Element, Intel(R) NUC Rugged may allow a privileged user to enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-37327 |
CVE-2022-37409 | Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-37409 |
CVE-2022-38087 | Exposure of resource to wrong sphere in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-38087 |
CVE-2022-38101 | Uncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update software before version iFlashV Windows 5.13.00.2105 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-38101 |
CVE-2022-38103 | Insecure inherited permissions in the Intel(R) NUC Software Studio Service installer before version 1.17.38.0 may allow an authenticated user to potentially enable escalation of privilege via local access | – | https://nvd.nist.gov/vuln/detail/CVE-2022-38103 |
CVE-2022-38787 | Improper input validation in firmware for some Intel(R) FPGA products before version 2.7.0 Hotfix may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-38787 |
CVE-2022-40207 | Improper access control in the Intel(R) SUR software before version 2.4.8989 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-40207 |
CVE-2022-40210 | Exposure of data element to wrong session in the Intel DCM software before version 5.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-40210 |
CVE-2022-40685 | Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow an authenticated user to potentially enable information disclosure via network access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-40685 |
CVE-2022-40971 | Incorrect default permissions for the Intel(R) HDMI Firmware Update Tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-40971 |
CVE-2022-40972 | Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-40972 |
CVE-2022-40974 | Incomplete cleanup in the Intel(R) IPP Cryptography software before version 2021.6 may allow a privileged user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-40974 |
CVE-2022-41610 | Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC before version 2.4 software may allow an authenticated user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41610 |
CVE-2022-41621 | Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41621 |
CVE-2022-41628 | Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41628 |
CVE-2022-41646 | Insufficient control flow management in the Intel(R) IPP Cryptography software before version 2021.6 may allow an unauthenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41646 |
CVE-2022-41658 | Insecure inherited permissions in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41658 |
CVE-2022-41687 | Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41687 |
CVE-2022-41690 | Improper access control in the Intel(R) Retail Edge Mobile iOS application before version 3.4.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41690 |
CVE-2022-41693 | Uncontrolled search path in the Intel(R) Quartus(R) Prime Pro edition software before version 22.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41693 |
CVE-2022-41699 | Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41699 |
CVE-2022-41769 | Improper access control in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41769 |
CVE-2022-41771 | Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41771 |
CVE-2022-41784 | Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow an authenticated user to potentially enable escalation of privilege via local access | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41784 |
CVE-2022-41801 | Uncontrolled resource consumption in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41801 |
CVE-2022-41808 | Improper buffer restriction in software for the Intel QAT Driver for Linux before version 1.7.l.4.12 may allow an authenticated user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41808 |
CVE-2022-41979 | Protection mechanism failure in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41979 |
CVE-2022-41982 | Uncontrolled search path element in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41982 |
CVE-2022-41998 | Uncontrolled search path in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41998 |
CVE-2022-42465 | Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow a privileged user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-42465 |
CVE-2022-42878 | Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-42878 |
CVE-2022-43465 | Improper authorization in the Intel(R) SCS software all versions may allow an authenticated user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-43465 |
CVE-2022-43474 | Uncontrolled search path for the DSP Builder software installer before version 22.4 for Intel(R) FPGAs Pro Edition may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-43474 |
CVE-2022-43475 | Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-43475 |
CVE-2022-43507 | Improper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable escalation of privilege via network access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-43507 |
CVE-2022-44610 | Improper authentication in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-44610 |
CVE-2022-44619 | Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-44619 |
CVE-2022-45128 | Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an authenticated user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-45128 |
CVE-2022-46279 | Improper access control in the Intel(R) Retail Edge android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-46279 |
CVE-2022-46645 | Uncontrolled resource consumption in the Intel(R) Smart Campus Android application before version 9.9 may allow an authenticated user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-46645 |
CVE-2022-46656 | Insecure inherited permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-46656 |
CVE-2023-22297 | Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22297 |
CVE-2023-22312 | Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22312 |
CVE-2023-22355 | Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22355 |
CVE-2023-22379 | Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22379 |
CVE-2023-22440 | Incorrect default permissions in the Intel(R) SCS Add-on software installer for Microsoft SCCM all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22440 |
CVE-2023-22442 | Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22442 |
CVE-2023-22443 | Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22443 |
CVE-2023-22447 | Insertion of sensitive information into log file in the Open CAS software for Linux maintained by Intel before version 22.6.2 may allow a privileged user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22447 |
CVE-2023-22661 | Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22661 |
CVE-2023-23569 | Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23569 |
CVE-2023-23573 | Improper access control in the Intel(R) Unite(R) android application before Release 17 may allow a privileged user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23573 |
CVE-2023-23580 | Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23580 |
CVE-2023-23909 | Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23909 |
CVE-2023-23910 | Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23910 |
CVE-2023-24475 | Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-24475 |
CVE-2023-25175 | Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25175 |
CVE-2023-25179 | Uncontrolled resource consumption in the Intel(R) Unite(R) android application before Release 17 may allow an authenticated user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25179 |
CVE-2023-25545 | Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25545 |
CVE-2023-25568 | Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. In versions 0.4.0 and 0.5.0, if an attacker is able allocate arbitrary many bytes in the Bitswap server, those allocations are lasting even if the connection is closed. This affects users accepting untrusted connections with the Bitswap server and also affects users using the old API stubs at `github.com/ipfs/go-libipfs/bitswap` because users then transitively import `github.com/ipfs/go-libipfs/bitswap/server`. Boxo versions 0.6.0 and 0.4.1 contain a patch for this issue. As a workaround, those who are using the stub object at `github.com/ipfs/go-libipfs/bitswap` not taking advantage of the features provided by the server can refactor their code to use the new split API that will allow them to run in a client only mode: `github.com/ipfs/go-libipfs/bitswap/client`. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25568 |
CVE-2023-25771 | Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25771 |
CVE-2023-25772 | Improper input validation in the Intel(R) Retail Edge Mobile Android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25772 |
CVE-2023-25776 | Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25776 |
CVE-2023-27298 | Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27298 |
CVE-2023-27382 | Incorrect default permissions in the Audio Service for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.0.0.156 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27382 |
CVE-2023-27386 | Uncontrolled search path in some Intel(R) Pathfinder for RISC-V software may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27386 |
CVE-2023-28410 | Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28410 |
CVE-2023-28411 | Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28411 |
CVE-2023-27562 | The n8n package 0.218.0 for Node.js allows Directory Traversal. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27562 |
CVE-2023-27563 | The n8n package 0.218.0 for Node.js allows Escalation of Privileges. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27563 |
CVE-2023-27564 | The n8n package 0.218.0 for Node.js allows Information Disclosure. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27564 |
CVE-2023-29930 | An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29930 |
CVE-2023-31471 | An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to install software from the filesystem, the package list, or a URL. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31471 |
CVE-2023-31908 | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31908 |
CVE-2023-31910 | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31910 |
CVE-2022-41985 | An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41985 |
CVE-2022-46377 | An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no IP address argument is provided to the `PORT` command. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-46377 |
CVE-2022-46378 | An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no port argument is provided to the `PORT` command. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-46378 |
CVE-2023-2629 | Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2629 |
CVE-2023-2630 | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2630 |
CVE-2023-30351 | Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30351 |
CVE-2023-30352 | Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30352 |
CVE-2023-30353 | Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30353 |
CVE-2023-30354 | Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30354 |
CVE-2023-30356 | Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30356 |
CVE-2023-31554 | xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readPageLabelTree2(Object*). This vulnerability allows attackers to cause a Denial of Service (DoS). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31554 |
CVE-2023-31555 | podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31555 |
CVE-2023-31556 | podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31556 |
CVE-2023-31557 | xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readEmbeddedFileTree(Object*). This vulnerability allows attackers to cause a Denial of Service (DoS). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31557 |
CVE-2023-0007 | A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator’s browser when viewed.\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0007 |
CVE-2023-0008 | A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0008 |
CVE-2023-32070 | XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't check for dangerous attributes/attribute values. This allowed cross-site scripting (XSS) attacks via attributes and link URLs, e.g., supported in XWiki syntax. This has been patched in XWiki 14.6-rc-1. There are no known workarounds apart from upgrading to a fixed version. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32070 |
CVE-2023-32076 | in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the files read is `.in_totorc` which is a hidden file in the directory in which in-toto is run. If an attacker controls the inputs to a supply chain step, they can mask their activities by also passing in an `.in_totorc` file that includes the necessary exclude patterns and settings. RC files are widely used in other systems and security issues have been discovered in their implementations as well. Maintainers found in their conversations with in-toto adopters that `in_totorc` is not their preferred way to configure in-toto. As none of the options supported in `in_totorc` is unique, and can be set elsewhere using API parameters or CLI arguments, the maintainers decided to drop support for `in_totorc`. in-toto's `user_settings` module has been dropped altogether in commit 3a21d84f40811b7d191fa7bd17265c1f99599afd. Users may also sandbox functionary code as a security measure. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32076 |
CVE-2022-36937 | HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnerabilities and is deprecated. HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171.1, 4.172.1, 4.173.0 replaces TLS1.0 with TLS1.3.\n\nApplications that call stream_socket_server or stream_socket_client functions with a URL starting with tls:// are affected. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-36937 |
CVE-2021-45345 | Buffer Overflow vulnerability found in En3rgy WebcamServer v.0.5.2 allows a remote attacker to cause a denial of service via the WebcamServer.exe file. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-45345 |
CVE-2022-36329 | An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2022-36329 |
CVE-2023-2310 | A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle (MiTM) that could result in denial of service.\n\nSee the ACSELERATOR RTAC SEL-5033 Software instruction manual date code 20210915 for more details. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2310 |
CVE-2023-30194 | Prestashop posstaticfooter <= 1.0.0 is vulnerable to SQL Injection via posstaticfooter::getPosCurrentHook(). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30194 |
CVE-2023-31148 | An Improper Input Validation vulnerability \n\nin the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code.\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31148 |
CVE-2023-31149 | \nAn Improper Input Validation vulnerability \n\nin the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code.\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31149 |
CVE-2023-31150 | \nA Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords.\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31150 |
CVE-2023-31151 | An Improper Certificate Validation vulnerability \n\nin the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface\n\ncould allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack.\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31151 |
CVE-2023-31152 | An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypass. \nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31152 |
CVE-2023-31153 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31153 |
CVE-2023-31154 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31154 |
CVE-2023-31155 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31155 |
CVE-2023-31156 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31156 |
CVE-2023-31157 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31157 |
CVE-2023-31158 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31158 |
CVE-2023-31159 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31159 |
CVE-2023-31160 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\n\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31160 |
CVE-2023-31161 | An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects.\n\nSee SEL Service Bulletin dated 2022-11-15 for more details. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31161 |
CVE-2023-31162 | An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to arbitrarily alter the content of a configuration file.\n\nSee SEL Service Bulletin dated 2022-11-15 for more details. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31162 |
CVE-2023-31163 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31163 |
CVE-2023-31164 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31164 |
CVE-2023-31165 | \nAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.\n\n\nSee SEL Service Bulletin dated 2022-11-15 for more details.\n\n\n\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31165 |
CVE-2023-31166 | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system.\n\nSee SEL Service Bulletin dated 2022-11-15 for more details. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31166 |
CVE-2022-29842 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability that could allow an attacker to execute code in the context of the root user on a vulnerable CGI file was discovered in Western Digital My Cloud OS 5 devicesThis issue affects My Cloud OS 5: before 5.26.119.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29842 |
CVE-2023-32080 | Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to modify an server's install script or the install script executes code supplied by the user (either through environment variables, or commands that execute commands based off of user data). This vulnerability has been resolved in version `v1.11.6` of Wings, and has been back-ported to the 1.7 release series in `v1.7.5`. Anyone running `v1.11.x` should upgrade to `v1.11.6` and anyone running `v1.7.x` should upgrade to `v1.7.5`.\n\nThere are no workarounds aside from upgrading. Running Wings with a rootless container runtime may mitigate the severity of any attacks, however the majority of users are using container runtimes that run as root as per the Wings documentation. SELinux may prevent attackers from performing certain operations against the host system, however privileged containers have a lot of freedom even on systems with SELinux enabled.\n\nIt should be noted that this was a known attack vector, for attackers to easily exploit this attack it would require compromising an administrator account on a Panel. However, certain eggs (the data structure that holds the install scripts that get passed to Wings) have an issue where they are unknowingly executing shell commands with escalated privileges provided by untrusted user data. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32080 |
CVE-2022-29841 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that was caused by a command that read files from a privileged location and created a system command without sanitizing the read data. This command could be triggered by an attacker remotely to cause code execution and gain a reverse shell in Western Digital My Cloud OS 5 devices.This issue affects My Cloud OS 5: before 5.26.119.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29841 |
CVE-2022-29840 | Server-Side Request Forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL to point back to the loopback adapter was addressed in Western Digital My Cloud OS 5 devices. This could allow the URL to exploit other vulnerabilities on the local server.This issue affects My Cloud OS 5 devices before 5.26.202.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29840 |
CVE-2023-29986 | spring-boot-actuator-logview 0.2.13 allows Directory Traversal to sibling directories via LogViewEndpoint.view. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29986 |
CVE-2023-30172 | A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30172 |
CVE-2023-31442 | In Lightbend Akka before 2.8.1, the async-dns resolver (used by Discovery in DNS mode and transitively by Cluster Bootstrap) uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not validate (e.g., via TLS) the authenticity of the discovered service, this may result in exfiltration of application data (e.g., persistence events may be published to an unintended Kafka broker). If such validation is performed, then the poisoning constitutes a denial of access to the intended service. This affects Akka 2.5.14 through 2.8.0, and Akka Discovery through 2.8.0. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31442 |
CVE-2023-31477 | A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31477 |
CVE-2023-2641 | A vulnerability was found in SourceCodester Online Internship Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/login.php of the component POST Parameter Handler. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228770 is the identifier assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2641 |
CVE-2023-2642 | A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. This affects an unknown part of the file adminpanel/admin/facebox_modal/updateCourse.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228771. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2642 |
CVE-2023-32668 | LuaTeX before 1.17.0 enables the socket library by default. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32668 |
CVE-2023-2643 | A vulnerability classified as critical was found in SourceCodester File Tracker Manager System 1.0. This vulnerability affects unknown code of the file register/update_password.php of the component POST Parameter Handler. The manipulation of the argument new_password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228772. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2643 |
CVE-2023-2644 | A vulnerability, which was classified as problematic, has been found in DigitalPersona FPSensor 1.0.0.1. This issue affects some unknown processing of the file C:\\Program Files (x86)\\FPSensor\\bin\\DpHost.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier VDB-228773 was assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2644 |
CVE-2023-2645 | A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of the component Web Management Page. The manipulation of the argument username/password with the input root leads to use of hard-coded password. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. VDB-228774 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2645 |
CVE-2023-2646 | A vulnerability has been found in TP-Link Archer C7v2 v2_en_us_180114 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component GET Request Parameter Handler. The manipulation leads to denial of service. The attack can only be done within the local network. The associated identifier of this vulnerability is VDB-228775. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2646 |
CVE-2023-2647 | A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this issue is some unknown functionality of the file /webroot/inc/utility_all.php of the component File Upload Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2647 |
CVE-2023-2648 | A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228777 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2648 |
CVE-2023-2649 | A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the file /bin/ate of the component Service Port 7329. The manipulation of the argument v2 leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228778 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2649 |
CVE-2023-2652 | A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_item. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228780. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2652 |
CVE-2023-2653 | A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file items/index.php. The manipulation of the argument cid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228781 was assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2653 |
CVE-2023-2490 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fernando Briano UserAgent-Spy plugin <= 1.3.1 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2490 |
CVE-2023-30256 | Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30256 |
CVE-2023-31473 | An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to read an arbitrary file name while using root privileges. The -f option can be used with a configuration file. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31473 |
CVE-2023-31475 | An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31475 |
CVE-2023-31498 | A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31498 |
CVE-2021-34076 | File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-34076 |
CVE-2023-31445 | Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31445 |
CVE-2023-0851 | Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0851 |
CVE-2023-0852 | Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0852 |
CVE-2023-0853 | Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0853 |
CVE-2023-0854 | Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0854 |
CVE-2023-0855 | Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0855 |
CVE-2023-0856 | Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0856 |
CVE-2023-0857 | Unintentional change of settings during initial registration of system administrators which uses control protocols. The affected Office / Small Office Multifunction Printers and Laser Printers(*) may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0857 |
CVE-2023-0858 | Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0858 |
CVE-2023-0859 | Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*). *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0859 |
CVE-2023-29863 | Medical Systems Co. Medisys Weblab Products v19.4.03 was discovered to contain a SQL injection vulnerability via the tem:statement parameter in the WSDL files. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29863 |
CVE-2023-2656 | A vulnerability classified as critical has been found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_service. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-228798 is the identifier assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2656 |
CVE-2022-47129 | PHPOK v6.3 was discovered to contain a remote code execution (RCE) vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-47129 |
CVE-2023-2657 | A vulnerability classified as problematic was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument search leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228799. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2657 |
CVE-2023-2658 | A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228800. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2658 |
CVE-2023-22720 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Robert Macchi WP Links Page plugin <= 4.9.3 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22720 |
CVE-2023-2659 | A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file view_product.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228801 was assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2659 |
CVE-2023-2660 | A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file view_categories.php. The manipulation of the argument c leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228802 is the identifier assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2660 |
CVE-2023-2661 | A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228803. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2661 |
CVE-2023-24539 | Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-24539 |
CVE-2023-24540 | Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\\t\\n\\f\\r\\u0020\\u2028\\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-24540 |
CVE-2023-29400 | Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29400 |
CVE-2023-32075 | The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management. In `pimcore/customer-management-framework-bundle` prior to version 3.3.9, business logic errors are possible in the `Conditions` tab since the counter can be a negative number. This vulnerability is capable of the unlogic in the counter value in the Conditions tab. Users should update to version 3.3.9 to receive a patch or, as a workaround, or apply the patch manually. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32075 |
CVE-2023-25309 | Cross Site Scripting (XSS) Vulnerability in Fetlife rollout-ui version 0.5, allows attackers to execute arbitrary code via a crafted url to the delete a feature functionality. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25309 |
CVE-2023-1834 | \nRockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default. This could potentially allow attackers unauthorized access to the device through the open ports. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1834 |
CVE-2023-2443 | \nRockwell Automation ThinManager product allows the use of medium strength ciphers. If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2443 |
CVE-2023-2444 | \nA cross site request forgery vulnerability exists in Rockwell Automation's FactoryTalk Vantagepoint. This vulnerability can be exploited in two ways. If an attacker sends a malicious link to a computer that is on the same domain as the FactoryTalk Vantagepoint server and a user clicks the link, the attacker could impersonate the legitimate user and send requests to the affected product. Additionally, if an attacker sends an untrusted link to a computer that is not on the same domain as the server and a user opens the FactoryTalk Vantagepoint website, enters credentials for the FactoryTalk Vantagepoint server, and clicks on the malicious link a cross site request forgery attack would be successful as well.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2444 |
CVE-2023-30394 | MoveIT v1.1.11 was discovered to contain a cross-site scripting (XSS) vulenrability via the API authentication function. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30394 |
CVE-2023-27554 | \nIBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249185.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27554 |
CVE-2023-27870 | \nIBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. IBM X-Force ID: 249518.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27870 |
CVE-2023-29195 | Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that from that point on, anyone who tries to create a new shard from VTAdmin will receive an error. Attempting to view the keyspace(s) will also no longer work. Creating a shard using `vtctldclient` does not have the same problem because the CLI validates the input correctly. Version 16.0.2, corresponding to version 0.16.2 of the `go` module, contains a patch for this issue. Some workarounds are available. Always use `vtctldclient` to create shards, instead of using VTAdmin; disable creating shards from VTAdmin using RBAC; and/or delete the topology record for the offending shard using the client for your topology server. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29195 |
CVE-2023-32082 | etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth (RBAC). Versions 3.4.26 and 3.5.9 fix this issue. There are no known workarounds. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32082 |
CVE-2023-29791 | kodbox <= 1.37 is vulnerable to Cross Site Scripting (XSS) via the debug information. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29791 |
CVE-2023-2662 | In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2662 |
CVE-2023-2663 | In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2663 |
CVE-2023-2664 | In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2664 |
CVE-2023-31146 | Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, during codegen, the length word of a dynarray is written before the data, which can result in out-of-bounds array access in the case where the dynarray is on both the lhs and rhs of an assignment. The issue can cause data corruption across call frames. The expected behavior is to revert due to out-of-bounds array access. Version 0.3.8 contains a patch for this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31146 |
CVE-2023-31497 | Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31497 |
CVE-2023-32058 | Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been patched in version 0.3.8. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32058 |
CVE-2023-28325 | An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28325 |
CVE-2023-28356 | A vulnerability has been identified where a maliciously crafted message containing a specific chain of characters can cause the chat to enter a hot loop on one of the processes, consuming ~120% CPU and rendering the service unresponsive. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28356 |
CVE-2023-28357 | A vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is a member of a given channel, leaking private channel members to unauthorized users. This allows authenticated users to enumerate whether a username is a member of a channel that they do not have access to. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28357 |
CVE-2023-28358 | A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28358 |
CVE-2023-28359 | A NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenticated users when there is at least one custom emoji uploaded to the Rocket.Chat instance. The vulnerability causes a delay in the server response, with the potential for limited impact. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28359 |
CVE-2023-28360 | An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28360 |
CVE-2023-28361 | A Cross-site WebSocket Hijacking (CSWSH) vulnerability found in UniFi OS 2.5 and earlier allows a malicious actor to access certain confidential information by persuading a UniFi OS user to visit a malicious webpage.Affected Products:Cloud Key Gen2Cloud Key Gen2 PlusUNVRUNVR ProfessionalUDMUDM ProfessionalUDM SEUDRMitigation:Update affected products to UniFi OS 3.0.13 or later. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28361 |
CVE-2023-31502 | Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the component /models/management_model.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31502 |
CVE-2023-31528 | Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the staticroute_list parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31528 |
CVE-2023-31529 | Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the system_time_timezone parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31529 |
CVE-2023-31530 | Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the smartqos_priority_devices parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31530 |
CVE-2023-31531 | Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31531 |
CVE-2023-32059 | Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, internal calls with default arguments are compiled incorrectly. Depending on the number of arguments provided in the call, the defaults are added not right-to-left, but left-to-right. If the types are incompatible, typechecking is bypassed. The ability to pass kwargs to internal functions is an undocumented feature that is not well known about. The issue is patched in version 0.3.8. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32059 |
CVE-2023-30192 | Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find(). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30192 |
CVE-2020-13378 | Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2020-13378 |
CVE-2021-39036 | IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213966. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-39036 |
CVE-2023-29790 | kodbox 1.2.x through 1.3.7 has a Sensitive Information Leakage issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29790 |
CVE-2023-29808 | Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29808 |
CVE-2023-29809 | SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29809 |
CVE-2023-2665 | Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2665 |
CVE-2023-2666 | Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2666 |
CVE-2023-30330 | SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gn_defaultframe/2.0/defaultframe_filter.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30330 |
CVE-2023-28520 | IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 250454. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28520 |
CVE-2023-28522 | IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to. IBM X-Force ID: 250585. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28522 |
CVE-2023-2667 | A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-228883. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2667 |
CVE-2023-2668 | A vulnerability was found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this issue is the function manager_category of the file admin/?page=categories/manage_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-228884. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2668 |
CVE-2023-28936 | Attacker can access arbitrary recording/room\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28936 |
CVE-2023-29032 | An attacker that has gained access to certain private information can use this to act as other user.\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29032 |
CVE-2023-29246 | An attacker who has gained access to an admin account can perform RCE via null-byte injection\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29246 |
CVE-2023-2669 | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as critical. This affects an unknown part of the file admin/?page=categories/view_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-228885 was assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2669 |
CVE-2023-2670 | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated remotely. VDB-228886 is the identifier assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2670 |
CVE-2023-2674 | Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2674 |
CVE-2023-32243 | Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32243 |
CVE-2023-2514 | Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization. \n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2514 |
CVE-2023-2515 | Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2515 |
CVE-2023-2671 | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=save_inquiry of the component Contact Form. The manipulation of the argument fullname/contact/message leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228887. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2671 |
CVE-2023-2672 | A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228888. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2672 |
CVE-2023-2676 | A vulnerability, which was classified as critical, has been found in H3C R160 V1004004. Affected by this issue is some unknown functionality of the file /goForm/aspForm. The manipulation of the argument go leads to stack-based buffer overflow. The exploit has been disclosed to the public and may be used. VDB-228890 is the identifier assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2676 |
CVE-2023-2677 | A vulnerability, which was classified as critical, was found in SourceCodester Covid-19 Contact Tracing System 1.0. This affects an unknown part of the file admin/establishment/manage.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228891. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2677 |
CVE-2023-2678 | A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /file_manager/admin/save_user.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228892. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2678 |
CVE-2020-13377 | The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files. | – | https://nvd.nist.gov/vuln/detail/CVE-2020-13377 |
CVE-2023-23169 | Synapsoft pdfocus 1.17 is vulnerable to local file inclusion and server-side request forgery Directory Traversal. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23169 |
CVE-2023-27237 | LavaLite CMS v 9.0.0 was discovered to be vulnerable to a host header injection attack. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27237 |
CVE-2023-27238 | LavaLite CMS v 9.0.0 was discovered to be vulnerable to web cache poisoning. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27238 |
CVE-2023-29657 | eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29657 |
CVE-2023-29818 | An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via the default allowlist feature being stored as non-admin. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29818 |
CVE-2023-29819 | An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via a crafted payload. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29819 |
CVE-2023-29820 | An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to access sensitive information via the EXE installer. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29820 |
CVE-2023-29983 | Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29983 |
CVE-2023-2512 | Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. If a FormData instance contained more than 2^31 elements, the forEach() method could end up reading from the wrong location in memory while iterating over elements. This would most likely lead to a segmentation fault, but could theoretically allow arbitrary undefined behavior.\n\n\nIn order for the bug to be exploitable, the process would need to be able to allocate 160GB of RAM. Due to this, the bug was never exploitable on the Cloudflare Workers platform, but could theoretically be exploitable on deployments of workerd running on machines with a huge amount of memory. Moreover, in order to be remotely exploited, an attacker would have to upload a single form-encoded HTTP request of at least tens of gigabytes in size. The application code would then have to use request.formData() to parse the request and formData.forEach() to iterate over this data. Due to these limitations, the exploitation likelihood was considered Low.\n\nA fix that addresses this vulnerability has been released in version v1.20230419.0 and users are encouraged to update to the latest version available.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2512 |
CVE-2023-30130 | An issue found in CraftCMS v.3.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the Section parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30130 |
CVE-2023-30246 | SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the contestant_id parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30246 |
CVE-2023-31985 | A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31985 |
CVE-2023-23444 | Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23444 |
CVE-2023-2682 | A vulnerability was found in Caton Live up to 2023-04-26 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/ping.cgi of the component Mini_HTTPD. The manipulation of the argument address with the input ;id;uname${IFS}-a leads to command injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228911. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2682 |
CVE-2022-47879 | A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-47879 |
CVE-2022-47880 | An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, authenticated users with permissions to modify database connections to disclose a connections' cleartext password via the 'test connection' function. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-47880 |
CVE-2023-1934 | \nThe PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and passively. Consequently, malicious actors could gain access to vital information, such as Industrial Control System (ICS) and OT data, alongside other sensitive records like SMS and SMS Logs. The unauthorized database access exposes compromised systems to potential manipulation or breach of essential infrastructure data, highlighting the severity of this vulnerability.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1934 |
CVE-2023-27823 | An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27823 |
CVE-2023-31913 | Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31913 |
CVE-2023-31914 | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31914 |
CVE-2023-31916 | Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31916 |
CVE-2023-31918 | Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31918 |
CVE-2023-31919 | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31919 |
CVE-2023-31920 | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31920 |
CVE-2023-31921 | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31921 |
CVE-2023-31922 | QuickJS commit 2788d71 was discovered to contain a stack-overflow via the component js_proxy_isArray at quickjs.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31922 |
CVE-2023-32073 | WWBN AVideo is an open source video platform. In versions 12.4 and prior, a command injection vulnerability exists at `plugin/CloneSite/cloneClient.json.php` which allows Remote Code Execution if you CloneSite Plugin. This is a bypass to the fix for CVE-2023-30854, which affects WWBN AVideo up to version 12.3. This issue is patched in commit 1df4af01f80d56ff2c4c43b89d0bac151e7fb6e3. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32073 |
CVE-2023-32081 | Vert.x STOMP is a vert.x implementation of the STOMP specification that provides a STOMP server and client. From versions 3.1.0 until 3.9.16 and 4.0.0 until 4.4.2, a Vert.x STOMP server processes client STOMP frames without checking that the client send an initial CONNECT frame replied with a successful CONNECTED frame. The client can subscribe to a destination or publish message without prior authentication. Any Vert.x STOMP server configured with an authentication handler is impacted. The issue is patched in Vert.x 3.9.16 and 4.4.2. There are no trivial workarounds. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32081 |
CVE-2023-23867 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gautam Thapar Button Builder – Buttons X plugin <= 0.8.6 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23867 |
CVE-2023-29242 | Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29242 |
CVE-2023-30763 | Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30763 |
CVE-2023-30768 | Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30768 |
CVE-2023-31197 | Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31197 |
CVE-2023-31199 | Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31199 |
CVE-2022-48020 | Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-48020 |
CVE-2023-22685 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin <= v2.2 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22685 |
CVE-2023-23810 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SnapOrbital Panorama plugin <= 1.5 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23810 |
CVE-2023-25428 | A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows attackers to create arbitrary DLLs leading to code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25428 |
CVE-2023-25460 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodeSolz Easy Ad Manager plugin <= 1.0.0 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25460 |
CVE-2023-25958 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Justin Saad Simple Tooltips plugin <= 2.1.4 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25958 |
CVE-2023-28414 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ApexChat plugin <= 1.3.1 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28414 |
CVE-2023-31983 | A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31983 |
CVE-2023-25927 | IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25927 |
CVE-2023-2457 | Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2457 |
CVE-2023-2458 | Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: High) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2458 |
CVE-2023-27863 | IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27863 |
CVE-2023-30247 | File Upload vulnerability found in Oretnom23 Storage Unit Rental Management System v.1.0 allows a remote attacker to execute arbitrary code via the update_settings parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30247 |
CVE-2023-32305 | aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages missing schema qualifiers on privileged functions called by the aiven-extras extension. A low privileged user can create objects that collide with existing function names, which will then be executed instead. Exploiting this vulnerability could allow a low privileged user to acquire `superuser` privileges, which would allow full, unrestricted access to all data and database functions. And could lead to arbitrary code execution or data access on the underlying host as the `postgres` user. The issue has been patched as of version 1.1.9. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32305 |
CVE-2023-32306 | Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the `reports.php` page was not validating all parameters in POST requests. Because some parameters were not checked, it was possible to craft POST requests with malicious SQL for Time Tracker database. This issue is fixed in version 1.22.13.5792. As a workaround, use the fixed code in `ttReportHelper.class.php` from version 1.22.13.5792. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32306 |
CVE-2023-1096 | SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1096 |
CVE-2023-20877 | VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20877 |
CVE-2023-20878 | VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20878 |
CVE-2023-20879 | VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20879 |
CVE-2023-20880 | VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20880 |
CVE-2023-25005 | A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25005 |
CVE-2023-25006 | A malicious actor may convince a user to open a malicious USD file that may trigger a use-after-free vulnerability which could result in code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25006 |
CVE-2023-25007 | A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25007 |
CVE-2023-25008 | A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds read vulnerability which could result in code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25008 |
CVE-2023-25009 | A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds write vulnerability which could result in code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-25009 |
CVE-2023-2088 | A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2088 |
CVE-2023-2181 | An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2181 |
CVE-2023-32303 | Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in version 2.0.1. As a workaround, set the secret file permissions to only user read/write by hand.\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32303 |
CVE-2023-2689 | A vulnerability classified as critical was found in SourceCodester Billing Management System 1.0. This vulnerability affects unknown code of the file editproduct.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228970 is the identifier assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2689 |
CVE-2023-2690 | A vulnerability, which was classified as critical, has been found in SourceCodester Personnel Property Equipment System 1.0. This issue affects some unknown processing of the file admin/returned_reuse_form.php of the component GET Parameter Handler. The manipulation of the argument client_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228971. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2690 |
CVE-2023-2691 | A vulnerability, which was classified as problematic, was found in SourceCodester Personnel Property Equipment System 1.0. Affected is an unknown function of the file admin/add_item.php of the component POST Parameter Handler. The manipulation of the argument item_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228972. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2691 |
CVE-2023-2692 | A vulnerability has been found in SourceCodester ICT Laboratory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/room_info.php of the component GET Parameter Handler. The manipulation of the argument name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228973 was assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2692 |
CVE-2023-2693 | A vulnerability was found in SourceCodester Online Exam System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /mahasiswa/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228974 is the identifier assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2693 |
CVE-2023-2694 | A vulnerability was found in SourceCodester Online Exam System 1.0. It has been classified as critical. This affects an unknown part of the file /dosen/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228975. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2694 |
CVE-2023-2695 | A vulnerability was found in SourceCodester Online Exam System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /kelas/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228976. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2695 |
CVE-2023-2696 | A vulnerability was found in SourceCodester Online Exam System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /matkul/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228977 was assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2696 |
CVE-2023-2697 | A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /jurusan/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-228978 is the identifier assigned to this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2697 |
CVE-2023-2698 | A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=items/manage_item of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228979. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2698 |
CVE-2023-2699 | A vulnerability, which was classified as critical, has been found in SourceCodester Lost and Found Information System 1.0. Affected by this issue is some unknown functionality of the file admin/?page=items/view_item of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228980. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2699 |
CVE-2023-32758 | giturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep through 1.21.0, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package's author placed a ReDoS attack payload in a URL used by the package. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32758 |
CVE-2023-32784 | In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32784 |
CVE-2023-22318 | Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22318 |
CVE-2023-22684 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin <= 1.5.3 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22684 |
CVE-2023-22690 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.775 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22690 |
CVE-2023-22703 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin WCP Contact Form plugin <= 3.1.0 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22703 |
CVE-2023-23445 | \nImproper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers\n1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote\nattacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the\nREST interface.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23445 |
CVE-2023-23446 | \nImproper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers\n1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface.\n\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23446 |
CVE-2023-23447 | \nUncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged\nremote attacker to influence the availability of the webserver by invocing several open file requests via\nthe REST interface.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23447 |
CVE-2023-23448 | \nInclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a\nremote attacker to gain information about valid usernames via analysis of source code.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23448 |
CVE-2023-23449 | \nObservable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker\nto gain information about valid usernames by analyzing challenge responses from the server via the\nREST interface.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23449 |
CVE-2023-23450 | \nUse of Password Hash Instead of Password for Authentication in SICK FTMg AIR\nFLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526\nallows an unprivileged remote attacker to use a password hash instead of an actual password to login\nto a valid user account via the REST interface.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23450 |
CVE-2023-31408 | \nCleartext Storage of Sensitive Information in SICK FTMg AIR FLOW SENSOR with\nPartnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote\nattacker to potentially steal user credentials that are stored in the user’s browsers local storage via\ncross-site-scripting attacks.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31408 |
CVE-2023-31409 | \nUncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an remote attacker to influence the availability of the webserver by invocing a Slowloris style attack via HTTP requests.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31409 |
CVE-2023-22706 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.48 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22706 |
CVE-2023-22717 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in nCrafts FormCraft plugin <= 1.2.6 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-22717 |
CVE-2023-23654 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SparkPost plugin <= 3.2.5 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23654 |
CVE-2023-23674 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in RVOLA WP Original Media Path plugin <= 2.4.0 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23674 |
CVE-2023-23683 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ozan Canakli White Label Branding for Elementor Page Builder plugin <= 1.0.2 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23683 |
CVE-2023-23688 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23688 |
CVE-2023-31986 | A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31986 |
CVE-2022-4774 | The Bit Form WordPress plugin before 1.9 does not validate the file types uploaded via it's file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server, leading to Remote Code Execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-4774 |
CVE-2023-0233 | The ActiveCampaign WordPress plugin before 8.1.12 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0233 |
CVE-2023-0490 | The f(x) TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0490 |
CVE-2023-0520 | The RapidExpCart WordPress plugin through 1.0 does not sanitize and escape the url parameter in the rapidexpcart endpoint before storing it and outputting it back in the page, leading to a Stored Cross-Site Scripting vulnerability which could be used against high-privilege users such as admin, furthermore lack of csrf protection means an attacker can trick a logged in admin to perform the attack by submitting a hidden form. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0520 |
CVE-2023-0600 | The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0600 |
CVE-2023-0644 | The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0644 |
CVE-2023-0761 | The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0761 |
CVE-2023-0762 | The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0762 |
CVE-2023-0763 | The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0763 |
CVE-2023-0812 | The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.1 does not have proper authorization or nonce values for some POST requests, leading to unauthenticated data disclosure. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0812 |
CVE-2023-0892 | The BizLibrary WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-0892 |
CVE-2023-1019 | The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1019 |
CVE-2023-1207 | This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1207 |
CVE-2023-1549 | The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1549 |
CVE-2023-1596 | The tagDiv Composer WordPress plugin before 4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1596 |
CVE-2023-1835 | The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1835 |
CVE-2023-1839 | The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.6 does not sanitize and escape some of its setting fields, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1839 |
CVE-2023-1890 | The Tablesome WordPress plugin before 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1890 |
CVE-2023-1915 | The Thumbnail carousel slider WordPress plugin before 1.1.10 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting vulnerability which could be used against high privilege users such as admin. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1915 |
CVE-2023-23682 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap Creek Software EZP Maintenance Mode plugin <= 1.0.1 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23682 |
CVE-2023-29862 | An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29862 |
CVE-2023-2009 | Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2009 |
CVE-2023-2179 | The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making them paid without actually paying for them for example | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2179 |
CVE-2023-2180 | The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization (assuming they can upload a file on the server) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2180 |
CVE-2023-31842 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=edit_faculty&id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31842 |
CVE-2023-31843 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31843 |
CVE-2023-31844 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_subject.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31844 |
CVE-2023-31845 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_class.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31845 |
CVE-2023-29861 | An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary code via a crafted request to the management page of the device. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29861 |
CVE-2023-31607 | An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31607 |
CVE-2023-31608 | An issue in the artm_div_int component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31608 |
CVE-2023-31609 | An issue in the dfe_unit_col_loci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31609 |
CVE-2023-31610 | An issue in the _IO_default_xsputn component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31610 |
CVE-2023-31611 | An issue in the __libc_longjmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31611 |
CVE-2023-31612 | An issue in the dfe_qexp_list component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31612 |
CVE-2023-31613 | An issue in the __nss_database_lookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31613 |
CVE-2023-31614 | An issue in the mp_box_deserialize_string function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31614 |
CVE-2023-31615 | An issue in the chash_array component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31615 |
CVE-2023-31616 | An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31616 |
CVE-2023-31617 | An issue in the dk_set_delete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31617 |
CVE-2023-31618 | An issue in the sqlc_union_dt_wrap component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31618 |
CVE-2023-31619 | An issue in the sch_name_to_object component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31619 |
CVE-2023-31620 | An issue in the dv_compare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31620 |
CVE-2023-31621 | An issue in the kc_var_col component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31621 |
CVE-2023-31622 | An issue in the sqlc_make_policy_trig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31622 |
CVE-2023-31623 | An issue in the mp_box_copy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31623 |
CVE-2023-31624 | An issue in the sinv_check_exp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31624 |
CVE-2023-31625 | An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31625 |
CVE-2023-31626 | An issue in the gpf_notice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31626 |
CVE-2023-31627 | An issue in the strhash component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31627 |
CVE-2023-31628 | An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31628 |
CVE-2023-31629 | An issue in the sqlo_union_scope component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31629 |
CVE-2023-31630 | An issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31630 |
CVE-2023-31631 | An issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31631 |
CVE-2023-32787 | The OPC UA Legacy Java Stack before 6f176f2 enables an attacker to block OPC UA server applications via uncontrolled resource consumption so that they can no longer serve client applications. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32787 |
CVE-2023-30245 | SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the crit_id parameter of the edit_criteria.php file. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30245 |
CVE-2023-32313 | vm2 is a sandbox that can run untrusted code with Node's built-in modules. In versions 3.9.17 and lower of vm2 it was possible to get a read-write reference to the node `inspect` method and edit options for `console.log`. As a result a threat actor can edit options for the `console.log` command. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. Users unable to upgrade may make the `inspect` method readonly with `vm.readonly(inspect)` after creating a vm. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32313 |
CVE-2023-32314 | vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32314 |
CVE-2023-31145 | Collabora Online is a collaborative online office suite based on LibreOffice technology. This vulnerability report describes a reflected XSS vulnerability with full CSP bypass in Nextcloud installations using the recommended bundle. The vulnerability can be exploited to perform a trivial account takeover attack. The vulnerability allows attackers to inject malicious code into web pages, which can be executed in the context of the victim's browser session. This means that an attacker can steal sensitive data, such as login credentials or personal information, or perform unauthorized actions on behalf of the victim, such as modifying or deleting data. In this specific case, the vulnerability allows for a trivial account takeover attack. An attacker can exploit the vulnerability to inject code into the victim's browser session, allowing the attacker to take over the victim's account without their knowledge or consent. This can lead to unauthorized access to sensitive information and data, as well as the ability to perform actions on behalf of the victim. Furthermore, the fact that the vulnerability bypasses the Content Security Policy (CSP) makes it more dangerous, as CSP is an important security mechanism used to prevent cross-site scripting attacks. By bypassing CSP, attackers can circumvent the security measures put in place by the web application and execute their malicious code. This issue has been patched in versions 22.05.13, 21.11.9, and 6.4.27. Users are advised to upgrade. There are no known workarounds for this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31145 |
CVE-2023-32068 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions prior to 14.10.4 it's possible to exploit well known parameters in XWiki URLs to perform redirection to untrusted site. This vulnerability was partially fixed in the past for XWiki 12.10.7 and 13.3RC1 but there is still the possibility to force specific URLs to skip some checks, e.g. using URLs like `http:example.com` in the parameter would allow the redirect. The issue has now been patched against all patterns that are known for performing redirects. This issue has been patched in XWiki 14.10.4 and 15.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32068 |
CVE-2023-32308 | anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for errors before adjusting invoice sorting order. Because of this, it was possible to craft a POST request with malicious SQL for Time Tracker database. This issue has been fixed in version 1.22.11.5781. Users are advised to upgrade. Users unable to upgrade may insert an additional check for errors in a condition before calling `ttGroupHelper::getActiveInvoices()` in invoices.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32308 |
CVE-2023-32309 | PyMdown Extensions is a set of extensions for the `Python-Markdown` markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax `--8<--"/etc/passwd"` or `--8<--"/proc/self/environ"` the content of these files will be rendered in the generated documentation. Additionally, a path relative to a specified, allowed base path can also be used to render the content of a file outside the specified base paths: `--8<-- "../../../../etc/passwd"`. Within the Snippets extension, there exists a `base_path` option but the implementation is vulnerable to Directory Traversal. The vulnerable section exists in `get_snippet_path(self, path)` lines 155 to 174 in snippets.py. Any readable file on the host where the plugin is executing may have its content exposed. This can impact any use of Snippets that exposes the use of Snippets to external users. It is never recommended to use Snippets to process user-facing, dynamic content. It is designed to process known content on the backend under the control of the host, but if someone were to accidentally enable it for user-facing content, undesired information could be exposed. This issue has been addressed in version 10.0. Users are advised to upgrade. Users unable to upgrade may restrict relative paths by filtering input. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32309 |
CVE-2021-0877 | Product: AndroidVersions: Android SoCAndroid ID: A-273754094 | – | https://nvd.nist.gov/vuln/detail/CVE-2021-0877 |
CVE-2023-1729 | A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-1729 |
CVE-2023-20673 | In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20673 |
CVE-2023-20694 | In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20694 |
CVE-2023-20695 | In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20695 |
CVE-2023-20696 | In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20696 |
CVE-2023-20697 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20697 |
CVE-2023-20698 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20698 |
CVE-2023-20699 | In adsp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07696073; Issue ID: ALPS07696073. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20699 |
CVE-2023-20700 | In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20700 |
CVE-2023-20701 | In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643270; Issue ID: ALPS07643270. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20701 |
CVE-2023-20703 | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767853; Issue ID: ALPS07767853. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20703 |
CVE-2023-20704 | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767826; Issue ID: ALPS07767826. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20704 |
CVE-2023-20705 | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767870; Issue ID: ALPS07767870. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20705 |
CVE-2023-20706 | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20706 |
CVE-2023-20707 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628556; Issue ID: ALPS07628556. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20707 |
CVE-2023-20708 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20708 |
CVE-2023-20709 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20709 |
CVE-2023-20710 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20710 |
CVE-2023-20711 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20711 |
CVE-2023-20717 | In vcu, there is a possible leak of dma buffer due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645185; Issue ID: ALPS07645185. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20717 |
CVE-2023-20718 | In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645181; Issue ID: ALPS07645181. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20718 |
CVE-2023-20719 | In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20719 |
CVE-2023-20720 | In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629586; Issue ID: ALPS07629586. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20720 |
CVE-2023-20721 | In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07162155; Issue ID: ALPS07162155. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20721 |
CVE-2023-20722 | In m4u, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07771518; Issue ID: ALPS07680084. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20722 |
CVE-2023-20726 | In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20726 |
CVE-2023-20914 | In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-189942529 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20914 |
CVE-2023-20930 | In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-250576066 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-20930 |
CVE-2023-21102 | In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21102 |
CVE-2023-21103 | In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21103 |
CVE-2023-21104 | In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-259938771 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21104 |
CVE-2023-21106 | In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-265016072References: Upstream kernel | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21106 |
CVE-2023-21107 | In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259385017 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21107 |
CVE-2023-21109 | In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21109 |
CVE-2023-21110 | In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258422365 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21110 |
CVE-2023-21111 | In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21111 |
CVE-2023-21112 | In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252763983 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21112 |
CVE-2023-21116 | In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256202273 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21116 |
CVE-2023-21117 | In registerReceiverWithFeature of ActivityManagerService.java, there is a possible way for isolated processes to register a broadcast receiver due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263358101 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21117 |
CVE-2023-21118 | In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004 | – | https://nvd.nist.gov/vuln/detail/CVE-2023-21118 |
CVE-2023-2124 | An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2124 |
CVE-2023-2700 | A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2700 |
CVE-2023-31131 | Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this vulnerability to overwrite data or system files potentially leading to crash or malfunction of the system. Any files which are accessible to the running process are at risk. All users are requested to upgrade to Greenplum Database version 6.23.2 or higher. There are no known workarounds for this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31131 |
CVE-2023-29961 | D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup, | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29961 |
CVE-2023-2708 | The Video Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘search_term’ parameter in versions up to, and including, 1.0.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2708 |
CVE-2023-2710 | The video carousel slider with lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2710 |
CVE-2023-2161 | \nA CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that\ncould cause unauthorized read access to the file system when a malicious configuration file is\nloaded on to the software by a local user. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2161 |
CVE-2023-32955 | Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32955 |
CVE-2023-32956 | Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32956 |
CVE-2023-23673 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Harish Chouhan, Themeist I Recommend This plugin <= 3.8.3 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23673 |
CVE-2023-23676 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bruno "Aesqe" Babic File Gallery plugin <= 1.8.5.3 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23676 |
CVE-2023-23727 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Formilla Live Chat by Formilla plugin <= 1.3 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23727 |
CVE-2023-2499 | The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. This is due to insufficient verification on the user being supplied during a Google social login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2499 |
CVE-2023-2548 | The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers, with administrator-level permissions and above, to change user passwords and potentially take over super-administrator accounts in multisite setup. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2548 |
CVE-2023-23641 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPmanage Uji Popup plugin <= 1.4.3 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23641 |
CVE-2023-23657 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Richard Leishman t/a Webforward Mail Subscribe List plugin <= 2.1.9 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23657 |
CVE-2023-23703 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Arconix Shortcodes plugin <= 2.1.7 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23703 |
CVE-2023-23709 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Denis WPJAM Basic plugin <= 6.2.1 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23709 |
CVE-2023-23720 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin <= 2.3.13 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-23720 |
CVE-2023-2730 | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2730 |
CVE-2023-31572 | An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31572 |
CVE-2023-31576 | An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31576 |
CVE-2023-29439 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.35 versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29439 |
CVE-2023-2738 | A vulnerability classified as critical has been found in Tongda OA 11.10. This affects the function actionGetdata of the file GatewayController.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229149 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2738 |
CVE-2023-31519 | Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the email parameter at login_core.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31519 |
CVE-2023-31587 | Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31587 |
CVE-2023-31856 | A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594_B20200910 allows attackers to execute arbitrary commands via a crafted http packet. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31856 |
CVE-2023-31857 | Sourcecodester Online Computer and Laptop Store 1.0 allows unrestricted file upload and can lead to remote code execution. The vulnerability path is /classes/Users.php?f=save. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31857 |
CVE-2023-28076 | \nCloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure.\n\n | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28076 |
CVE-2023-2739 | A vulnerability classified as problematic was found in Gira HomeServer up to 4.12.0.220829 beta. This vulnerability affects unknown code of the file /hslist. The manipulation of the argument lst with the input debug%27"><img%20src=x%20onerror=alert(document.cookie)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229150 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2739 |
CVE-2023-31890 | An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31890 |
CVE-2023-32977 | Jenkins Pipeline: Job Plugin does not escape the display name of the build that caused an earlier build to be aborted, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set build display names immediately. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32977 |
CVE-2023-32978 | A cross-site request forgery (CSRF) vulnerability in Jenkins LDAP Plugin allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32978 |
CVE-2023-32979 | Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32979 |
CVE-2023-32980 | A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32980 |
CVE-2023-32981 | An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32981 |
CVE-2023-32982 | Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32982 |
CVE-2023-32983 | Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier does not mask extra variables displayed on the configuration form, increasing the potential for attackers to observe and capture them. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32983 |
CVE-2023-32984 | Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a crafted TestNG report file. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32984 |
CVE-2023-32985 | Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32985 |
CVE-2023-32986 | Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32986 |
CVE-2023-32987 | A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32987 |
CVE-2023-32988 | A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32988 |
CVE-2023-32989 | A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32989 |
CVE-2023-2740 | A vulnerability, which was classified as problematic, has been found in SourceCodester Guest Management System 1.0. Affected by this issue is some unknown functionality of the file dateTest.php of the component GET Parameter Handler. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229160. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2740 |
CVE-2023-32990 | A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32990 |
CVE-2023-32991 | A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32991 |
CVE-2023-32992 | Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32992 |
CVE-2023-32993 | Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32993 |
CVE-2023-32994 | Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32994 |
CVE-2023-32995 | A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32995 |
CVE-2023-32996 | A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32996 |
CVE-2023-32997 | Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32997 |
CVE-2023-32998 | A cross-site request forgery (CSRF) vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32998 |
CVE-2023-32999 | A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-32999 |
CVE-2023-33000 | Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier does not mask credentials displayed on the configuration form, increasing the potential for attackers to observe and capture them. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-33000 |
CVE-2023-33001 | Jenkins HashiCorp Vault Plugin 360.v0a_1c04cf807d and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-33001 |
CVE-2023-33002 | Jenkins TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-33002 |
CVE-2023-33003 | A cross-site request forgery (CSRF) vulnerability in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers to reset profiler statistics. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-33003 |
CVE-2023-33004 | A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-33004 |
CVE-2023-33005 | Jenkins WSO2 Oauth Plugin 1.0 and earlier does not invalidate the previous session on login. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-33005 |
CVE-2023-33006 | A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker's account. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-33006 |
CVE-2023-33007 | Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-33007 |
CVE-2023-2196 | A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2196 |
CVE-2023-2632 | Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2632 |
CVE-2023-2633 | Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2633 |
CVE-2023-2195 | A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2195 |
CVE-2023-2631 | A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2631 |
CVE-2023-2721 | Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2721 |
CVE-2023-2722 | Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2722 |
CVE-2023-2723 | Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2723 |
CVE-2023-2724 | Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2724 |
CVE-2023-2725 | Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2725 |
CVE-2023-2726 | Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-2726 |
CVE-2023-30501 | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30501 |
CVE-2023-30502 | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30502 |
CVE-2023-30503 | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30503 |
CVE-2023-30504 | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30504 |
CVE-2023-30505 | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30505 |
CVE-2023-30506 | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30506 |
CVE-2023-30507 | Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30507 |
CVE-2023-30508 | Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30508 |
CVE-2023-30509 | Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30509 |
CVE-2023-30510 | A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30510 |
CVE-2021-27131 | Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-27131 |
CVE-2023-27742 | IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27742 |
CVE-2023-29927 | Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the "Windows Peer-to-Peer Network" or "Client Server Network" Sage 300 configurations, could recover the SQL connection strings being used by Sage 300 and interact directly with the underlying database(s) to create, update, and delete all company records, bypassing the program’s role-based access controls. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29927 |
CVE-2023-30189 | Prestashop posstaticblocks <= 1.0.0 is vulnerable to SQL Injection via posstaticblocks::getPosCurrentHook(). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30189 |
CVE-2023-30281 | Insecure permissions in the ps_customer table of Prestashop scquickaccounting before v3.7.3 allows attackers to access sensitive information stored in the component. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30281 |
CVE-2023-31544 | A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31544 |
CVE-2023-31677 | Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31677 |
CVE-2023-31678 | Incorrect access control in Videogo v6.8.1 allows attackers to bind shared devices after the connection has been ended. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31678 |
CVE-2023-31679 | Incorrect access control in Videogo v6.8.1 allows attackers to access images from other devices via modification of the Device Id parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31679 |