Security Bulletin 15 Nov 2023

Published on 15 Nov 2023

SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.

The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:


Criticalvulnerabilities with a base score of 9.0 to 10.0
Highvulnerabilities with a base score of 7.0 to 8.9
Mediumvulnerabilities with a base score of 4.0 to 6.9
Lowvulnerabilities with a base score of 0.1 to 3.9
Nonevulnerabilities with a base score of 0.0

For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.

CRITICAL VULNERABILITIES
CVE NumberDescriptionBase ScoreReference
CVE-2023-31273Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.10https://nvd.nist.gov/vuln/detail/CVE-2023-31273
CVE-2023-4804An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed.10https://nvd.nist.gov/vuln/detail/CVE-2023-4804
CVE-2021-43609An issue was discovered in Spiceworks Help Desk Server before 1.3.3. A Blind Boolean SQL injection vulnerability within the order_by_for_ticket function in app/models/reporting/database_query.rb allows an authenticated attacker to execute arbitrary SQL commands via the sort parameter. This can be leveraged to leak local files from the host system, leading to remote code execution (RCE) through deserialization of malicious data.9.9https://nvd.nist.gov/vuln/detail/CVE-2021-43609
CVE-2023-45616There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45616
CVE-2023-45615There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45615
CVE-2023-45614There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45614
CVE-2023-36553A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 and 5.0.0 through 5.0.1 and 4.10.0 and 4.9.0 and 4.7.2 allows attacker to execute unauthorized code or commands via crafted API requests.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-36553
CVE-2023-36397Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability9.8https://nvd.nist.gov/vuln/detail/CVE-2023-36397
CVE-2023-36028Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability9.8https://nvd.nist.gov/vuln/detail/CVE-2023-36028
CVE-2023-34991A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.0 through 8.4.2 and 8.3.0 through 8.3.2 and 8.2.2 allows attacker to execute unauthorized code or commands via a crafted http request.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-34991
CVE-2023-47246In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-47246
CVE-2023-43791Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM Leak vulnerability to impersonate any account on Label Studio. An attacker could exploit these vulnerabilities to escalate their privileges from a low privilege user to a Django Super Administrator user. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-43791
CVE-2023-45225Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,\n CB6231, B8520, B8220, and CD321 \n\nIP Cameras  with firmware version M2.1.6.05 are \nvulnerable to multiple instances of stack-based overflows. While parsing\n certain XML elements from incoming network requests, the product does \nnot sufficiently check or validate allocated buffer size. This may lead \nto remote code execution.\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45225
CVE-2023-43755Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,\n CB6231, B8520, B8220, and CD321 \n\nIP Cameras \n\nwith firmware version M2.1.6.05 are \nvulnerable to multiple instances of stack-based overflows. During the \nprocessing and parsing of certain fields in XML elements from incoming \nnetwork requests, the product does not sufficiently check or validate \nallocated buffer size. This may lead to remote code execution.\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-43755
CVE-2023-3959Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,\n CB6231, B8520, B8220, and CD321 \n\nIP Cameras\n\nwith firmware version M2.1.6.05 are \nvulnerable to multiple instances of stack-based overflows. While \nprocessing XML elements from incoming network requests, the product does\n not sufficiently check or validate allocated buffer size. This may lead\n to remote code execution.\n\n9.8https://nvd.nist.gov/vuln/detail/CVE-2023-3959
CVE-2023-46601A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to.9.6https://nvd.nist.gov/vuln/detail/CVE-2023-46601
CVE-2023-43505A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to.9.6https://nvd.nist.gov/vuln/detail/CVE-2023-43505
CVE-2023-43504A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition.9.6https://nvd.nist.gov/vuln/detail/CVE-2023-43504
CVE-2023-31403SAP Business One installation - version 10.0, does not perform proper authentication and authorization checks for SMB shared folder. As a result, any malicious user can read and write to the SMB shared folder. Additionally, the files in the folder can be executed or be used by the installation process leading to considerable impact on confidentiality, integrity and availability.\n\n9.6https://nvd.nist.gov/vuln/detail/CVE-2023-31403
CVE-2023-6097A SQL injection vulnerability has been found in ICS Business Manager, affecting version 7.06.0028.7089. This vulnerability could allow a remote user to send a specially crafted SQL query and retrieve all the information stored in the database. The data could also be modified or deleted, causing the application to malfunction.9.4https://nvd.nist.gov/vuln/detail/CVE-2023-6097
CVE-2023-46729sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. The problem has been fixed in version 7.77.0.9.3https://nvd.nist.gov/vuln/detail/CVE-2023-46729
CVE-2023-44373A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323.9.1https://nvd.nist.gov/vuln/detail/CVE-2023-44373
CVE-2023-47128Piccolo is an object-relational mapping and query builder which supports asyncio. Prior to version 1.1.1, the handling of named transaction `savepoints` in all database implementations is vulnerable to SQL Injection via f-strings. While the likelihood of an end developer exposing a `savepoints` `name` parameter to a user is highly unlikely, it would not be unheard of. If a malicious user was able to abuse this functionality they would have essentially direct access to the database and the ability to modify data to the level of permissions associated with the database user. A non exhaustive list of actions possible based on database permissions is: Read all data stored in the database, including usernames and password hashes; insert arbitrary data into the database, including modifying existing records; and gain a shell on the underlying server. Version 1.1.1 fixes this issue.9.1https://nvd.nist.gov/vuln/detail/CVE-2023-47128
CVE-2023-47110blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4.9.1https://nvd.nist.gov/vuln/detail/CVE-2023-47110
CVE-2023-31247A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.9https://nvd.nist.gov/vuln/detail/CVE-2023-31247
CVE-2023-28391A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.9https://nvd.nist.gov/vuln/detail/CVE-2023-28391
CVE-2023-28379A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.9https://nvd.nist.gov/vuln/detail/CVE-2023-28379
CVE-2023-27882A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.9https://nvd.nist.gov/vuln/detail/CVE-2023-27882
CVE-2023-25181A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.9https://nvd.nist.gov/vuln/detail/CVE-2023-25181

OTHER VULNERABILITIES
CVE NumberDescriptionBase ScoreReference
CVE-2023-48217Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Malicious users could leverage this vulnerability to upload and execute code. This issue has been patched in versions 3.4.14 and 4.34.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-48217
CVE-2023-36437Azure DevOps Server Remote Code Execution Vulnerability8.8https://nvd.nist.gov/vuln/detail/CVE-2023-36437
CVE-2023-32204Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-32204
CVE-2023-28737Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable escalation of privilege via local access.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-28737
CVE-2023-23583Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-23583
CVE-2023-38151Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability8.8https://nvd.nist.gov/vuln/detail/CVE-2023-38151
CVE-2023-36560ASP.NET Security Feature Bypass Vulnerability8.8https://nvd.nist.gov/vuln/detail/CVE-2023-36560
CVE-2023-36402Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability8.8https://nvd.nist.gov/vuln/detail/CVE-2023-36402
CVE-2023-36400Windows HMAC Key Derivation Elevation of Privilege Vulnerability8.8https://nvd.nist.gov/vuln/detail/CVE-2023-36400
CVE-2023-36025Windows SmartScreen Security Feature Bypass Vulnerability8.8https://nvd.nist.gov/vuln/detail/CVE-2023-36025
CVE-2023-36017Windows Scripting Engine Memory Corruption Vulnerability8.8https://nvd.nist.gov/vuln/detail/CVE-2023-36017
CVE-2023-47621Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fixed in v3.1.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-47621
CVE-2023-35041Cross-Site Request Forgery (CSRF) vulnerability leading to Local File Inclusion (LF) in Webpushr Web Push Notifications Web Push Notifications – Webpushr plugin <= 4.34.0 versions.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-35041
CVE-2023-26516Cross-Site Request Forgery (CSRF) vulnerability in WPIndeed Debug Assistant plugin <= 1.4 versions.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-26516
CVE-2023-39295An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network.\n\nWe have already fixed the vulnerability in the following version:\nQuMagie 2.1.3 and later\n8.8https://nvd.nist.gov/vuln/detail/CVE-2023-39295
CVE-2023-4249Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,\n CB6231, B8520, B8220, and CD321 \n\nIP Cameras \n\nwith firmware version M2.1.6.05 has a \ncommand injection vulnerability in their implementation of their \nbinaries and handling of network requests.\n\n8.8https://nvd.nist.gov/vuln/detail/CVE-2023-4249
CVE-2023-39435Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,\n CB6231, B8520, B8220, and CD321 IP Cameras \n\nwith firmware version M2.1.6.05 are \nvulnerable to stack-based overflows. During the process of updating \ncertain settings sent from incoming network requests, the product does \nnot sufficiently check or validate allocated buffer size. This may lead \nto remote code execution.\n\n8.8https://nvd.nist.gov/vuln/detail/CVE-2023-39435
CVE-2023-47107PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within PILOS uses the hostname supplied within the request host header when building a password reset URL. It may be possible to manipulate the URL sent to PILOS users when so that it points to the attackers server thereby disclosing the password reset token if/when the link is followed. This only affects local user accounts and requires the password reset option to be enabled. This issue has been patched in version 2.3.0.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-47107
CVE-2023-26222The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.22 and below, versions 6.0.13 and below and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 5.0.0 and below.\n\n8.7https://nvd.nist.gov/vuln/detail/CVE-2023-26222
CVE-2023-36052Azure CLI REST Command Information Disclosure Vulnerability8.6https://nvd.nist.gov/vuln/detail/CVE-2023-36052
CVE-2023-45849An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2. Reported by Jason Geffner.\n8.5https://nvd.nist.gov/vuln/detail/CVE-2023-45849
CVE-2023-29157Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.8.4https://nvd.nist.gov/vuln/detail/CVE-2023-29157
CVE-2023-36719Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability8.4https://nvd.nist.gov/vuln/detail/CVE-2023-36719
CVE-2023-47129Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just _any_ arbitrary form. This does not affect the control panel. This issue has been patched in 3.4.13 and 4.33.0.\n8.3https://nvd.nist.gov/vuln/detail/CVE-2023-47129
CVE-2023-6012An improper input validation vulnerability has been found in Lanaccess ONSAFE MonitorHM affecting version 3.7.0. This vulnerability could lead a remote attacker to exploit the checkbox element and perform remote code execution, compromising the entire infrastructure.8.3https://nvd.nist.gov/vuln/detail/CVE-2023-6012
CVE-2023-45619There is an arbitrary file deletion vulnerability in the RSSI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.\n\n8.2https://nvd.nist.gov/vuln/detail/CVE-2023-45619
CVE-2023-45618There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.\n\n8.2https://nvd.nist.gov/vuln/detail/CVE-2023-45618
CVE-2023-45617There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.\n\n8.2https://nvd.nist.gov/vuln/detail/CVE-2023-45617
CVE-2023-36038ASP.NET Core Denial of Service Vulnerability8.2https://nvd.nist.gov/vuln/detail/CVE-2023-36038
CVE-2023-34431Improper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access8.2https://nvd.nist.gov/vuln/detail/CVE-2023-34431
CVE-2022-36396Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmiEdit-Linux-5.27.06.0017 may allow a privileged user to potentially enable escalation of privilege via local access.8.2https://nvd.nist.gov/vuln/detail/CVE-2022-36396
CVE-2022-33945Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.8.2https://nvd.nist.gov/vuln/detail/CVE-2022-33945
CVE-2023-5913Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n8.2https://nvd.nist.gov/vuln/detail/CVE-2023-5913
CVE-2023-47130Yii is an open source PHP web framework. yiisoft/yii before version 1.1.29 are vulnerable to Remote Code Execution (RCE) if the application calls `unserialize()` on arbitrary user input. An attacker may leverage this vulnerability to compromise the host system. A fix has been developed for the 1.1.29 release. Users are advised to upgrade. There are no known workarounds for this vulnerability.8.1https://nvd.nist.gov/vuln/detail/CVE-2023-47130
CVE-2023-26205An improper access control vulnerability [CWE-284] in FortiADC automation feature 7.1.0 through 7.1.2, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script.8.1https://nvd.nist.gov/vuln/detail/CVE-2023-26205
CVE-2023-4949An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.\n8.1https://nvd.nist.gov/vuln/detail/CVE-2023-4949
CVE-2023-4379An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated.8.1https://nvd.nist.gov/vuln/detail/CVE-2023-4379
CVE-2023-47610A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message.8.1https://nvd.nist.gov/vuln/detail/CVE-2023-47610
CVE-2023-36439Microsoft Exchange Server Remote Code Execution Vulnerability8https://nvd.nist.gov/vuln/detail/CVE-2023-36439
CVE-2023-36425Windows Distributed File System (DFS) Remote Code Execution Vulnerability8https://nvd.nist.gov/vuln/detail/CVE-2023-36425
CVE-2023-36050Microsoft Exchange Server Spoofing Vulnerability8https://nvd.nist.gov/vuln/detail/CVE-2023-36050
CVE-2023-36039Microsoft Exchange Server Spoofing Vulnerability8https://nvd.nist.gov/vuln/detail/CVE-2023-36039
CVE-2023-36035Microsoft Exchange Server Spoofing Vulnerability8https://nvd.nist.gov/vuln/detail/CVE-2023-36035
CVE-2023-36021Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability8https://nvd.nist.gov/vuln/detail/CVE-2023-36021
CVE-2023-46098A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). When accessing the Information Server from affected products, the products use an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior.8https://nvd.nist.gov/vuln/detail/CVE-2023-46098
CVE-2023-41137Symmetric encryption used to protect messages between the AppsAnywhere server and client can be broken by reverse engineering the client and used to impersonate the AppsAnywhere server.8https://nvd.nist.gov/vuln/detail/CVE-2023-41137
CVE-2023-40055The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-332278https://nvd.nist.gov/vuln/detail/CVE-2023-40055
CVE-2023-40054The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-332268https://nvd.nist.gov/vuln/detail/CVE-2023-40054
CVE-2023-28741Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.7.9https://nvd.nist.gov/vuln/detail/CVE-2023-28741
CVE-2022-29262Improper buffer restrictions in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.7.9https://nvd.nist.gov/vuln/detail/CVE-2022-29262
CVE-2023-28397Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local access.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-28397
CVE-2023-41840A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-41840
CVE-2023-36705Windows Installer Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36705
CVE-2023-36424Windows Common Log File System Driver Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36424
CVE-2023-36422Microsoft Windows Defender Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36422
CVE-2023-36408Windows Hyper-V Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36408
CVE-2023-36407Windows Hyper-V Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36407
CVE-2023-36396Windows Compressed Folder Remote Code Execution Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36396
CVE-2023-36393Windows User Interface Application Core Remote Code Execution Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36393
CVE-2023-36047Windows Authentication Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36047
CVE-2023-36045Microsoft Office Graphics Remote Code Execution Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36045
CVE-2023-36041Microsoft Excel Remote Code Execution Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36041
CVE-2023-36037Microsoft Excel Security Feature Bypass Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36037
CVE-2023-36036Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36036
CVE-2023-36033Windows DWM Core Library Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36033
CVE-2023-36018Visual Studio Code Jupyter Extension Spoofing Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2023-36018
CVE-2023-6111A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times.\n\nWe recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630.\n\n7.8https://nvd.nist.gov/vuln/detail/CVE-2023-6111
CVE-2023-47611A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to elevate privileges to "manufacturer" level on the targeted system.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-47611
CVE-2023-4632An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-4632
CVE-2023-24585An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.7.7https://nvd.nist.gov/vuln/detail/CVE-2023-24585
CVE-2023-36049.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability7.6https://nvd.nist.gov/vuln/detail/CVE-2023-36049
CVE-2023-36007Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability7.6https://nvd.nist.gov/vuln/detail/CVE-2023-36007
CVE-2023-36410Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability7.6https://nvd.nist.gov/vuln/detail/CVE-2023-36410
CVE-2023-36031Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability7.6https://nvd.nist.gov/vuln/detail/CVE-2023-36031
CVE-2023-45624An unauthenticated Denial-of-Service (DoS) vulnerability exists in the soft ap daemon accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-45624
CVE-2023-45623Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-45623
CVE-2023-45622Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-45622
CVE-2023-45621Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-45621
CVE-2023-45620Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-45620
CVE-2023-39537AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-39537
CVE-2023-39536AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-39536
CVE-2023-39535AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-39535
CVE-2023-32279Improper access control in user mode driver for some Intel(R) Connectivity Performance Suite before version 2.1123.214.2 may allow unauthenticated user to potentially enable information disclosure via network access.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-32279
CVE-2023-22337Improper input validation for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-22337
CVE-2023-22285Improper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-22285
CVE-2022-36374Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privileged user to potentially enable escalation of privilege via local access.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-36374
CVE-2022-29510Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may allow a privileged user to potentially enable escalation of privilege via local access.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-29510
CVE-2022-24379Improper input validation in some Intel(R) Server System M70KLP Family BIOS firmware before version 01.04.0029 may allow a privileged user to potentially enable escalation of privilege via local access.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-24379
CVE-2023-42783A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-42783
CVE-2023-36395Windows Deployment Services Denial of Service Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-36395
CVE-2023-36392DHCP Server Service Denial of Service Vulnerability7.5https://nvd.nist.gov/vuln/detail/CVE-2023-36392
CVE-2023-46590A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2.8). Affected products suffer from a XML external entity (XXE) injection vulnerability. This vulnerability could allow an attacker to interfere with an application's processing of XML data and read arbitrary files in the system.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-46590
CVE-2023-47117Label Studio is an open source data labeling tool. In all current versions of Label Studio prior to 1.9.2post0, the application allows users to insecurely set filters for filtering tasks. An attacker can construct a filter chain to filter tasks based on sensitive fields for all user accounts on the platform by exploiting Django's Object Relational Mapper (ORM). Since the results of query can be manipulated by the ORM filter, an attacker can leak these sensitive fields character by character. In addition, Label Studio had a hard coded secret key that an attacker can use to forge a session token of any user by exploiting this ORM Leak vulnerability to leak account password hashes. This vulnerability has been addressed in commit `f931d9d129` which is included in the 1.9.2post0 release. Users are advised to upgrade. There are no known workarounds for this vulnerability.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-47117
CVE-2023-47108OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-47108
CVE-2023-47120Discourse is an open source platform for community discussion. In versions 3.1.0 through 3.1.2 of the `stable` branch and versions 3.1.0,beta6 through 3.2.0.beta2 of the `beta` and `tests-passed` branches, Redis memory can be depleted by crafting a site with an abnormally long favicon URL and drafting multiple posts which Onebox it. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-47120
CVE-2023-39198A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-39198
CVE-2023-41138The AppsAnywhere macOS client-privileged helper can be tricked into executing arbitrary commands with elevated permissions by a local user process.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-41138
CVE-2023-5079Lenovo LeCloud App improper input validation allows attackers to access arbitrary components and arbitrary file downloads, which could result in information disclosure.\n\n\n\n\n\n\n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-5079
CVE-2023-5759In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner.  \n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-5759
CVE-2023-45319In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the commit function was identified. Reported by Jason Geffner. \n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-45319
CVE-2023-35767In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Jason Geffner.  \n7.5https://nvd.nist.gov/vuln/detail/CVE-2023-35767
CVE-2023-46774Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-46774
CVE-2023-46767Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-46767
CVE-2023-46766Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-46766
CVE-2023-46762Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-46762
CVE-2023-46761Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-46761
CVE-2023-46760Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-46760
CVE-2023-46771Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-46771
CVE-2023-44098Vulnerability of missing encryption in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-44098
CVE-2023-41112An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). A buffer copy, without checking the size of the input, can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-41112
CVE-2023-41111An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-41111
CVE-2023-41285A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nQuMagie 2.1.4 and later\n7.4https://nvd.nist.gov/vuln/detail/CVE-2023-41285
CVE-2023-41284A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nQuMagie 2.1.4 and later\n7.4https://nvd.nist.gov/vuln/detail/CVE-2023-41284
CVE-2023-32641Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access.7.3https://nvd.nist.gov/vuln/detail/CVE-2023-32641
CVE-2023-24592Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access.7.3https://nvd.nist.gov/vuln/detail/CVE-2023-24592
CVE-2023-22292Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.7.3https://nvd.nist.gov/vuln/detail/CVE-2023-22292
CVE-2022-41689Improper access control in some Intel In-Band Manageability software before version 3.0.14 may allow an authenticated user to potentially enable escalation of privilege via local access.7.3https://nvd.nist.gov/vuln/detail/CVE-2022-41689
CVE-2023-6099A vulnerability classified as critical has been found in Shenzhen Youkate Industrial Facial Love Cloud Payment System up to 1.0.55.0.0.1. This affects an unknown part of the file /SystemMng.ashx of the component Account Handler. The manipulation of the argument operatorRole with the input 00 leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-245061 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.7.3https://nvd.nist.gov/vuln/detail/CVE-2023-6099
CVE-2023-36014Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability7.3https://nvd.nist.gov/vuln/detail/CVE-2023-36014
CVE-2023-46743application-collabora is an integration of Collabora Online in XWiki. As part of the application use cases, depending on the rights that a user has over a document, they should be able to open the office attachments files in view or edit mode. Currently, if a user opens an attachment file in edit mode in collabora, this right will be preserved for all future users, until the editing session is closes, even if some of them have only view right. Collabora server is the one issuing this request and it seems that the `userCanWrite` query parameter is cached, even if, for example, token is not. This issue has been patched in version 1.3.7.3https://nvd.nist.gov/vuln/detail/CVE-2023-46743
CVE-2023-4706\nA privilege escalation vulnerability was reported in Lenovo preloaded devices deployed using Microsoft AutoPilot under a standard user account due to incorrect default privileges.\n\n7.3https://nvd.nist.gov/vuln/detail/CVE-2023-4706
CVE-2023-47113BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.4.2 is vulnerable to a DLL Hijacking vulnerability. By placing a DLL in the Folder c:\\DLLs, an attacker can run arbitrary code on every execution of BleachBit for Windows. This issue has been patched in version 4.5.0.\n7.3https://nvd.nist.gov/vuln/detail/CVE-2023-47113
CVE-2023-47111ZITADEL provides identity infrastructure. ZITADEL provides administrators the possibility to define a `Lockout Policy` with a maximum amount of failed password check attempts. On every failed password check, the amount of failed checks is compared against the configured maximum. Exceeding the limit, will lock the user and prevent further authentication. In the affected implementation it was possible for an attacker to start multiple parallel password checks, giving him the possibility to try out more combinations than configured in the `Lockout Policy`. This vulnerability has been patched in versions 2.40.5 and 2.38.3.\n7.3https://nvd.nist.gov/vuln/detail/CVE-2023-47111
CVE-2023-45625Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n7.2https://nvd.nist.gov/vuln/detail/CVE-2023-45625
CVE-2023-5528A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-5528
CVE-2023-47631vantage6 is a framework to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). In affected versions a node does not check if an image is allowed to run if a `parent_id` is set. A malicious party that breaches the server may modify it to set a fake `parent_id` and send a task of a non-whitelisted algorithm. The node will then execute it because the `parent_id` that is set prevents checks from being run. This impacts all servers that are breached by an expert user. This vulnerability has been patched in version 4.1.2. All users are advised to upgrade. There are no known workarounds for this vulnerability.\n7.2https://nvd.nist.gov/vuln/detail/CVE-2023-47631
CVE-2023-36423Microsoft Remote Registry Service Remote Code Execution Vulnerability7.2https://nvd.nist.gov/vuln/detail/CVE-2023-36423
CVE-2023-36401Microsoft Remote Registry Service Remote Code Execution Vulnerability7.2https://nvd.nist.gov/vuln/detail/CVE-2023-36401
CVE-2023-44317A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-44317
CVE-2023-5747Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution during the installation of Wave on the camera device. The Wave server application in camera device was vulnerable to command injection allowing an attacker to run arbitrary code. HanwhaVision has released patched firmware for the highlighted flaw. Please refer to the hanwhavision security report for more information and solution."7.2https://nvd.nist.gov/vuln/detail/CVE-2023-5747
CVE-2023-47518Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Matthew Muro Restrict Categories plugin <= 2.6.4 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47518
CVE-2023-47517Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.23.11.6 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47517
CVE-2023-47522Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Feed plugin <= 2.2.1 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47522
CVE-2023-47520Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Uno (miunosoft) Responsive Column Widgets plugin <= 1.2.7 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47520
CVE-2023-47630Kyverno is a policy engine designed for Kubernetes. An issue was found in Kyverno that allowed an attacker to control the digest of images used by Kyverno users. The issue would require the attacker to compromise the registry that the Kyverno users fetch their images from. The attacker could then return an vulnerable image to the the user and leverage that to further escalate their position. As such, the attacker would need to know which images the Kyverno user consumes and know of one of multiple exploitable vulnerabilities in previous digests of the images. Alternatively, if the attacker has compromised the registry, they could craft a malicious image with a different digest with intentionally placed vulnerabilities and deliver the image to the user. Users pulling their images by digests and from trusted registries are not impacted by this vulnerability. There is no evidence of this being exploited in the wild. The issue has been patched in 1.10.5. All users are advised to upgrade. There are no known workarounds for this vulnerability.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47630
CVE-2023-47547Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin <= 2.0.7 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47547
CVE-2023-47544Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.12 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47544
CVE-2023-46132Hyperledger Fabric is an open source permissioned distributed ledger framework. Combining two molecules to one another, called "cross-linking" results in a molecule with a chemical formula that is composed of all atoms of the original two molecules. In Fabric, one can take a block of transactions and cross-link the transactions in a way that alters the way the peers parse the transactions. If a first peer receives a block B and a second peer receives a block identical to B but with the transactions being cross-linked, the second peer will parse transactions in a different way and thus its world state will deviate from the first peer. Orderers or peers cannot detect that a block has its transactions cross-linked, because there is a vulnerability in the way Fabric hashes the transactions of blocks. It simply and naively concatenates them, which is insecure and lets an adversary craft a "cross-linked block" (block with cross-linked transactions) which alters the way peers process transactions. For example, it is possible to select a transaction and manipulate a peer to completely avoid processing it, without changing the computed hash of the block. Additional validations have been added in v2.2.14 and v2.5.5 to detect potential cross-linking issues before processing blocks. Users are advised to upgrade. There are no known workarounds for this vulnerability.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-46132
CVE-2023-47550Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy – Smart Donations allows Stored XSS.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47550
CVE-2023-36860Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-36860
CVE-2023-32701Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause Information Disclosure or a Denial-of-Service condition. \n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-32701
CVE-2022-40681A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to cause denial of service via sending a crafted request to a specific named pipe.7.1https://nvd.nist.gov/vuln/detail/CVE-2022-40681
CVE-2023-36399Windows Storage Elevation of Privilege Vulnerability7.1https://nvd.nist.gov/vuln/detail/CVE-2023-36399
CVE-2023-36046Windows Authentication Denial of Service Vulnerability7.1https://nvd.nist.gov/vuln/detail/CVE-2023-36046
CVE-2023-47629DataHub is an open-source metadata platform. In affected versions sign-up through an invite link does not properly restrict users from signing up as privileged accounts. If a user is given an email sign-up link they can potentially create an admin account given certain preconditions. If the default datahub user has been removed, then the user can sign up for an account that leverages the default policies giving admin privileges to the datahub user. All DataHub instances prior to the patch that have removed the datahub user, but not the default policies applying to that user are affected. Users are advised to update to version 0.12.1 which addresses the issue. There are no known workarounds for this vulnerability.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47629
CVE-2023-47684Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ThemePunch OHG Essential Grid plugin <= 3.1.0 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47684
CVE-2023-47673Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Stefano Ottolenghi Post Pay Counter plugin <= 2.789 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47673
CVE-2023-47665Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in edward_plainview Plainview Protect Passwords plugin <= 1.4 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47665
CVE-2023-47697Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin <= 3.1.39 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47697
CVE-2023-47696Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Gravity Master Product Enquiry for WooCommerce plugin <= 3.0 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47696
CVE-2023-47695Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Scribit Shortcodes Finder plugin <= 1.5.3 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47695
CVE-2023-47690Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Anton Bond Additional Order Filters for WooCommerce plugin <= 1.10 versions.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47690
CVE-2023-32123Cross-Site Request Forgery (CSRF) vulnerability in Dream-Theme The7 allows Stored XSS.This issue affects The7: from n/a through 11.7.3.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-32123
CVE-2023-31230Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a through 1.0.2.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-31230
CVE-2023-39166Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting (XSS).This issue affects tagDiv Composer: from n/a before 4.4.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-39166
CVE-2023-35877Cross-Site Request Forgery (CSRF) vulnerability in Vadym K. Extra User Details allows Stored XSS.This issue affects Extra User Details: from n/a through 0.5.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-35877
CVE-2023-46092Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.Com Webmaster Tools allows Stored XSS.This issue affects Webmaster Tools: from n/a through 2.0.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-46092
CVE-2023-40335Cross-Site Request Forgery (CSRF) vulnerability in Jeremy O'Connell Cleverwise Daily Quotes allows Stored XSS.This issue affects Cleverwise Daily Quotes: from n/a through 3.2.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-40335
CVE-2023-46201Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration allows Stored XSS.This issue affects Auto Login New User After Registration: from n/a through 1.9.6.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-46201
CVE-2023-47652Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links allows Stored XSS.This issue affects Auto Affiliate Links: from n/a through 6.4.2.4.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47652
CVE-2023-47516Cross-Site Request Forgery (CSRF) vulnerability in Stark Digital Category Post List Widget allows Stored XSS.This issue affects Category Post List Widget: from n/a through 2.0.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47516
CVE-2023-46634Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx Custom My Account for Woocommerce allows Cross-Site Scripting (XSS).This issue affects Custom My Account for Woocommerce: from n/a through 2.1.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-46634
CVE-2023-23800Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin — Shortcodes Ultimate.This issue affects WP Shortcodes Plugin — Shortcodes Ultimate: from n/a through 5.12.6.\n\n7.1https://nvd.nist.gov/vuln/detail/CVE-2023-23800
CVE-2023-36027Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability7.1https://nvd.nist.gov/vuln/detail/CVE-2023-36027
CVE-2023-36024Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability7.1https://nvd.nist.gov/vuln/detail/CVE-2023-36024
CVE-2023-36427Windows Hyper-V Elevation of Privilege Vulnerability7https://nvd.nist.gov/vuln/detail/CVE-2023-36427
CVE-2023-36405Windows Kernel Elevation of Privilege Vulnerability7https://nvd.nist.gov/vuln/detail/CVE-2023-36405
CVE-2023-36403Windows Kernel Elevation of Privilege Vulnerability7https://nvd.nist.gov/vuln/detail/CVE-2023-36403
CVE-2023-36394Windows Search Service Elevation of Privilege Vulnerability7https://nvd.nist.gov/vuln/detail/CVE-2023-36394
CVE-2023-27519Improper input validation in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable escalation of privilege via local access.6.9https://nvd.nist.gov/vuln/detail/CVE-2023-27519
CVE-2023-24587Insufficient control flow management in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable denial of service via local access.6.9https://nvd.nist.gov/vuln/detail/CVE-2023-24587
CVE-2023-47549Unauth. Reflected Cross-Site Scripting (XSS) vulnerability on 302 response page in spider-themes EazyDocs plugin <= 2.3.3 versions.6.8https://nvd.nist.gov/vuln/detail/CVE-2023-47549
CVE-2023-27879Improper access control in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access.6.8https://nvd.nist.gov/vuln/detail/CVE-2023-27879
CVE-2023-27383Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may allow a privileged user to potentially enable escalation of privilege via adjacent access.6.8https://nvd.nist.gov/vuln/detail/CVE-2023-27383
CVE-2023-45794A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.4.0), Mendix Applications using Mendix 7 (All versions < V7.23.37), Mendix Applications using Mendix 8 (All versions < V8.18.27), Mendix Applications using Mendix 9 (All versions < V9.24.10). A capture-replay flaw in the platform could have an impact to apps built with the platform, if certain preconditions are met that depend on the app's model and access control design.\r\n\r\nThis could allow authenticated attackers to access or modify objects without proper authorization, or escalate privileges in the context of the vulnerable app.6.8https://nvd.nist.gov/vuln/detail/CVE-2023-45794
CVE-2023-47612A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.6.8https://nvd.nist.gov/vuln/detail/CVE-2023-47612
CVE-2023-39230Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-39230
CVE-2023-34997Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-34997
CVE-2023-34430Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-34430
CVE-2023-34350Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-34350
CVE-2023-34314Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-34314
CVE-2023-33878Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-33878
CVE-2023-33874Uncontrolled search path in some Intel(R) NUC 12 Pro Kits & Mini PCs - NUC12WS Intel(R) HID Event Filter Driver installation software before version 2.2.2.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-33874
CVE-2023-32662Improper authorization in some Intel Battery Life Diagnostic Tool installation software before version 2.2.1 may allow a privilaged user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-32662
CVE-2023-32661Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-32661
CVE-2023-32660Uncontrolled search path in some Intel(R) NUC Kit NUC6i7KYK Thunderbolt(TM) 3 Firmware Update Tool installation software before version 46 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-32660
CVE-2023-32658Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-32658
CVE-2023-32655Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-32655
CVE-2023-32638Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-32638
CVE-2023-32278Path transversal in some Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R) NUC Software Studio may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-32278
CVE-2023-29504Uncontrolled search path element in some Intel(R) RealSense(TM) Dynamic Calibration software before version 2.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-29504
CVE-2023-29177Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-29177
CVE-2023-29165Unquoted search path or element in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-29165
CVE-2023-29161Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-29161
CVE-2023-28740Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-28740
CVE-2023-28388Uncontrolled search path element in some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-28388
CVE-2023-28378Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-28378
CVE-2023-28377Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-28377
CVE-2023-27513Uncontrolled search path element in some Intel(R) Server Information Retrieval Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-27513
CVE-2023-27305Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-27305
CVE-2023-25075Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-25075
CVE-2022-41700Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2022-41700
CVE-2022-38786Improper access control in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2022-38786
CVE-2022-33898Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2022-33898
CVE-2022-27229Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.6.7https://nvd.nist.gov/vuln/detail/CVE-2022-27229
CVE-2023-45079A memory leakage vulnerability was reported in the NvmramSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables. \n\n6.7https://nvd.nist.gov/vuln/detail/CVE-2023-45079
CVE-2023-45078A memory leakage vulnerability was reported in the DustFilterAlertSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-45078
CVE-2023-45077A memory leakage vulnerability was reported in the 534D0740 DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-45077
CVE-2023-45076A memory leakage vulnerability was reported in the 534D0140 DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables.\n6.7https://nvd.nist.gov/vuln/detail/CVE-2023-45076
CVE-2023-45075A memory leakage vulnerability was reported in the SWSMI_Shadow DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-45075
CVE-2023-43581A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43581
CVE-2023-43580A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43580
CVE-2023-43579A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43579
CVE-2023-43578A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43578
CVE-2023-43577A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43577
CVE-2023-43576A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43576
CVE-2023-43575A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43575
CVE-2023-43573A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43573
CVE-2023-43571A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43571
CVE-2023-5078A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-5078
CVE-2023-5075A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-5075
CVE-2023-43570\nA potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code. \n\n6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43570
CVE-2023-43569A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. 6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43569
CVE-2023-43567A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.6.7https://nvd.nist.gov/vuln/detail/CVE-2023-43567
CVE-2023-47654Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in livescore.Bz BZScore – Live Score plugin <= 1.03 versions.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-47654
CVE-2023-38131Improper input validationation for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-38131
CVE-2023-28376Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-28376
CVE-2023-27306Improper Initialization in firmware for some Intel(R) Optane(TM) SSD products may allow an authenticated user to potentially enable denial of service via local access.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-27306
CVE-2023-26589Use after free in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allowed an authenticated user to potentially enable denial of service via local access.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-26589
CVE-2023-22310Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-22310
CVE-2023-22305Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-22305
CVE-2023-22290Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-22290
CVE-2023-36641A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-36641
CVE-2023-36413Microsoft Office Security Feature Bypass Vulnerability6.5https://nvd.nist.gov/vuln/detail/CVE-2023-36413
CVE-2023-36398Windows NTFS Information Disclosure Vulnerability6.5https://nvd.nist.gov/vuln/detail/CVE-2023-36398
CVE-2023-36043Open Management Infrastructure Information Disclosure Vulnerability6.5https://nvd.nist.gov/vuln/detail/CVE-2023-36043
CVE-2023-47659Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Lavacode Lava Directory Manager plugin <= 1.1.34 versions.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-47659
CVE-2023-46096A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly authenticate users in the PUD Manager web service. This could allow an unauthenticated adjacent attacker to generate a privileged token and upload additional documents.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-46096
CVE-2023-44374A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her privileges.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-44374
CVE-2023-47680Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Qode Interactive Qi Addons For Elementor plugin <= 1.6.3 versions.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-47680
CVE-2023-46733Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token itself changes from one type (partially-authenticated) to another (fully-authenticated). When this happens, the session id should be regenerated to prevent possible session fixations, which is not the case at the moment. As of versions 5.4.31 and 6.3.8, Symfony now checks the type of the token in addition to the user identifier before deciding whether the session id should be regenerated.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-46733
CVE-2023-5550In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-5550
CVE-2023-5544Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-5544
CVE-2023-4061A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-4061
CVE-2023-6002YugabyteDB is vulnerable to cross site scripting (XSS) via log injection. Writing invalidated user input to log files can allow an unprivileged attacker to forge log entries or inject malicious content into the logs.\n6.5https://nvd.nist.gov/vuln/detail/CVE-2023-6002
CVE-2023-47640DataHub is an open-source metadata platform. The HMAC signature for DataHub Frontend sessions was being signed using a SHA-1 HMAC with the frontend secret key. SHA1 with a 10 byte key can be brute forced using sufficient resources (i.e. state level actors with large computational capabilities). DataHub Frontend was utilizing the Play LegacyCookiesModule with default settings which utilizes a SHA1 HMAC for signing. This is compounded by using a shorter key length than recommended by default for the signing key for the randomized secret value. An authenticated attacker (or attacker who has otherwise obtained a session token) could crack the signing key for DataHub and obtain escalated privileges by generating a privileged session cookie. Due to key length being a part of the risk, deployments should update to the latest helm chart and rotate their session signing secret. All deployments using the default helm chart configurations for generating the Play secret key used for signing are affected by this vulnerability. Version 0.11.1 resolves this vulnerability. All users are advised to upgrade. There are no known workarounds for this vulnerability.6.4https://nvd.nist.gov/vuln/detail/CVE-2023-47640
CVE-2023-28002An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.2 all versions, 7.0 all versions, 2.0 all versions VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place.6.4https://nvd.nist.gov/vuln/detail/CVE-2023-28002
CVE-2023-6006This vulnerability allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\nThe specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.6.4https://nvd.nist.gov/vuln/detail/CVE-2023-6006
CVE-2023-5741The POWR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'powr-powr-pack' shortcode in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.6.4https://nvd.nist.gov/vuln/detail/CVE-2023-5741
CVE-2023-4775The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'advanced_iframe' shortcode in versions up to, and including, 2023.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.6.4https://nvd.nist.gov/vuln/detail/CVE-2023-4775
CVE-2023-41239Server-Side Request Forgery (SSRF) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry.This issue affects PowerPress Podcasting plugin by Blubrry: from n/a through 11.0.6.\n\n6.4https://nvd.nist.gov/vuln/detail/CVE-2023-41239
CVE-2023-3282A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine.6.4https://nvd.nist.gov/vuln/detail/CVE-2023-3282
CVE-2023-5189A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-5189
CVE-2023-46097A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly neutralize user provided inputs. This could allow an authenticated adjacent attacker to execute SQL statements in the underlying database.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-46097
CVE-2023-6098An XSS vulnerability has been discovered in ICS Business Manager affecting version 7.06.0028.7066. A remote attacker could send a specially crafted string exploiting the obdd_act parameter, allowing the attacker to steal an authenticated user's session, and perform actions within the application.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-6098
CVE-2023-32583Cross-Site Request Forgery (CSRF) vulnerability in Prashant Walke WP All Backup plugin <= 2.4.3 versions.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-32583
CVE-2023-6084A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the argument VU_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-244994 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-6084
CVE-2023-6074A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. This issue affects some unknown processing of the file check-status.php of the component Booking Reservation Handler. The manipulation leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-244943.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-6074
CVE-2023-6053A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.9. Affected by this issue is some unknown functionality of the file general/system/censor_words/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-244874 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-6053
CVE-2023-6052A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. Affected is an unknown function of the file general/system/censor_words/module/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-244872. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-6052
CVE-2023-36558ASP.NET Core - Security Feature Bypass Vulnerability6.2https://nvd.nist.gov/vuln/detail/CVE-2023-36558
CVE-2023-36042Visual Studio Denial of Service Vulnerability6.2https://nvd.nist.gov/vuln/detail/CVE-2023-36042
CVE-2023-36016Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability6.2https://nvd.nist.gov/vuln/detail/CVE-2023-36016
CVE-2023-45167IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a vulnerability to cause a denial of service. IBM X-Force ID: 267965.6.2https://nvd.nist.gov/vuln/detail/CVE-2023-45167
CVE-2023-25952Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of service via local access.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-25952
CVE-2022-42879NULL pointer dereference in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of service via local access.6.1https://nvd.nist.gov/vuln/detail/CVE-2022-42879
CVE-2023-38177Microsoft SharePoint Server Remote Code Execution Vulnerability6.1https://nvd.nist.gov/vuln/detail/CVE-2023-38177
CVE-2023-36030Microsoft Dynamics 365 Sales Spoofing Vulnerability6.1https://nvd.nist.gov/vuln/detail/CVE-2023-36030
CVE-2023-4603The Star CloudPRNT for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'printersettings' parameter in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-4603
CVE-2023-42816Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch signatures. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-42816
CVE-2023-42813Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch attestations. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-42813
CVE-2023-38364IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 260821.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-38364
CVE-2023-46735Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn't return any user-submitted input in its response.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-46735
CVE-2023-46734Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don't actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-46734
CVE-2023-46627Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ashish Ajani WordPress Simple HTML Sitemap plugin <= 2.1 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-46627
CVE-2023-46626Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FLOWFACT WP Connector plugin <= 2.1.7 versions.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-46626
CVE-2023-22327Out-of-bounds write in firmware for some Intel(R) FPGA products before version 2.8.1 may allow a privileged user to potentially enable information disclosure via local access.6https://nvd.nist.gov/vuln/detail/CVE-2023-22327
CVE-2023-47528Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sajjad Hossain Sagor WP Edit Username plugin <= 1.0.5 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47528
CVE-2023-47546Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Walter Pinem OneClick Chat to Order plugin <= 1.0.4.2 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47546
CVE-2023-47545Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin <= 2.5.4 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47545
CVE-2023-47533Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin <= 1.8.2 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47533
CVE-2023-47646Auth. (Shop Manager+) Stored Cross-Site Scripting (XSS) vulnerability in CedCommerce Recently viewed and most viewed products plugin <= 1.1.1 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47646
CVE-2023-47554Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DenK BV Actueel Financieel Nieuws – Denk Internet Solutions plugin <= 5.1.0 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47554
CVE-2023-47658Auth. (ShopManager+) Stored Cross-Site Scripting (XSS) vulnerability in actpro Extra Product Options for WooCommerce plugin <= 3.0.3 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47658
CVE-2023-47656Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi ANAC XML Bandi di Gara plugin <= 7.5 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47656
CVE-2023-47653Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abu Bakar TWB Woocommerce Reviews plugin <= 1.7.5 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47653
CVE-2023-24588Exposure of sensitive information to an unauthorized actor in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-24588
CVE-2023-22663Improper authentication for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-22663
CVE-2023-22448Improper access control for some Intel Unison software may allow a privileged user to potentially enable escalation of privilege via network access.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-22448
CVE-2023-47660Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Wham Product Visibility by Country for WooCommerce plugin <= 1.4.9 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47660
CVE-2023-47662Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GoldBroker.Com Live Gold Price & Silver Price Charts Widgets plugin <= 2.4 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47662
CVE-2023-47657Auth. (ShopManager+) Stored Cross-Site Scripting (XSS) vulnerability in GrandPlugins Direct Checkout – Quick View – Buy Now For WooCommerce plugin <= 1.5.8 versions.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47657
CVE-2018-8863The HTTP header in Philips EncoreAnywhere contains data an attacker may be able to use to gain sensitive information.\n\n5.9https://nvd.nist.gov/vuln/detail/CVE-2018-8863
CVE-2023-5954HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-5954
CVE-2023-20902A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below,  Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to \ncreate jobs/stop job tasks and retrieve job task information.\n\n\n5.9https://nvd.nist.gov/vuln/detail/CVE-2023-20902
CVE-2022-48613Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed.5.9https://nvd.nist.gov/vuln/detail/CVE-2022-48613
CVE-2023-47532Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum WP Crowdfunding plugin <= 2.1.6 versions.5.8https://nvd.nist.gov/vuln/detail/CVE-2023-47532
CVE-2023-47524Unauth. Reflected Cross-Site Scripting (XSS) vulnerability (requires PHP 8.x) in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin <= 2.1.9 versions.5.8https://nvd.nist.gov/vuln/detail/CVE-2023-47524
CVE-2022-45835Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions.This issue affects PhonePe Payment Solutions: from n/a through 1.0.15.\n\n5.8https://nvd.nist.gov/vuln/detail/CVE-2022-45835
CVE-2023-28401Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow authenticated user to potentially enable escalation of privilege via local access.5.7https://nvd.nist.gov/vuln/detail/CVE-2023-28401
CVE-2023-6073Attacker can perform a Denial of Service attack to crash the ICAS 3 IVI ECU in a Volkswagen ID.3 (and other vehicles of the VW Group with the same hardware) and spoof volume setting commands to irreversibly turn on audio volume to maximum via REST API calls.\n5.7https://nvd.nist.gov/vuln/detail/CVE-2023-6073
CVE-2023-25071NULL pointer dereference in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows Drviers before version 31.0.101.4255 may allow authenticated user to potentially enable denial of service via local access.5.6https://nvd.nist.gov/vuln/detail/CVE-2023-25071
CVE-2023-45582An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail webmail version 7.2.0 through 7.2.4, 7.0.0 through 7.0.6 and before 6.4.8 may allow an unauthenticated attacker to  perform a brute force attack on the affected endpoints via repeated login attempts.5.6https://nvd.nist.gov/vuln/detail/CVE-2023-45582
CVE-2023-26156Versions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. This could lead to unauthorized access and potentially malicious actions on the host system.\r\r**Note:**\r\rAn attacker must have access to the system running the vulnerable chromedriver library to exploit it. The success of exploitation also depends on the permissions and privileges of the process running chromedriver.5.6https://nvd.nist.gov/vuln/detail/CVE-2023-26156
CVE-2023-45626An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles.\n\n5.5https://nvd.nist.gov/vuln/detail/CVE-2023-45626
CVE-2023-33872Improper access control in the Intel Support android application all verions may allow an authenticated user to potentially enable information disclosure via local access.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-33872
CVE-2023-32283Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-32283
CVE-2023-25949Uncontrolled resource consumption in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-25949
CVE-2023-36428Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability5.5https://nvd.nist.gov/vuln/detail/CVE-2023-36428
CVE-2023-36406Windows Hyper-V Information Disclosure Vulnerability5.5https://nvd.nist.gov/vuln/detail/CVE-2023-36406
CVE-2023-36404Windows Kernel Information Disclosure Vulnerability5.5https://nvd.nist.gov/vuln/detail/CVE-2023-36404
CVE-2023-38515Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 3.7.56.\n\n5.5https://nvd.nist.gov/vuln/detail/CVE-2023-38515
CVE-2023-6054A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/manage/lock.php. The manipulation of the argument TERM_ID_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-244875. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-6054
CVE-2023-6039A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-6039
CVE-2023-4891\nA potential use-after-free vulnerability was reported in the Lenovo View driver that could result in denial of service. \n\n5.5https://nvd.nist.gov/vuln/detail/CVE-2023-4891
CVE-2023-47109PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image. When deleting the block from the BO, the file will be deleted. It is possible to make the website completely unavailable by removing index.php for example. This issue has been patched in version 5.1.4.\n5.5https://nvd.nist.gov/vuln/detail/CVE-2023-47109
CVE-2023-5136An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.\n5.5https://nvd.nist.gov/vuln/detail/CVE-2023-5136
CVE-2023-39412Cross-site request forgery in some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-39412
CVE-2023-39221Improper access control for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-39221
CVE-2023-25603A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-25603
CVE-2023-36633An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-36633
CVE-2023-46099A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). There is a stored cross-site scripting vulnerability in the Administration Console of the affected product, that could allow an attacker with high privileges to inject Javascript code into the application that is later executed by another legitimate user.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-46099
CVE-2023-47669Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.10.3 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-47669
CVE-2023-34384Cross-Site Request Forgery (CSRF) vulnerability in Kebo Kebo Twitter Feed plugin <= 1.5.12 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-34384
CVE-2023-47230Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.6.0 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-47230
CVE-2023-46636Cross-Site Request Forgery (CSRF) vulnerability in David Stöckl Custom Header Images plugin <= 1.2.1 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-46636
CVE-2023-46619Cross-Site Request Forgery (CSRF) vulnerability in WebDorado WDSocialWidgets plugin <= 1.0.15 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-46619
CVE-2023-26531Cross-Site Request Forgery (CSRF) vulnerability in ??? ?????????????-??Baidu/Google/Bing/IndexNow/Yandex/?? plugin <= 4.2.7 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-26531
CVE-2023-27445Cross-Site Request Forgery (CSRF) vulnerability in Meril Inc. Blog Floating Button plugin <= 1.4.12 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-27445
CVE-2023-27441Cross-Site Request Forgery (CSRF) vulnerability in gl_SPICE New Adman plugin <= 1.6.8 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-27441
CVE-2023-27436Cross-Site Request Forgery (CSRF) vulnerability in Louis Reingold Elegant Custom Fonts plugin <= 1.0 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-27436
CVE-2023-26518Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes WP TFeed plugin <= 1.6.9 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-26518
CVE-2023-26514Cross-Site Request Forgery (CSRF) vulnerability in WPGrim Dynamic XML Sitemaps Generator for Google plugin <= 1.3.3 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-26514
CVE-2023-28420Cross-Site Request Forgery (CSRF) vulnerability in Leo Caseiro Custom Options Plus plugin <= 1.8.1 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-28420
CVE-2023-28419Cross-Site Request Forgery (CSRF) vulnerability in Stranger Studios Force First and Last Name as Display Name plugin <= 1.2 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-28419
CVE-2023-28172Cross-Site Request Forgery (CSRF) vulnerability in flippercode WordPress Plugin for Google Maps – WP MAPS (formerly WP Google Map Plugin) plugin <= 4.4.2 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-28172
CVE-2023-28167Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital CF7 Invisible reCAPTCHA plugin <= 1.3.3 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-28167
CVE-2023-27632Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.03.08 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-27632
CVE-2023-27623Cross-Site Request Forgery (CSRF) vulnerability in Jens Törnell WP Page Numbers plugin <= 0.5 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-27623
CVE-2023-27611Cross-Site Request Forgery (CSRF) vulnerability in audrasjb Reusable Blocks Extended plugin <= 0.9 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-27611
CVE-2023-29425Cross-Site Request Forgery (CSRF) vulnerability in plainware.Com ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-29425
CVE-2023-28694Cross-Site Request Forgery (CSRF) vulnerability in Wbcom Designs Wbcom Designs – BuddyPress Activity Social Share plugin <= 3.5.0 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-28694
CVE-2023-28618Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Enhanced Plugin Admin plugin <= 1.16 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-28618
CVE-2023-28497Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery LITE plugin <= 1.7.6 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-28497
CVE-2023-37533HCL Connections is vulnerable to reflected cross-site scripting (XSS) where an attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user after visiting the vulnerable URL which contains the malicious script code. This may allow the attacker to steal cookie-based authentication credentials and comprise a user's account then launch other attacks.\n5.4https://nvd.nist.gov/vuln/detail/CVE-2023-37533
CVE-2023-47190Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Apollo13Themes Apollo13 Framework Extensions plugin <= 1.9.0 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-47190
CVE-2023-46640Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in D. Relton Medialist plugin <= 1.3.9 versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-46640
CVE-2023-46483Cross Site Scripting vulnerability in timetec AWDMS v.2.0 allows an attacker to obtain sensitive information via a crafted payload to the remark parameter of the New Zone function.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-46483
CVE-2023-47627aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. The HTTP parser in AIOHTTP has numerous problems with header parsing, which could lead to request smuggling. This parser is only used when AIOHTTP_NO_EXTENSIONS is enabled (or not using a prebuilt wheel). These bugs have been addressed in commit `d5c12ba89` which has been included in release version 3.8.6. Users are advised to upgrade. There are no known workarounds for these issues.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-47627
CVE-2023-40220Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-40220
CVE-2023-39228Improper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-39228
CVE-2023-38570Access of memory location after end of buffer for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-38570
CVE-2023-25080Protection mechanism failure in some Intel(R) Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated user to potentially enable information disclosure via local access.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-25080
CVE-2023-6109The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add() function. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to one vote per person.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-6109
CVE-2023-42480The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.\n\n5.3https://nvd.nist.gov/vuln/detail/CVE-2023-42480
CVE-2023-41366Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT, allows an unauthenticated attacker to access the unintended data due to the lack of restrictions applied which may lead to low impact in confidentiality and no impact on the integrity and availability of the application.\n\n5.3https://nvd.nist.gov/vuln/detail/CVE-2023-41366
CVE-2023-6102A vulnerability, which was classified as problematic, was found in Maiwei Safety Production Control Platform 4.1. Affected is an unknown function of the file /Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-245064. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-6102
CVE-2023-6101A vulnerability, which was classified as problematic, has been found in Maiwei Safety Production Control Platform 4.1. This issue affects some unknown processing of the file /TC/V2.7/ha.html of the component Intelligent Monitoring. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-245063. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-6101
CVE-2023-6100A vulnerability classified as problematic was found in Maiwei Safety Production Control Platform 4.1. This vulnerability affects unknown code of the file /api/DataDictionary/GetItemList. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-245062 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-6100
CVE-2023-6076A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information disclosure. The attack can be launched remotely. The identifier VDB-244945 was assigned to this vulnerability.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-6076
CVE-2023-47119Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-47119
CVE-2023-46755Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-46755
CVE-2023-6001Prometheus metrics are available without\nauthentication. These expose detailed and sensitive information about the YugabyteDB Anywhere environment.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-6001
CVE-2023-39411Improper input validationation for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.5https://nvd.nist.gov/vuln/detail/CVE-2023-39411
CVE-2023-4218In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).\n5https://nvd.nist.gov/vuln/detail/CVE-2023-4218
CVE-2023-26221The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged attacker with read/write access to craft malicious Analyst files. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s Spotfire Analyst: versions 12.3.0, 12.4.0, and 12.5.0, Spotfire Server: versions 12.3.0, 12.4.0, and 12.5.0, and Spotfire for AWS Marketplace: version 12.5.0.\n\n5https://nvd.nist.gov/vuln/detail/CVE-2023-26221
CVE-2023-39199Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.4.9https://nvd.nist.gov/vuln/detail/CVE-2023-39199
CVE-2023-44319A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that tricks a legitimate administrator to upload a modified configuration file to change the configuration of an affected device.4.9https://nvd.nist.gov/vuln/detail/CVE-2023-44319
CVE-2023-44318A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the exported file.4.9https://nvd.nist.gov/vuln/detail/CVE-2023-44318
CVE-2023-47228Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-47228
CVE-2023-47227Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Web-Settler Social Feed | All social media in one place plugin <= 1.5.4.6 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-47227
CVE-2023-47226Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Post Sliders & Post Grids plugin <= 1.0.20 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-47226
CVE-2023-47223Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Map Plugins Basic Interactive World Map plugin <= 2.0 versions.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-47223
CVE-2023-45140The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. SCP and SFTP plugins don't honor group-based JIT MFA. Establishing a SCP/SFTP connection through The Bastion via a group access where MFA is enforced does not ask for additional factor. This abnormal behavior only applies to per-group-based JIT MFA. Other MFA setup types, such as Immediate MFA, JIT MFA on a per-plugin basis and JIT MFA on a per-account basis are not affected. This issue has been patched in version 3.14.15.4.8https://nvd.nist.gov/vuln/detail/CVE-2023-45140
CVE-2023-47125TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. This vulnerability has been addressed in versions 1.5.3 and 2.1.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.4.7https://nvd.nist.gov/vuln/detail/CVE-2023-47125
CVE-2023-23367An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2376 build 20230421 and later\nQuTS hero h5.0.1.2376 build 20230421 and later\nQuTScloud c5.1.0.2498 and later\n4.7https://nvd.nist.gov/vuln/detail/CVE-2023-23367
CVE-2023-5540A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.4.7https://nvd.nist.gov/vuln/detail/CVE-2023-5540
CVE-2023-5539A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.4.7https://nvd.nist.gov/vuln/detail/CVE-2023-5539
CVE-2023-25756Out-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent access.4.6https://nvd.nist.gov/vuln/detail/CVE-2023-25756
CVE-2023-43057IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 267484.4.6https://nvd.nist.gov/vuln/detail/CVE-2023-43057
CVE-2023-44248An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service.4.4https://nvd.nist.gov/vuln/detail/CVE-2023-44248
CVE-2023-33304A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7.2.0 - 7.2.1 allows an attacker to bypass system protections via the use of static credentials.4.4https://nvd.nist.gov/vuln/detail/CVE-2023-33304
CVE-2023-37978Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11.\n\n4.4https://nvd.nist.gov/vuln/detail/CVE-2023-37978
CVE-2023-34013Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2.\n\n4.4https://nvd.nist.gov/vuln/detail/CVE-2023-34013
CVE-2023-23684Server-Side Request Forgery (SSRF) vulnerability in WPGraphQL.This issue affects WPGraphQL: from n/a through 1.14.5.\n\n4.4https://nvd.nist.gov/vuln/detail/CVE-2023-23684
CVE-2023-47613A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to escape from virtual directories and get read/write access to protected files on the targeted system.4.4https://nvd.nist.gov/vuln/detail/CVE-2023-47613
CVE-2023-43574A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges\n\nto disclose sensitive information.\n\n4.4https://nvd.nist.gov/vuln/detail/CVE-2023-43574
CVE-2023-43572A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.\n\n4.4https://nvd.nist.gov/vuln/detail/CVE-2023-43572
CVE-2023-43568A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.4.4https://nvd.nist.gov/vuln/detail/CVE-2023-43568
CVE-2023-45627An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal\n\noperation of the affected access point.\n\n4.3https://nvd.nist.gov/vuln/detail/CVE-2023-45627
CVE-2023-39205Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-39205
CVE-2023-39204Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-39204
CVE-2023-39203Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom VDI Client may allow an unauthenticated user to conduct a disclosure of information via network access.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-39203
CVE-2023-31203Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may allow an unauthenticated user to potentially enable denial of service via network access.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-31203
CVE-2023-41676An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-41676
CVE-2023-44320A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-44320
CVE-2023-38363\nIBM CICS TX Advanced 10.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 260818.\n\n4.3https://nvd.nist.gov/vuln/detail/CVE-2023-38363
CVE-2023-34378Cross-Site Request Forgery (CSRF) vulnerability in scriptburn.Com WP Hide Post plugin <= 2.0.10 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-34378
CVE-2023-33207Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Wielogórski Stop Referrer Spam plugin <= 1.3.0 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-33207
CVE-2023-32588Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Post State Tags plugin <= 2.0.6 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-32588
CVE-2023-46638Cross-Site Request Forgery (CSRF) vulnerability in Webcodin WCP OpenWeather plugin <= 2.5.0 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-46638
CVE-2023-46629Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remove Add to Cart WooCommerce plugin <= 1.4.4.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-46629
CVE-2023-46625Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Autolinks Manager plugin <= 1.10.04 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-46625
CVE-2023-46620Cross-Site Request Forgery (CSRF) vulnerability in Fluenx DeepL API translation plugin <= 2.3.9.1 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-46620
CVE-2023-46618Cross-Site Request Forgery (CSRF) vulnerability in Bala Krishna, Sergey Yakovlev Category SEO Meta Tags plugin <= 2.5 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-46618
CVE-2023-26543Cross-Site Request Forgery (CSRF) vulnerability in Aleksandr Guidrevitch WP Meteor Website Speed Optimization Addon plugin <= 3.1.4 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-26543
CVE-2023-27438Cross-Site Request Forgery (CSRF) vulnerability in Evgen Yurchenko WP Translitera plugin <= p1.2.5 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-27438
CVE-2023-27434Cross-Site Request Forgery (CSRF) vulnerability in WPGrim Classic Editor and Classic Widgets plugin <= 1.2.5 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-27434
CVE-2023-26524Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.10 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-26524
CVE-2023-28173Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Images plugin <= 2.1.3 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-28173
CVE-2023-27431Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk Big Store theme <= 1.9.3 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-27431
CVE-2023-27418Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite – add sticky fixed buttons plugin <= 4.0 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-27418
CVE-2023-27417Cross-Site Request Forgery (CSRF) vulnerability in Timo Reith Affiliate Super Assistent plugin <= 1.5.1 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-27417
CVE-2023-29238Cross-Site Request Forgery (CSRF) vulnerability in Whydonate Whydonate – FREE Donate button – Crowdfunding – Fundraising plugin <= 3.12.15 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-29238
CVE-2023-28987Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Wp Ultimate Review plugin <= 2.0.3 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-28987
CVE-2023-28930Cross-Site Request Forgery (CSRF) vulnerability in Robin Phillips Mobile Banner plugin <= 1.5 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-28930
CVE-2023-28696Cross-Site Request Forgery (CSRF) vulnerability in Harish Chouhan, Themeist I Recommend Tplugin <= 3.9.0 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-28696
CVE-2023-28498Cross-Site Request Forgery (CSRF) vulnerability in MotoPress Hotel Booking Lite plugin <= 4.6.0 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-28498
CVE-2023-28495Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop WP Shortcode by MyThemeShop plugin <= 1.4.16 versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-28495
CVE-2023-5959A vulnerability, which was classified as problematic, was found in Beijing Baichuo Smart S85F Management Platform V31R02B10-01. Affected is an unknown function of the file /login.php. The manipulation of the argument txt_newpwd leads to weak password recovery. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244992. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-5959
CVE-2023-46130Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some theme components allow users to add svgs with unlimited `height` attributes, and this can affect the availability of subsequent replies in a topic. Most Discourse instances are unaffected, only instances with the svgbob or the mermaid theme component are within scope. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. As a workaround, disable or remove the relevant theme components.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-46130
CVE-2023-45806Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, if a user has been quoted and uses a `|` in their full name, they might be able to trigger a bug that generates a lot of duplicate content in all the posts they've been quoted by updating their full name again. Version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches contain a patch for this issue. No known workaround exists, although one can stop the "bleeding" by ensuring users only use alphanumeric characters in their full name field.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-45806
CVE-2023-5546ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-5546
CVE-2023-47114Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in your runtime environment, and the enforcement of privacy regulations in your code. The Fides web application allows data subject users to request access to their personal data. If the request is approved by the data controller user operating the Fides web application, the data subject's personal data can then retrieved from connected systems and data stores before being bundled together as a data subject access request package for the data subject to download. Supported data formats for the package include json and csv, but the most commonly used format is a series of HTML files compressed in a ZIP file. Once downloaded and unzipped, the data subject user can browse the HTML files on their local machine. It was identified that there was no validation of input coming from e.g. the connected systems and data stores which is later reflected in the downloaded data. This can result in an HTML injection that can be abused e.g. for phishing attacks or malicious JavaScript code execution, but only in the context of the data subject's browser accessing a HTML page using the `file://` protocol. Exploitation is limited to rogue Admin UI users, malicious connected system / data store users, and the data subject user if tricked via social engineering into submitting malicious data themselves. This vulnerability has been patched in version 2.23.3.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-47114
CVE-2023-41270Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-41270
CVE-2023-47127TYPO3 is an open source PHP based web content management system released under the GNU GPL. In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can be reused on the second site without requiring additional authentication. This vulnerability has been addressed in versions 8.7.55, 9.5.44, 10.4.41, 11.5.33, and 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.4.2https://nvd.nist.gov/vuln/detail/CVE-2023-47127
CVE-2023-47628DataHub is an open-source metadata platform. DataHub Frontend's sessions are configured using Play Framework's default settings for stateless session which do not set an expiration time for a cookie. Due to this, if a session cookie were ever leaked, it would be valid forever. DataHub uses a stateless session cookie that is not invalidated on logout, it is just removed from the browser forcing the user to login again. However, if an attacker extracted a cookie from an authenticated user it would continue to be valid as there is no validation on a time window the session token is valid for due to a combination of the usage of LegacyCookiesModule from Play Framework and using default settings which do not set an expiration time. All DataHub instances prior to the patch that have removed the datahub user, but not the default policies applying to that user are affected. Users are advised to update to version 0.12.1 which addresses the issue. There are no known workarounds for this vulnerability.4.2https://nvd.nist.gov/vuln/detail/CVE-2023-47628
CVE-2023-47122Gitsign is software for keyless Git signing using Sigstore. In versions of gitsign starting with 0.6.0 and prior to 0.8.0, Rekor public keys were fetched via the Rekor API, instead of through the local TUF client. If the upstream Rekor server happened to be compromised, gitsign clients could potentially be tricked into trusting incorrect signatures. There is no known compromise the default public good instance (`rekor.sigstore.dev`) - anyone using this instance is unaffected. This issue was fixed in v0.8.0. No known workarounds are available.4.2https://nvd.nist.gov/vuln/detail/CVE-2023-47122
CVE-2023-40719A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials.4.1https://nvd.nist.gov/vuln/detail/CVE-2023-40719
CVE-2023-40540Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.4.1https://nvd.nist.gov/vuln/detail/CVE-2023-40540
CVE-2023-46207Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing.This issue affects Motors – Car Dealer, Classifieds & Listing: from n/a through 1.4.6.\n\n4.1https://nvd.nist.gov/vuln/detail/CVE-2023-46207
CVE-2023-31219Server-Side Request Forgery (SSRF) vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.1.\n\n4.1https://nvd.nist.gov/vuln/detail/CVE-2023-31219
CVE-2023-38411Improper access control in the Intel Smart Campus android application before version 9.4 may allow an authenticated user to potentially enable escalation of privilege via local access.3.9https://nvd.nist.gov/vuln/detail/CVE-2023-38411
CVE-2023-28404Out-of-bounds read in the Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable information disclosure via local access.3.8https://nvd.nist.gov/vuln/detail/CVE-2023-28404
CVE-2023-39206Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.3.7https://nvd.nist.gov/vuln/detail/CVE-2023-39206
CVE-2023-47126TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions the login screen of the standalone install tool discloses the full path of the transient data directory (e.g. /var/www/html/var/transient/). This applies to composer-based scenarios only - “classic” non-composer installations are not affected. This issue has been addressed in version 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n3.7https://nvd.nist.gov/vuln/detail/CVE-2023-47126
CVE-2023-44322A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices can be configured to send emails when certain events occur on the device. When presented with an invalid response from the SMTP server, the device triggers an error that disrupts email sending. An attacker with access to the network can use this to do disable notification of users when certain events occur.3.7https://nvd.nist.gov/vuln/detail/CVE-2023-44322
CVE-2023-43503A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP.3.5https://nvd.nist.gov/vuln/detail/CVE-2023-43503
CVE-2023-6075A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file index.php of the component Reservation Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-244944.3.5https://nvd.nist.gov/vuln/detail/CVE-2023-6075
CVE-2023-47641aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Affected versions of aiohttp have a security vulnerability regarding the inconsistent interpretation of the http protocol. HTTP/1.1 is a persistent protocol, if both Content-Length(CL) and Transfer-Encoding(TE) header values are present it can lead to incorrect interpretation of two entities that parse the HTTP and we can poison other sockets with this incorrect interpretation. A possible Proof-of-Concept (POC) would be a configuration with a reverse proxy(frontend) that accepts both CL and TE headers and aiohttp as backend. As aiohttp parses anything with chunked, we can pass a chunked123 as TE, the frontend entity will ignore this header and will parse Content-Length. The impact of this vulnerability is that it is possible to bypass any proxy rule, poisoning sockets to other users like passing Authentication Headers, also if it is present an Open Redirect an attacker could combine it to redirect random users to another website and log the request. This vulnerability has been addressed in release 3.8.0 of aiohttp. Users are advised to upgrade. There are no known workarounds for this vulnerability.3.4https://nvd.nist.gov/vuln/detail/CVE-2023-47641
CVE-2023-47121Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. As a workaround, disable the Embedding feature.3.4https://nvd.nist.gov/vuln/detail/CVE-2023-47121
CVE-2023-28723Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable information disclosure via local access.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-28723
CVE-2022-46299Insufficient control flow management for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.3.3https://nvd.nist.gov/vuln/detail/CVE-2022-46299
CVE-2022-45109Improper initialization for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.3.3https://nvd.nist.gov/vuln/detail/CVE-2022-45109
CVE-2022-43666Exposure of sensitive system information due to uncleared debug information for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.3.3https://nvd.nist.gov/vuln/detail/CVE-2022-43666
CVE-2022-43477Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.3.3https://nvd.nist.gov/vuln/detail/CVE-2022-43477
CVE-2023-47614A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to disclose hidden virtual paths and file names on the targeted system.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-47614
CVE-2023-45816Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but the underlying bookmarkable (e.g. post, topic, chat message) security has changed, making it so the user can no longer access the underlying resource. As of version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, bookmark reminders are now no longer sent if the user does not have access to the underlying bookmarkable, and also the unread bookmark notifications are always filtered by access. There are no known workarounds.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-45816
CVE-2023-5543When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-5543
CVE-2023-5551Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-5551
CVE-2023-5549Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-5549
CVE-2023-5548Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-5548
CVE-2023-5547The course upload preview contained an XSS risk for users uploading unsafe data.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-5547
CVE-2023-5545H5P metadata automatically populated the author with the user's username, which could be sensitive information.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-5545
CVE-2023-5542Students in "Only see own membership" groups could see other students in the group, which should be hidden.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-5542
CVE-2023-5541The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-5541
CVE-2023-47615A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to get access to a sensitive data on the targeted system.3.3https://nvd.nist.gov/vuln/detail/CVE-2023-47615
CVE-2023-39202Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access.3.1https://nvd.nist.gov/vuln/detail/CVE-2023-39202
CVE-2023-42815Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch signatures. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.3.1https://nvd.nist.gov/vuln/detail/CVE-2023-42815
CVE-2023-42814Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch attestations. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.\n3.1https://nvd.nist.gov/vuln/detail/CVE-2023-42814
CVE-2023-47625PX4 autopilot is a flight control solution for drones. In affected versions a global buffer overflow vulnerability exists in the CrsfParser_TryParseCrsfPacket function in /src/drivers/rc/crsf_rc/CrsfParser.cpp:298 due to the invalid size check. A malicious user may create an RC packet remotely and that packet goes into the device where the _rcs_buf reads. The global buffer overflow vulnerability will be triggered and the drone can behave unexpectedly. This issue has been addressed in version 1.14.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.2.9https://nvd.nist.gov/vuln/detail/CVE-2023-47625
CVE-2023-44321A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB205-3 (ST, PN) (All versions < V4.5), SCALANCE XB205-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB205-3LD (SC, PN) (All versions < V4.5), SCALANCE XB208 (E/IP) (All versions < V4.5), SCALANCE XB208 (PN) (All versions < V4.5), SCALANCE XB213-3 (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3 (SC, PN) (All versions < V4.5), SCALANCE XB213-3 (ST, E/IP) (All versions < V4.5), SCALANCE XB213-3 (ST, PN) (All versions < V4.5), SCALANCE XB213-3LD (SC, E/IP) (All versions < V4.5), SCALANCE XB213-3LD (SC, PN) (All versions < V4.5), SCALANCE XB216 (E/IP) (All versions < V4.5), SCALANCE XB216 (PN) (All versions < V4.5), SCALANCE XC206-2 (SC) (All versions < V4.5), SCALANCE XC206-2 (ST/BFOC) (All versions < V4.5), SCALANCE XC206-2G PoE (All versions < V4.5), SCALANCE XC206-2G PoE (54 V DC) (All versions < V4.5), SCALANCE XC206-2G PoE EEC (54 V DC) (All versions < V4.5), SCALANCE XC206-2SFP (All versions < V4.5), SCALANCE XC206-2SFP EEC (All versions < V4.5), SCALANCE XC206-2SFP G (All versions < V4.5), SCALANCE XC206-2SFP G (EIP DEF.) (All versions < V4.5), SCALANCE XC206-2SFP G EEC (All versions < V4.5), SCALANCE XC208 (All versions < V4.5), SCALANCE XC208EEC (All versions < V4.5), SCALANCE XC208G (All versions < V4.5), SCALANCE XC208G (EIP def.) (All versions < V4.5), SCALANCE XC208G EEC (All versions < V4.5), SCALANCE XC208G PoE (All versions < V4.5), SCALANCE XC208G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216 (All versions < V4.5), SCALANCE XC216-3G PoE (All versions < V4.5), SCALANCE XC216-3G PoE (54 V DC) (All versions < V4.5), SCALANCE XC216-4C (All versions < V4.5), SCALANCE XC216-4C G (All versions < V4.5), SCALANCE XC216-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC216-4C G EEC (All versions < V4.5), SCALANCE XC216EEC (All versions < V4.5), SCALANCE XC224 (All versions < V4.5), SCALANCE XC224-4C G (All versions < V4.5), SCALANCE XC224-4C G (EIP Def.) (All versions < V4.5), SCALANCE XC224-4C G EEC (All versions < V4.5), SCALANCE XF204 (All versions < V4.5), SCALANCE XF204 DNA (All versions < V4.5), SCALANCE XF204-2BA (All versions < V4.5), SCALANCE XF204-2BA DNA (All versions < V4.5), SCALANCE XP208 (All versions < V4.5), SCALANCE XP208 (Ethernet/IP) (All versions < V4.5), SCALANCE XP208EEC (All versions < V4.5), SCALANCE XP208PoE EEC (All versions < V4.5), SCALANCE XP216 (All versions < V4.5), SCALANCE XP216 (Ethernet/IP) (All versions < V4.5), SCALANCE XP216EEC (All versions < V4.5), SCALANCE XP216POE EEC (All versions < V4.5), SCALANCE XR324WG (24 x FE, AC 230V) (All versions < V4.5), SCALANCE XR324WG (24 X FE, DC 24V) (All versions < V4.5), SCALANCE XR326-2C PoE WG (All versions < V4.5), SCALANCE XR326-2C PoE WG (without UL) (All versions < V4.5), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, AC 230V) (All versions < V4.5), SCALANCE XR328-4C WG (28xGE, DC 24V) (All versions < V4.5), SIPLUS NET SCALANCE XC206-2 (All versions < V4.5), SIPLUS NET SCALANCE XC206-2SFP (All versions < V4.5), SIPLUS NET SCALANCE XC208 (All versions < V4.5), SIPLUS NET SCALANCE XC216-4C (All versions < V4.5). Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again.2.7https://nvd.nist.gov/vuln/detail/CVE-2023-44321
CVE-2023-22329Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via adjacent access.2.6https://nvd.nist.gov/vuln/detail/CVE-2023-22329
CVE-2023-6103A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-245065 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2.4https://nvd.nist.gov/vuln/detail/CVE-2023-6103
CVE-2023-47616A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get access to a sensitive data on the targeted system.2.4https://nvd.nist.gov/vuln/detail/CVE-2023-47616
CVE-2023-22313Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access.2.3https://nvd.nist.gov/vuln/detail/CVE-2023-22313
CVE-2023-45585An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, version 5.3.3 and below may allow an authenticated user to view an encrypted ElasticSearch password via debug log files generated when FortiSIEM is configured with ElasticSearch Event Storage.2.3https://nvd.nist.gov/vuln/detail/CVE-2023-45585
CVE-2022-46647Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.2.2https://nvd.nist.gov/vuln/detail/CVE-2022-46647
CVE-2022-46646Exposure of sensitive information to an unauthorized actor for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.2.2https://nvd.nist.gov/vuln/detail/CVE-2022-46646
CVE-2022-45469Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.2.2https://nvd.nist.gov/vuln/detail/CVE-2022-45469
CVE-2022-46301Improper Initialization for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.1.9https://nvd.nist.gov/vuln/detail/CVE-2022-46301
CVE-2022-46298Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.1.9https://nvd.nist.gov/vuln/detail/CVE-2022-46298
CVE-2022-41659Improper access control for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.1.9https://nvd.nist.gov/vuln/detail/CVE-2022-41659
CVE-2023-5760A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests. This TOCTOU bug leads to an out-of-bounds write vulnerability which can be further exploited, allowing an attacker to gain full local privilege escalation on the system.This issue affects Avast/Avg Antivirus: 23.8.\n\n0https://nvd.nist.gov/vuln/detail/CVE-2023-5760
CVE-2023-41570MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API.https://nvd.nist.gov/vuln/detail/CVE-2023-41570
CVE-2023-46582SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary SQL commands via the id paramter in the deleteProduct.php component.https://nvd.nist.gov/vuln/detail/CVE-2023-46582
CVE-2023-46581SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary code via the name, uname and email parameters in the registration.php component.https://nvd.nist.gov/vuln/detail/CVE-2023-46581
CVE-2023-46580Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component.https://nvd.nist.gov/vuln/detail/CVE-2023-46580
CVE-2023-46026Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters.https://nvd.nist.gov/vuln/detail/CVE-2023-46026
CVE-2023-46025SQL Injection vulnerability in teacher-info.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to obtain sensitive information via the 'editid' parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-46025
CVE-2023-46024SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-46024
CVE-2023-46023SQL injection vulnerability in addTask.php in Code-Projects Simple Task List 1.0 allows attackers to obtain sensitive information via the 'status' parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-46023
CVE-2023-46022SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-46022
CVE-2022-45781Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows attackers to run arbitrary code via /goform/SetOnlineDevName.https://nvd.nist.gov/vuln/detail/CVE-2022-45781
CVE-2023-34060VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from\nan older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login\nrestrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider\nand tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present.https://nvd.nist.gov/vuln/detail/CVE-2023-34060
CVE-2023-47384MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.https://nvd.nist.gov/vuln/detail/CVE-2023-47384
CVE-2023-31320Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-31320
CVE-2023-20596Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20596
CVE-2023-20592Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20592
CVE-2023-20571A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20571
CVE-2023-20568Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20568
CVE-2023-20567Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20567
CVE-2023-20566Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20566
CVE-2023-20565Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20565
CVE-2023-20563Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20563
CVE-2023-20533Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20533
CVE-2023-20526Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20526
CVE-2023-20521TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20521
CVE-2023-20519A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20519
CVE-2022-23830SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23830
CVE-2022-23821Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23821
CVE-2022-23820Failure to validate the AMD SMM communication buffer\nmay allow an attacker to corrupt the SMRAM potentially leading to arbitrary\ncode execution.\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23820
CVE-2021-46774Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-46774
CVE-2021-46766Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-46766
CVE-2021-46758Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-46758
CVE-2021-46748Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-46748
CVE-2021-26345Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-26345
CVE-2023-6131Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.https://nvd.nist.gov/vuln/detail/CVE-2023-6131
CVE-2023-6130Path Traversal: '\\..\\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.https://nvd.nist.gov/vuln/detail/CVE-2023-6130
CVE-2023-48094A cross-site scripting (XSS) vulnerability in CesiumJS v1.111 allows attackers to execute arbitrary code in the context of the victim's browser via sending a crafted payload to /container_files/public_html/doc/index.html.https://nvd.nist.gov/vuln/detail/CVE-2023-48094
CVE-2023-6128Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.https://nvd.nist.gov/vuln/detail/CVE-2023-6128
CVE-2023-6127Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.https://nvd.nist.gov/vuln/detail/CVE-2023-6127
CVE-2023-6126Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.https://nvd.nist.gov/vuln/detail/CVE-2023-6126
CVE-2023-6125Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.https://nvd.nist.gov/vuln/detail/CVE-2023-6125
CVE-2023-47262In Abbott ID NOW before 7.1, settings can be modified via physical access to an internal serial port.https://nvd.nist.gov/vuln/detail/CVE-2023-47262
CVE-2023-6124Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2, 7.12.14.https://nvd.nist.gov/vuln/detail/CVE-2023-6124
CVE-2023-48021Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/update.https://nvd.nist.gov/vuln/detail/CVE-2023-48021
CVE-2023-48020Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/changeStatus.https://nvd.nist.gov/vuln/detail/CVE-2023-48020
CVE-2023-45684Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed versions are 3.18.6 and 3.21.3. The earliest affected version is 3.6.0. The issue is in the Mission Portal login page in the CFEngine hub.https://nvd.nist.gov/vuln/detail/CVE-2023-45684
CVE-2023-47609SQL injection vulnerability in OSS Calendar versions prior to v.2.0.3 allows a remote authenticated attacker to execute arbitrary code or obtain and/or alter the information stored in the database by sending a specially crafted request.https://nvd.nist.gov/vuln/detail/CVE-2023-47609
CVE-2023-45881GibbonEdu Gibbon through version 25.0.0 allows /modules/Planner/resources_addQuick_ajaxProcess.php file upload with resultant XSS. The imageAsLinks parameter must be set to Y to return HTML code. The filename attribute of the bodyfile1 parameter is reflected in the response.https://nvd.nist.gov/vuln/detail/CVE-2023-45881
CVE-2023-45880GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname (and extension). This allows creation of PHP files outside of the uploads directory, directly in the webroot.https://nvd.nist.gov/vuln/detail/CVE-2023-45880
CVE-2023-45879GibbonEdu Gibbon version 25.0.0 allows HTML Injection via an IFRAME element to the Messager component.https://nvd.nist.gov/vuln/detail/CVE-2023-45879
CVE-2023-45878GibbonEdu Gibbon version 25.0.1 and before allows Arbitrary File Write because rubrics_visualise_saveAjax.phps does not require authentication. The endpoint accepts the img, path, and gibbonPersonID parameters. The img parameter is expected to be a base64 encoded image. If the path parameter is set, the defined path is used as the destination folder, concatenated with the absolute path of the installation directory. The content of the img parameter is base64 decoded and written to the defined file path. This allows creation of PHP files that permit Remote Code Execution (unauthenticated).https://nvd.nist.gov/vuln/detail/CVE-2023-45878
CVE-2023-43902Incorrect access control in the Forgot Your Password function of EMSigner v2.8.7 allows unauthenticated attackers to access accounts of all registered users, including those with administrator privileges via a crafted password reset token.https://nvd.nist.gov/vuln/detail/CVE-2023-43902
CVE-2023-43901Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user.https://nvd.nist.gov/vuln/detail/CVE-2023-43901
CVE-2023-43900Insecure Direct Object References (IDOR) in EMSigner v2.8.7 allow attackers to gain unauthorized access to application content and view sensitive data of other users via manipulation of the documentID and EncryptedDocumentId parameters.https://nvd.nist.gov/vuln/detail/CVE-2023-43900
CVE-2023-42326An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.https://nvd.nist.gov/vuln/detail/CVE-2023-42326
CVE-2023-42327Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page.https://nvd.nist.gov/vuln/detail/CVE-2023-42327
CVE-2023-42325Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.https://nvd.nist.gov/vuln/detail/CVE-2023-42325
CVE-2023-31754Optimizely CMS UI before v12.16.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Admin panel.https://nvd.nist.gov/vuln/detail/CVE-2023-31754
CVE-2023-46446An issue in AsyncSSH v2.14.0 and earlier allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation.https://nvd.nist.gov/vuln/detail/CVE-2023-46446
CVE-2023-46445An issue in AsyncSSH v2.14.0 and earlier allows attackers to control the extension info message (RFC 8308) via a man-in-the-middle attack.https://nvd.nist.gov/vuln/detail/CVE-2023-46445
CVE-2023-45560An issue in Yasukawa memberscard v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.https://nvd.nist.gov/vuln/detail/CVE-2023-45560
CVE-2023-45558An issue in Golden v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.https://nvd.nist.gov/vuln/detail/CVE-2023-45558
CVE-2023-6115Rejected reason: DUPLICATE CVEhttps://nvd.nist.gov/vuln/detail/CVE-2023-6115
CVE-2023-6107Rejected reason: Accidental Request.https://nvd.nist.gov/vuln/detail/CVE-2023-6107
CVE-2023-6106Rejected reason: Accidental request.https://nvd.nist.gov/vuln/detail/CVE-2023-6106
CVE-2023-6092Rejected reason: DUPLICATE, accidental request.https://nvd.nist.gov/vuln/detail/CVE-2023-6092
CVE-2023-6089Rejected reason: Accidental Request.https://nvd.nist.gov/vuln/detail/CVE-2023-6089
CVE-2023-6088Rejected reason: Accidental Request.https://nvd.nist.gov/vuln/detail/CVE-2023-6088
CVE-2023-6087Rejected reason: Accidental Request.https://nvd.nist.gov/vuln/detail/CVE-2023-6087
CVE-2023-6086Rejected reason: Accidental request.https://nvd.nist.gov/vuln/detail/CVE-2023-6086
CVE-2023-6085Rejected reason: Accidental request.https://nvd.nist.gov/vuln/detail/CVE-2023-6085
CVE-2023-6083Rejected reason: Accidental Request.https://nvd.nist.gov/vuln/detail/CVE-2023-6083
CVE-2023-6034Rejected reason: Accidental request.https://nvd.nist.gov/vuln/detail/CVE-2023-6034
CVE-2023-6010Rejected reason: Accidental Request.https://nvd.nist.gov/vuln/detail/CVE-2023-6010
CVE-2023-5977Rejected reason: Accidental Request.https://nvd.nist.gov/vuln/detail/CVE-2023-5977
CVE-2023-46021SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-46021
CVE-2023-46020Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.https://nvd.nist.gov/vuln/detail/CVE-2023-46020
CVE-2023-46019Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-46019
CVE-2023-47346Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages.https://nvd.nist.gov/vuln/detail/CVE-2023-47346
CVE-2023-46018SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \\allows attackers to run arbitrary SQL commands via 'remail' parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-46018
CVE-2023-46017SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.https://nvd.nist.gov/vuln/detail/CVE-2023-46017
CVE-2023-46016Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL.https://nvd.nist.gov/vuln/detail/CVE-2023-46016
CVE-2023-46015Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL.https://nvd.nist.gov/vuln/detail/CVE-2023-46015
CVE-2023-46014SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.https://nvd.nist.gov/vuln/detail/CVE-2023-46014
CVE-2023-5999Rejected reason: This is a duplicate.https://nvd.nist.gov/vuln/detail/CVE-2023-5999
CVE-2023-48068DedeCMS v6.2 was discovered to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php.https://nvd.nist.gov/vuln/detail/CVE-2023-48068
CVE-2023-48063An issue was discovered in dreamer_cms 4.1.3. There is a CSRF vulnerability that can delete a theme project via /admin/category/delete.https://nvd.nist.gov/vuln/detail/CVE-2023-48063
CVE-2023-48060Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/task/addhttps://nvd.nist.gov/vuln/detail/CVE-2023-48060
CVE-2023-48058Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/task/runhttps://nvd.nist.gov/vuln/detail/CVE-2023-48058
CVE-2023-6104Rejected reason: The CVE Record was published by accident.https://nvd.nist.gov/vuln/detail/CVE-2023-6104
CVE-2023-47801An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security Administrators) could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password Record API Key to Copy/Move private password records.https://nvd.nist.gov/vuln/detail/CVE-2023-47801
CVE-2023-5037Rejected reason: CVE number will be reassigned.https://nvd.nist.gov/vuln/detail/CVE-2023-5037
CVE-2023-47163Remarshal prior to v0.17.1 expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack. Processing untrusted YAML files may cause a denial-of-service (DoS) condition.https://nvd.nist.gov/vuln/detail/CVE-2023-47163
CVE-2023-28134Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-28134
CVE-2023-47037We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then. \n\nApache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc. \n\nUsers should upgrade to version 2.7.3 or later which has removed the vulnerability.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-47037
CVE-2023-42781Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs.  This is a different issue than CVE-2023-42663 but leading to similar outcome.\nUsers of Apache Airflow are advised to upgrade to version 2.7.3 or newer to mitigate the risk associated with this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-42781
CVE-2023-47390Headscale through 0.22.3 writes bearer tokens to info-level logs.https://nvd.nist.gov/vuln/detail/CVE-2023-47390
CVE-2023-46850Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.https://nvd.nist.gov/vuln/detail/CVE-2023-46850
CVE-2023-46849Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.https://nvd.nist.gov/vuln/detail/CVE-2023-46849
CVE-2023-31078Cross-Site Request Forgery (CSRF) vulnerability in Marco Steinbrecher WP BrowserUpdate plugin <= 4.4.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-31078
CVE-2023-31077Cross-Site Request Forgery (CSRF) vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin <= 2.1.9 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-31077
CVE-2023-30478Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters plugin <= 4.8.8 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-30478
CVE-2023-29440Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board plugin <= 2.10.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-29440
CVE-2023-29428Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress plugin <= 1.1.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-29428
CVE-2023-29426Cross-Site Request Forgery (CSRF) vulnerability in Robert Schulz (sprd.Net AG) Spreadshop plugin <= 1.6.5 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-29426
CVE-2023-47164Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.https://nvd.nist.gov/vuln/detail/CVE-2023-47164
CVE-2023-47800Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL services.https://nvd.nist.gov/vuln/detail/CVE-2023-47800
CVE-2023-39796SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-39796
CVE-2023-6069Improper Input Validation in GitHub repository froxlor/froxlor prior to 2.1.0.https://nvd.nist.gov/vuln/detail/CVE-2023-6069
CVE-2023-32502Cross-Site Request Forgery (CSRF) vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin <= 1.0.7 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32502
CVE-2023-32501Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.6.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32501
CVE-2023-32500Cross-Site Request Forgery (CSRF) vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme <= 7.1.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32500
CVE-2023-32125Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.6 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32125
CVE-2023-32093Cross-Site Request Forgery (CSRF) vulnerability in Criss Swaim TPG Redirect plugin <= 1.0.7 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32093
CVE-2023-32092Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin <= 6.0.9.0 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32092
CVE-2023-31235Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.9 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-31235
CVE-2023-31093Cross-Site Request Forgery (CSRF) vulnerability in Chronosly Chronosly Events Calendar plugin <= 2.6.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-31093
CVE-2023-31088Cross-Site Request Forgery (CSRF) vulnerability in Faraz Quazi Floating Action Button plugin <= 1.2.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-31088
CVE-2023-31086Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin <= 2.46.0 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-31086
CVE-2023-32592Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin <= 1.0.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32592
CVE-2023-32587Cross-Site Request Forgery (CSRF) vulnerability in WP Reactions, LLC WP Reactions Lite plugin <= 1.3.8 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32587
CVE-2023-32579Cross-Site Request Forgery (CSRF) vulnerability in Designs & Code Forget About Shortcode Buttons plugin <= 2.1.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32579
CVE-2023-32512Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32512
CVE-2023-29975An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any user without verification.https://nvd.nist.gov/vuln/detail/CVE-2023-29975
CVE-2023-34031Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34031
CVE-2023-34025Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Hide Login plugin <= 2.1.6 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34025
CVE-2023-34024Cross-Site Request Forgery (CSRF) vulnerability in Guillemant David WP Full Auto Tags Manager plugin <= 2.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34024
CVE-2023-32794Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32794
CVE-2023-32745Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32745
CVE-2023-32744Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Recommendations plugin <= 2.3.0 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32744
CVE-2023-32739Cross-Site Request Forgery (CSRF) vulnerability in Web_Trendy WP Custom Cursors | WordPress Cursor Plugin plugin < 3.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32739
CVE-2023-32602Cross-Site Request Forgery (CSRF) vulnerability in LOKALYZE CALL ME NOW plugin <= 3.0 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32602
CVE-2023-32594Cross-Site Request Forgery (CSRF) vulnerability in Benedict B., Maciej Gryniuk Hyphenator plugin <= 5.1.5 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32594
CVE-2023-34177Cross-Site Request Forgery (CSRF) vulnerability in Kenth Hagström WP-Cache.Com plugin <= 1.1.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34177
CVE-2023-34171Cross-Site Request Forgery (CSRF) vulnerability in Alex Raven WP Report Post plugin <= 2.1.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34171
CVE-2023-34169Cross-Site Request Forgery (CSRF) vulnerability in SAKURA Internet Inc. TS Webfonts for ??????????? plugin <= 3.1.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34169
CVE-2023-34033Cross-Site Request Forgery (CSRF) vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin <= 2.0.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34033
CVE-2023-47238Cross-Site Request Forgery (CSRF) vulnerability in WebberZone Top 10 – WordPress Popular posts by WebberZone plugin <= 3.3.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-47238
CVE-2023-47237Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson Auto Publish for Google My Business plugin <= 3.7 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-47237
CVE-2023-34371Cross-Site Request Forgery (CSRF) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34371
CVE-2023-34182Cross-Site Request Forgery (CSRF) vulnerability in Peter Shaw LH Password Changer plugin <= 1.55 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34182
CVE-2023-34181Cross-Site Request Forgery (CSRF) vulnerability in WP-Cirrus plugin <= 0.6.11 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34181
CVE-2023-34178Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34178
CVE-2023-46614Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao Corp WP Helper Premium plugin <= 4.5.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-46614
CVE-2023-34386Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin <= 4.7.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34386
CVE-2023-34002Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory Manager plugin <= 2.1.0.13 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-34002
CVE-2023-31087Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-31087
CVE-2023-25975Cross-Site Request Forgery (CSRF) vulnerability in Frédéric Sheedy Etsy Shop plugin <= 3.0.3 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-25975
CVE-2023-45885Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to run arbitrary code via the new component feature in the flexibleLayout plugin.https://nvd.nist.gov/vuln/detail/CVE-2023-45885
CVE-2023-45884Cross Site Request Forgery (CSRF) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to view sensitive information via the flexibleLayout plugin.https://nvd.nist.gov/vuln/detail/CVE-2023-45884
CVE-2023-45284On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local.https://nvd.nist.gov/vuln/detail/CVE-2023-45284
CVE-2023-45283The filepath package does not recognize paths with a \\??\\ prefix as special. On Windows, a path beginning with \\??\\ is a Root Local Device path equivalent to a path beginning with \\\\?\\. Paths with a \\??\\ prefix may be used to access arbitrary locations on the system. For example, the path \\??\\c:\\x is equivalent to the more common path c:\\x. Before fix, Clean could convert a rooted path such as \\a\\..\\??\\b into the root local device path \\??\\b. Clean will now convert this to .\\??\\b. Similarly, Join(\\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \\??\\b. Join will now convert this to \\.\\??\\b. In addition, with fix, IsAbs now correctly reports paths beginning with \\??\\ as absolute, and VolumeName correctly reports the \\??\\ prefix as a volume name.https://nvd.nist.gov/vuln/detail/CVE-2023-45283
CVE-2023-46894An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm.https://nvd.nist.gov/vuln/detail/CVE-2023-46894
CVE-2023-36688Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Mann Simple Site Verify plugin <= 1.0.7 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-36688
CVE-2023-25994Cross-Site Request Forgery (CSRF) vulnerability in Alex Benfica Publish to Schedule plugin <= 4.4.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-25994
CVE-2023-47373The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims.https://nvd.nist.gov/vuln/detail/CVE-2023-47373
CVE-2023-47372The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers to send malicious notifications to victims.https://nvd.nist.gov/vuln/detail/CVE-2023-47372
CVE-2023-47370The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims.https://nvd.nist.gov/vuln/detail/CVE-2023-47370
CVE-2023-47368The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send malicious notifications to victims.https://nvd.nist.gov/vuln/detail/CVE-2023-47368
CVE-2023-4612Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. It is unknown whether in new versions the issue will be fixed. For the date of publication there is no patch, and the vendor does not treat it as a vulnerability.\n\n\n\n\n\n\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-4612
CVE-2023-47369The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers to send malicious notifications.https://nvd.nist.gov/vuln/detail/CVE-2023-47369
CVE-2023-47367The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to send malicious notifications to victims.https://nvd.nist.gov/vuln/detail/CVE-2023-47367
CVE-2023-47366The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send malicious notifications to victims.https://nvd.nist.gov/vuln/detail/CVE-2023-47366
CVE-2023-47365The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to send malicious notifications to victims.https://nvd.nist.gov/vuln/detail/CVE-2023-47365
CVE-2023-47364The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send malicious notifications to victimshttps://nvd.nist.gov/vuln/detail/CVE-2023-47364
CVE-2023-47363The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send malicious notifications to victims.https://nvd.nist.gov/vuln/detail/CVE-2023-47363
CVE-2023-47248Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources (for example user-supplied input files).\n\nThis vulnerability only affects PyArrow, not other Apache Arrow implementations or bindings.\n\nIt is recommended that users of PyArrow upgrade to 14.0.1. Similarly, it is recommended that downstream libraries upgrade their dependency requirements to PyArrow 14.0.1 or later. PyPI packages are already available, and we hope that conda-forge packages will be available soon.\n\nIf it is not possible to upgrade, we provide a separate package `pyarrow-hotfix` that disables the vulnerability on older PyArrow versions. See https://pypi.org/project/pyarrow-hotfix/ for instructions.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-47248
CVE-2023-47489An issue in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components.https://nvd.nist.gov/vuln/detail/CVE-2023-47489
CVE-2023-47488Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attrib_manager_id parameter in the General Information page and the id parameter in the contact page.https://nvd.nist.gov/vuln/detail/CVE-2023-47488
CVE-2023-46492Cross Site Scripting vulnerability in MLDB.ai v.2017.04.17.0 allows a remote attacker to execute arbitrary code via a crafted payload to the public_html/doc/index.html.https://nvd.nist.gov/vuln/detail/CVE-2023-46492
CVE-2023-47008An issue in ASUS RT-AX57 v.3.0.0.4_386_52041 allows a remote attacker to execute arbitrary code via a crafted request to the ifname field in the sub_4CCE4 function.https://nvd.nist.gov/vuln/detail/CVE-2023-47008
CVE-2023-47007An issue in ASUS RT-AX57 v.3.0.0.4_386_52041 allows a remote attacker to execute arbitrary code via a crafted request to the lan_ifname field in the sub_391B8 function.https://nvd.nist.gov/vuln/detail/CVE-2023-47007
CVE-2023-47006An issue in ASUS RT-AX57 v.3.0.0.4_386_52041 allows a remote attacker to execute arbitrary code via a crafted request to the lan_ipaddr field in the sub_6FC74 function.https://nvd.nist.gov/vuln/detail/CVE-2023-47006
CVE-2023-47005An issue in ASUS RT-AX57 v.3.0.0.4_386_52041 allows a remote attacker to execute arbitrary code via a crafted request to the lan_ifname field in the sub_ln 2C318 function.https://nvd.nist.gov/vuln/detail/CVE-2023-47005
CVE-2023-37790Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function.https://nvd.nist.gov/vuln/detail/CVE-2023-37790
CVE-2023-36667Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal.https://nvd.nist.gov/vuln/detail/CVE-2023-36667
CVE-2023-46363jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512.https://nvd.nist.gov/vuln/detail/CVE-2023-46363
CVE-2023-46362jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2enc_auto_threshold_using_hash in src/jbig2enc.cc.https://nvd.nist.gov/vuln/detail/CVE-2023-46362
CVE-2023-45875An issue was discovered in Couchbase Server 7.2.0. There is a private key leak in debug.log while adding a pre-7.0 node to a 7.2 cluster.https://nvd.nist.gov/vuln/detail/CVE-2023-45875
CVE-2023-45857An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.https://nvd.nist.gov/vuln/detail/CVE-2023-45857
CVE-2023-29974An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements.https://nvd.nist.gov/vuln/detail/CVE-2023-29974
CVE-2023-0392The LDAP Agent Update service with versions prior to 5.18 used an unquoted path, which could allow arbitrary code execution.https://nvd.nist.gov/vuln/detail/CVE-2023-0392
CVE-2023-5996Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)https://nvd.nist.gov/vuln/detail/CVE-2023-5996
CVE-2023-47231Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bainternet ShortCodes UI plugin <= 1.9.8 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-47231
CVE-2023-47229Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Vyas Dipen Top 25 Social Icons plugin <= 3.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-47229
CVE-2023-47181Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Gibson IdeaPush plugin <= 8.52 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-47181
CVE-2023-47379Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.https://nvd.nist.gov/vuln/detail/CVE-2023-47379
CVE-2023-46643Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <= 3.2.0 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-46643
CVE-2023-46642Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <= 1.2.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-46642
CVE-2023-47397WeBid <=1.2.2 is vulnerable to code injection via admin/categoriestrans.php.https://nvd.nist.gov/vuln/detail/CVE-2023-47397
CVE-2023-46621Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Enej Bajgoric / Gagan Sandhu / CTLT DEV User Avatar plugin <= 1.4.11 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-46621
CVE-2023-46613Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jens Kuerschner Add to Calendar Button plugin <= 1.5.1 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-46613
CVE-2023-32298Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kathy Darling Simple User Listing plugin <= 1.9.2 versions.https://nvd.nist.gov/vuln/detail/CVE-2023-32298
CVE-2023-46759Permission control vulnerability in the call module. Successful exploitation of this vulnerability may affect service confidentiality.https://nvd.nist.gov/vuln/detail/CVE-2023-46759
CVE-2023-46758Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.https://nvd.nist.gov/vuln/detail/CVE-2023-46758
CVE-2023-46757The remote PIN module has a vulnerability that causes incorrect information storage locations.Successful exploitation of this vulnerability may affect confidentiality.https://nvd.nist.gov/vuln/detail/CVE-2023-46757
CVE-2023-46756Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.https://nvd.nist.gov/vuln/detail/CVE-2023-46756
CVE-2023-46772Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data.https://nvd.nist.gov/vuln/detail/CVE-2023-46772
CVE-2023-46765Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.https://nvd.nist.gov/vuln/detail/CVE-2023-46765
CVE-2023-46764Unauthorized startup vulnerability of background apps. Successful exploitation of this vulnerability may cause background apps to start maliciously.https://nvd.nist.gov/vuln/detail/CVE-2023-46764
CVE-2023-46763Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously.https://nvd.nist.gov/vuln/detail/CVE-2023-46763
CVE-2023-5978In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints.  When only a list of resolvable domain names was specified without setting any other limitations, an application could submit a new list of domains including include entries not previously listed.  This could permit the application to resolve domain names that were previously restricted.https://nvd.nist.gov/vuln/detail/CVE-2023-5978
CVE-2023-5941In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error.  Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned from the write(2) system call (or an overridden stdio write routine) a heap buffer overflow may occur. Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program.https://nvd.nist.gov/vuln/detail/CVE-2023-5941
CVE-2023-39913Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0.\n\nUsers are recommended to upgrade to version 3.5.0, which fixes the issue.\n\nThere are several locations in the code where serialized Java objects are deserialized without verifying the data. This affects in particular:\n * the deserialization of a Java-serialized CAS, but also other binary CAS formats that include TSI information using the CasIOUtils class;\n * the CAS Editor Eclipse plugin which uses the the CasIOUtils class to load data;\n * the deserialization of a Java-serialized CAS of the Vinci Analysis Engine service which can receive using Java-serialized CAS objects over network connections;\n * the CasAnnotationViewerApplet and the CasTreeViewerApplet;\n * the checkpointing feature of the CPE module.\n\nNote that the UIMA framework by default does not start any remotely accessible services (i.e. Vinci) that would be vulnerable to this issue. A user or developer would need to make an active choice to start such a service. However, users or developers may use the CasIOUtils in their own applications and services to parse serialized CAS data. They are affected by this issue unless they ensure that the data passed to CasIOUtils is not a serialized Java object.\n\nWhen using Vinci or using CasIOUtils in own services/applications, the unrestricted deserialization of Java-serialized CAS files may allow arbitrary (remote) code execution.\n\nAs a remedy, it is possible to set up a global or context-specific ObjectInputFilter (cf. https://openjdk.org/jeps/290  and  https://openjdk.org/jeps/415 ) if running UIMA on a Java version that supports it. \n\nNote that Java 1.8 does not support the ObjectInputFilter, so there is no remedy when running on this out-of-support platform. An upgrade to a recent Java version is strongly recommended if you need to secure an UIMA version that is affected by this issue.\n\nTo mitigate the issue on a Java 9+ platform, you can configure a filter pattern through the "jdk.serialFilter" system property using a semicolon as a separator:\n\nTo allow deserializing Java-serialized binary CASes, add the classes:\n * org.apache.uima.cas.impl.CASCompleteSerializer\n * org.apache.uima.cas.impl.CASMgrSerializer\n * org.apache.uima.cas.impl.CASSerializer\n * java.lang.String\n\nTo allow deserializing CPE Checkpoint data, add the following classes (and any custom classes your application uses to store its checkpoints):\n * org.apache.uima.collection.impl.cpm.CheckpointData\n * org.apache.uima.util.ProcessTrace\n * org.apache.uima.util.impl.ProcessTrace_impl\n * org.apache.uima.collection.base_cpm.SynchPoint\n\nMake sure to use "!*" as the final component to the filter pattern to disallow deserialization of any classes not listed in the pattern.\n\nApache UIMA 3.5.0 uses tightly scoped ObjectInputFilters when reading Java-serialized data depending on the type of data being expected. Configuring a global filter is not necessary with this version.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-39913
CVE-2023-44115Vulnerability of improper permission control in the Booster module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.https://nvd.nist.gov/vuln/detail/CVE-2023-44115
CVE-2023-5801Vulnerability of identity verification being bypassed in the face unlock module. Successful exploitation of this vulnerability will affect integrity and confidentiality.https://nvd.nist.gov/vuln/detail/CVE-2023-5801
CVE-2023-46770Out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may cause mistouch prevention errors on users' mobile phones.https://nvd.nist.gov/vuln/detail/CVE-2023-46770
CVE-2023-46769Use-After-Free (UAF) vulnerability in the dubai module. Successful exploitation of this vulnerability will affect availability.https://nvd.nist.gov/vuln/detail/CVE-2023-46769
CVE-2023-46768Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally.https://nvd.nist.gov/vuln/detail/CVE-2023-46768
Tags
Bulletins
Share