Published on 27 Dec 2023
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:
Critical | vulnerabilities with a base score of 9.0 to 10.0 |
High | vulnerabilities with a base score of 7.0 to 8.9 |
Medium | vulnerabilities with a base score of 4.0 to 6.9 |
Low | vulnerabilities with a base score of 0.1 to 3.9 |
None | vulnerabilities with a base score of 0.0 |
For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.
CVE Number | Description | Base Score | Reference |
---|---|---|---|
CVE-2023-49778 | Deserialization of Untrusted Data vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-49778 |
CVE-2023-25970 | Unrestricted Upload of File with Dangerous Type vulnerability in Zendrop Zendrop – Global Dropshipping.This issue affects Zendrop – Global Dropshipping: from n/a through 1.0.0. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-25970 |
CVE-2023-29384 | Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.0. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-29384 |
CVE-2023-49773 | Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-49773 |
CVE-2023-49772 | Deserialization of Untrusted Data vulnerability in Phpbits Creative Studio Genesis Simple Love.This issue affects Genesis Simple Love: from n/a through 2.0. | 10 | https://nvd.nist.gov/vuln/detail/CVE-2023-49772 |
CVE-2023-23970 | Unrestricted Upload of File with Dangerous Type vulnerability in WooRockets Corsa.This issue affects Corsa: from n/a through 1.5. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-23970 |
CVE-2023-46149 | Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-46149 |
CVE-2023-34385 | Unrestricted Upload of File with Dangerous Type vulnerability in Akshay Menariya Export Import Menus.This issue affects Export Import Menus: from n/a through 1.8.0. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-34385 |
CVE-2023-34007 | Unrestricted Upload of File with Dangerous Type vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.3. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-34007 |
CVE-2023-33318 | Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-33318 |
CVE-2023-31231 | Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.65. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-31231 |
CVE-2023-31215 | Unrestricted Upload of File with Dangerous Type vulnerability in AmaderCode Lab Dropshipping & Affiliation with Amazon.This issue affects Dropshipping & Affiliation with Amazon: from n/a through 2.1.2. | 9.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-31215 |
CVE-2023-7095 | A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248942 is the identifier assigned to this vulnerability. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-7095 |
CVE-2023-49690 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'WalkinId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49690 |
CVE-2023-49689 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49689 |
CVE-2023-49688 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49688 |
CVE-2023-49687 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtPass' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49687 |
CVE-2023-49686 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTotal' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49686 |
CVE-2023-49685 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTime' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49685 |
CVE-2023-49684 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTitle' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49684 |
CVE-2023-49683 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtDesc' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49683 |
CVE-2023-49682 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtDate' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49682 |
CVE-2023-49681 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49681 |
CVE-2023-49680 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTotal' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49680 |
CVE-2023-49679 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTitle' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49679 |
CVE-2023-49678 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtDesc' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49678 |
CVE-2023-49677 | Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49677 |
CVE-2023-48723 | Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'rno' parameter of the add_results.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48723 |
CVE-2023-48722 | Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_results.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48722 |
CVE-2023-48720 | Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48720 |
CVE-2023-48719 | Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'roll_no' parameter of the add_students.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48719 |
CVE-2023-48718 | Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_students.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48718 |
CVE-2023-48717 | Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_classes.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48717 |
CVE-2023-48716 | Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_id' parameter of the add_classes.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48716 |
CVE-2023-48690 | Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bynum' parameter of the train.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48690 |
CVE-2023-48689 | Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'byname' parameter of the train.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48689 |
CVE-2023-48688 | Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'to' parameter of the reservation.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48688 |
CVE-2023-48687 | Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'from' parameter of the reservation.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48687 |
CVE-2023-48686 | Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'user' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48686 |
CVE-2023-48685 | Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'psd' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48685 |
CVE-2023-46791 | Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic3' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-46791 |
CVE-2023-45127 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'wrong' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45127 |
CVE-2023-45126 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'total' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45126 |
CVE-2023-45125 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'time' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45125 |
CVE-2023-45124 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'tag' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45124 |
CVE-2023-45123 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'right' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45123 |
CVE-2023-45122 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'name' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45122 |
CVE-2023-45121 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45121 |
CVE-2023-45120 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45120 |
CVE-2023-45119 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45119 |
CVE-2023-45118 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45118 |
CVE-2023-45117 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45117 |
CVE-2023-45116 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45116 |
CVE-2023-45115 | Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-45115 |
CVE-2023-6145 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ?stanbul Soft Informatics and Consultancy Limited Company Softomi Advanced C2C Marketplace Software allows SQL Injection.This issue affects Softomi Advanced C2C Marketplace Software: before 12122023. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6145 |
CVE-2023-32242 | Deserialization of Untrusted Data vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme.This issue affects WoodMart - Multipurpose WooCommerce Theme: from n/a through 1.0.36. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-32242 |
CVE-2023-50992 | Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50992 |
CVE-2023-50990 | Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter in the sysScheduleRebootSet function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50990 |
CVE-2023-50989 | Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50989 |
CVE-2023-50988 | Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the bandwidth parameter in the wifiRadioSetIndoor function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50988 |
CVE-2023-50987 | Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50987 |
CVE-2023-50986 | Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50986 |
CVE-2023-50985 | Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in the lanCfgSet function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50985 |
CVE-2023-50984 | Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50984 |
CVE-2023-50983 | Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50983 |
CVE-2023-48434 | Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the reg_action.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48434 |
CVE-2023-48433 | Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the login_action.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-48433 |
CVE-2023-5011 | Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursename' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-5011 |
CVE-2023-5010 | Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursecode' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-5010 |
CVE-2023-5007 | Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-5007 |
CVE-2023-40010 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in realmag777 HUSKY – Products Filter for WooCommerce Professional.This issue affects HUSKY – Products Filter for WooCommerce Professional: from n/a through 1.3.4.2. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-40010 |
CVE-2023-6768 | Authentication bypass vulnerability in Amazing Little Poll affecting versions 1.3 and 1.4. This vulnerability could allow an unauthenticated user to access the admin panel without providing any credentials by simply accessing the "lp_admin.php?adminstep=" parameter. | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6768 |
CVE-2023-50707 | Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device. | 9.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-50707 |
CVE-2023-50254 | Deepin Linux's default document reader `deepin-reader` software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution (RCE) can be achieved by overwriting files like .bash_rc, .bash_login, etc. RCE will be triggered when the user opens the terminal. Version 6.0.7 contains a patch for the issue. | 9.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50254 |
CVE-2023-49752 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoon themes Adifier - Classified Ads WordPress Theme.This issue affects Adifier - Classified Ads WordPress Theme: from n/a before 3.1.4. | 9.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-49752 |
CVE-2023-49776 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6. | 9.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-49776 |
CVE-2023-32590 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4. | 9.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-32590 |
CVE-2023-50731 | MindsDB is a SQL Server for artificial intelligence. Prior to version 23.11.4.1, the `put` method in `mindsdb/mindsdb/api/http/namespaces/file.py` does not validate the user-controlled name value, which is used in a temporary file name, which is afterwards opened for writing on lines 122-125, which leads to path injection. Later in the method, the temporary directory is deleted on line 151, but since we can write outside of the directory using the path injection vulnerability, the potentially dangerous file is not deleted. Arbitrary file contents can be written due to `f.write(chunk)` on line 125. Mindsdb does check later on line 149 in the `save_file` method in `file-controller.py` which calls the `_handle_source` method in `file_handler.py` if a file is of one of the types `csv`, `json`, `parquet`, `xls`, or `xlsx`. However, since the check happens after the file has already been written, the files will still exist (and will not be removed due to the path injection described earlier), just the `_handle_source` method will return an error. The same user-controlled source source is used also in another path injection sink on line 138. This leads to another path injection, which allows an attacker to delete any `zip` or `tar.gz` files on the server. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-50731 |
CVE-2023-49814 | Unrestricted Upload of File with Dangerous Type vulnerability in Symbiostock symbiostock.This issue affects Symbiostock: from n/a through 6.0.0. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-49814 |
CVE-2023-40204 | Unrestricted Upload of File with Dangerous Type vulnerability in Premio Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager.This issue affects Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager: from n/a through 2.9.2. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-40204 |
CVE-2023-29102 | Unrestricted Upload of File with Dangerous Type vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-29102 |
CVE-2023-28170 | Unrestricted Upload of File with Dangerous Type vulnerability in Themely Theme Demo Import.This issue affects Theme Demo Import: from n/a through 1.1.1. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-28170 |
CVE-2023-47702 | IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view modify files on the system. IBM X-Force ID: 271196. | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-47702 |
CVE-2023-45603 | Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts – Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts – Enable Users to Submit Posts from the Front End: from n/a through 20230902. | 9 | https://nvd.nist.gov/vuln/detail/CVE-2023-45603 |
CVE Number | Description | Base Score | Reference |
---|---|---|---|
CVE-2023-5961 | A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-5961 |
CVE-2023-51448 | Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi payload in the `‘selected_graphs_array’` HTTP GET parameter. As of time of publication, no patched versions exist. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-51448 |
CVE-2023-49085 | Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49085 |
CVE-2023-44482 | Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setsickleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-44482 |
CVE-2023-44481 | Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setearnleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-44481 |
CVE-2023-47706 | IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. IBM X-Force ID: 271341. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-47706 |
CVE-2023-51442 | Navidrome is an open source web-based music collection server and streamer. A security vulnerability has been identified in navidrome's subsonic endpoint, allowing for authentication bypass. This exploit enables unauthorized access to any known account by utilizing a JSON Web Token (JWT) signed with the key "not so secret". The vulnerability can only be exploited on instances that have never been restarted. Navidrome supports an extension to the subsonic authentication scheme, where a JWT can be provided using a `jwt` query parameter instead of the traditional password or token and salt (corresponding to resp. the `p` or `t` and `s` query parameters). This authentication bypass vulnerability potentially affects all instances that don't protect the subsonic endpoint `/rest/`, which is expected to be most instances in a standard deployment, and most instances in the reverse proxy setup too (as the documentation mentions to leave that endpoint unprotected). This issue has been patched in version 0.50.2. | 8.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-51442 |
CVE-2023-29096 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a through 1.7.0. | 8.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-29096 |
CVE-2023-51661 | Wasmer is a WebAssembly runtime that enables containers to run anywhere: from Desktop to the Cloud, Edge and even the browser. Wasm programs can access the filesystem outside of the sandbox. Service providers running untrusted Wasm code on Wasmer can unexpectedly expose the host filesystem. This vulnerability has been patched in version 4.2.4. | 8.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51661 |
CVE-2023-47784 | Unrestricted Upload of File with Dangerous Type vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.6.15. | 8.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-47784 |
CVE-2023-46648 | An insufficient entropy vulnerability was identified in GitHub Enterprise Server (GHES) that allowed an attacker to brute force a user invitation to the GHES Management Console. To exploit this vulnerability, an attacker would need knowledge that a user invitation was pending. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-46648 |
CVE-2023-50732 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute a Velocity script without script right through the document tree. This has been patched in XWiki 14.10.7 and 15.2RC1. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50732 |
CVE-2023-28782 | Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue affects Gravity Forms: from n/a through 2.7.3. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-28782 |
CVE-2023-40555 | Deserialization of Untrusted Data vulnerability in UX-themes Flatsome | Multi-Purpose Responsive WooCommerce Theme.This issue affects Flatsome | Multi-Purpose Responsive WooCommerce Theme: from n/a through 3.17.5. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-40555 |
CVE-2023-29432 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Favethemes Houzez - Real Estate WordPress Theme.This issue affects Houzez - Real Estate WordPress Theme: from n/a before 2.8.3. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-29432 |
CVE-2023-37871 | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce GoCardless.This issue affects GoCardless: from n/a through 2.5.6. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-37871 |
CVE-2023-6689 | A successful CSRF attack could force the user to perform state changing requests on the application. If the victim is an administrative account, a CSRF attack could compromise the entire web application. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-6689 |
CVE-2023-6971 | The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful exploitation of this vulnerability requires that the target server's php.ini is configured with 'allow_url_include' set to 'on'. This feature is deprecated as of PHP 7.4 and is disabled by default, but can still be explicitly enabled in later versions of PHP. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-6971 |
CVE-2023-6746 | An insertion of sensitive information into log file vulnerability was identified in the log files for a GitHub Enterprise Server back-end service that could permit an `adversary in the middle attack` when combined with other phishing techniques. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-6746 |
CVE-2023-49826 | Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-49826 |
CVE-2023-30750 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30750 |
CVE-2023-30495 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Ultimate Addons for Contact Form 7.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.1.23. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-30495 |
CVE-2023-49825 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-49825 |
CVE-2023-33330 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-33330 |
CVE-2023-33209 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CrawlSpider SEO Change Monitor – Track Website Changes.This issue affects SEO Change Monitor – Track Website Changes: from n/a through 1.2. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-33209 |
CVE-2023-31092 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Foxskav Easy Bet.This issue affects Easy Bet: from n/a through 1.0.2. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-31092 |
CVE-2023-35876 | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Square.This issue affects WooCommerce Square: from n/a through 3.8.1. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-35876 |
CVE-2023-42017 | IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 265567. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2023-42017 |
CVE-2023-49084 | Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2023-49084 |
CVE-2023-46647 | Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.6, 3.10.3, and 3.11.0. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2023-46647 |
CVE-2023-5180 | An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-5180 |
CVE-2023-51386 | Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially read data from the events table by sending request payloads to the events API, collecting information on planned events, timeframes, budgets and owner email addresses. This data access may allow users to get insights into upcoming events and join events which they have not been invited to. This issue has been patched in version 1.10.0. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-51386 |
CVE-2023-6546 | A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6546 |
CVE-2023-7025 | A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function init_kcm of the component DBus Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-248578 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-7025 |
CVE-2023-37520 | Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. This XSS vulnerability is in the Gather Status Report, which is served by the BigFix Relay. | 7.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-37520 |
CVE-2023-37519 | Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. This XSS vulnerability is in the Download Status Report, which is served by the BigFix Server. | 7.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-37519 |
CVE-2023-40058 | Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-40058 |
CVE-2023-49166 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magic Logix MSync.This issue affects MSync: from n/a through 1.0.0. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-49166 |
CVE-2023-49161 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Guelben Bravo Translate.This issue affects Bravo Translate: from n/a through 1.2. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-49161 |
CVE-2023-35915 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-35915 |
CVE-2023-32743 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-32743 |
CVE-2023-47236 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum iPages Flipbook For WordPress.This issue affects iPages Flipbook For WordPress: from n/a through 1.4.8. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-47236 |
CVE-2023-38519 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-38519 |
CVE-2023-0011 | A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial interface to send malicious AT commands. Exploitation of the vulnerability gives full administrative (root) privileges to the attacker to execute any operating system command on TOBY-L2 which can lead to modification of the behavior of the module itself as well as the components connected with it (depending on its rights on other connected systems). It can further provide the ability to read system level files and hamper the availability of the module as well.. This issue affects TOBY-L2 series: TOBY-L200, TOBY-L201, TOBY-L210, TOBY-L220, TOBY-L280. | 7.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-0011 |
CVE-2023-49880 | In the Message Entry and Repair (MER) facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address and the message type of FIN messages are assumed to be immutable. However, an attacker might modify these elements of a business transaction. IBM X-Force ID: 273183. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-49880 |
CVE-2023-6972 | The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP headers. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6972 |
CVE-2023-51650 | Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-51650 |
CVE-2023-50730 | Grackle is a GraphQL server written in functional Scala, built on the Typelevel stack. The GraphQL specification requires that GraphQL fragments must not form cycles, either directly or indirectly. Prior to Grackle version 0.18.0, that requirement wasn't checked, and queries with cyclic fragments would have been accepted for type checking and compilation. The attempted compilation of such fragments would result in a JVM `StackOverflowError` being thrown. Some knowledge of an applications GraphQL schema would be required to construct such a query, however no knowledge of any application-specific performance or other behavioural characteristics would be needed. Grackle uses the cats-parse library for parsing GraphQL queries. Prior to version 0.18.0, Grackle made use of the cats-parse `recursive` operator. However, `recursive` is not currently stack safe. `recursive` was used in three places in the parser: nested selection sets, nested input values (lists and objects), and nested list type declarations. Consequently, queries with deeply nested selection sets, input values or list types could be constructed which exploited this, causing a JVM `StackOverflowException` to be thrown during parsing. Because this happens very early in query processing, no specific knowledge of an applications GraphQL schema would be required to construct such a query. The possibility of small queries resulting in stack overflow is a potential denial of service vulnerability. This potentially affects all applications using Grackle which have untrusted users. Both stack overflow issues have been resolved in the v0.18.0 release of Grackle. As a workaround, users could interpose a sanitizing layer in between untrusted input and Grackle query processing. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50730 |
CVE-2022-39337 | Hertzbeat is an open source, real-time monitoring system with custom-monitoring, high performance cluster, prometheus-like and agentless. Hertzbeat versions 1.20 and prior have a permission bypass vulnerability. System authentication can be bypassed and invoke interfaces without authorization. Version 1.2.1 contains a patch for this issue. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-39337 |
CVE-2023-6847 | An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed a bypass of Private Mode by using a specially crafted API request. To exploit this vulnerability, an attacker would need network access to the Enterprise Server appliance configured in Private Mode. This vulnerability affected all versions of GitHub Enterprise Server since 3.9 and was fixed in version 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6847 |
CVE-2023-48288 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.1. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-48288 |
CVE-2023-5594 | Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-5594 |
CVE-2023-35916 | Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-35916 |
CVE-2023-35914 | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Woo Subscriptions.This issue affects Woo Subscriptions: from n/a through 5.1.2. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-35914 |
CVE-2023-50249 | Sentry-Javascript is official Sentry SDKs for JavaScript. A ReDoS (Regular expression Denial of Service) vulnerability has been identified in Sentry's Astro SDK 7.78.0-7.86.0. Under certain conditions, this vulnerability allows an attacker to cause excessive computation times on the server, leading to denial of service (DoS). This vulnerability has been patched in sentry/astro version 7.87.0. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50249 |
CVE-2023-6562 | JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6562 |
CVE-2023-6912 | Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6912 |
CVE-2023-37544 | Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy allows an attacker to connect to the /pingpong endpoint without authentication. This issue affects Apache Pulsar WebSocket Proxy: from 2.8.0 through 2.8.*, from 2.9.0 through 2.9.*, from 2.10.0 through 2.10.4, from 2.11.0 through 2.11.1, 3.0.0. The known risks include a denial of service due to the WebSocket Proxy accepting any connections, and excessive data transfer due to misuse of the WebSocket ping/pong feature. 2.10 Pulsar WebSocket Proxy users should upgrade to at least 2.10.5. 2.11 Pulsar WebSocket Proxy users should upgrade to at least 2.11.2. 3.0 Pulsar WebSocket Proxy users should upgrade to at least 3.0.1. 3.1 Pulsar WebSocket Proxy users are unaffected. Any users running the Pulsar WebSocket Proxy for 2.8, 2.9, and earlier should upgrade to one of the above patched versions. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-37544 |
CVE-2023-47704 | IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-47704 |
CVE-2020-36769 | The Widget Settings Importer/Exporter Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp_ajax_import_widget_dataparameter AJAX action in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with subscriber-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2020-36769 |
CVE-2023-46147 | Deserialization of Untrusted Data vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5. | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-46147 |
CVE-2023-50924 | Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the injection and execution of Javascript code in another user's context. This vulnerability enables an authenticated user to inject Javascript into other user's sessions. The injected JS will be executed during normal usage of the system when viewing, e.g., overview pages. This issue has been fixed in version 3.4.1. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50924 |
CVE-2023-48670 | Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-48670 |
CVE-2021-38927 | IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210322. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2021-38927 |
CVE-2023-7002 | The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operating system. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-7002 |
CVE-2023-51387 | Hertzbeat is an open source, real-time monitoring system. Hertzbeat uses aviatorscript to evaluate alert expressions. The alert expressions are supposed to be some simple expressions. However, due to improper sanitization for alert expressions in version prior to 1.4.1, a malicious user can use a crafted alert expression to execute any command on hertzbeat server. A malicious user who has access to alert define function can execute any command in hertzbeat instance. This issue is fixed in version 1.4.1. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-51387 |
CVE-2023-43088 | Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-43088 |
CVE-2023-6802 | An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified that could allow an attacker to gain access to the management console. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-6802 |
CVE-2023-32128 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free: from n/a through 2.2.7. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-32128 |
CVE-2023-47852 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Link Whisper Link Whisper Free.This issue affects Link Whisper Free: from n/a through 0.6.5. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-47852 |
CVE-2023-50928 | "Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API containing non-existent event ids and self-defined budget & duration. This issue only affects cleaned AWS accounts, it is not possible to access AWS accounts in use or existing data/infrastructure. This issue has been patched in version 1.1.0. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-50928 |
CVE-2023-28788 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 6.4.2. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-28788 |
CVE-2023-26525 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy.This issue affects Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy: from n/a through 3.7.12. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-26525 |
CVE-2023-47507 | Deserialization of Untrusted Data vulnerability in Master Slider Master Slider Pro.This issue affects Master Slider Pro: from n/a through 3.6.5. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-47507 |
CVE-2023-43064 | Facsimile Support for IBM i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause arbitrary code to run with the privilege of the user invoking the facsimile support. IBM X-Force ID: 267689. | 7 | https://nvd.nist.gov/vuln/detail/CVE-2023-43064 |
CVE-2023-48704 | ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of Gorilla codec that crashes the ClickHouse server process. This attack does not require authentication. This issue has been addressed in ClickHouse Cloud version 23.9.2.47551 and ClickHouse versions 23.10.5.20, 23.3.18.15, 23.8.8.20, and 23.9.6.20. | 7 | https://nvd.nist.gov/vuln/detail/CVE-2023-48704 |
CVE-2023-47118 | ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of T64 codec that crashes the ClickHouse server process. This attack does not require authentication. Note that this exploit can also be triggered via HTTP protocol, however, the attacker will need a valid credential as the HTTP authentication take places first. This issue has been fixed in version 23.10.2.13-stable, 23.9.4.11-stable, 23.8.6.16-lts and 23.3.16.7-lts. | 7 | https://nvd.nist.gov/vuln/detail/CVE-2023-47118 |
CVE-2023-50714 | yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage (similar to `authState`). Second, there is a risk for a `downgrade attack` if PKCE is being relied on for CSRF protection. Version 2.2.15 contains a patch for the issue. No known workarounds are available. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-50714 |
CVE-2023-46645 | A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-46645 |
CVE-2023-39251 | Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-39251 |
CVE-2023-28491 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-28491 |
CVE-2023-7090 | A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them. | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-7090 |
CVE-2023-28025 | Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage. | 6.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-28025 |
CVE-2023-5962 | A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-5962 |
CVE-2023-6804 | Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT. To exploit this, a workflow must have already existed in the target repo. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6804 |
CVE-2023-50834 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50834 |
CVE-2023-47191 | Authorization Bypass Through User-Controlled Key vulnerability in KaineLabs Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress.This issue affects Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress: from n/a through 1.2.2. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-47191 |
CVE-2023-32799 | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-32799 |
CVE-2023-50833 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExtendThemes Colibri Page Builder allows Stored XSS.This issue affects Colibri Page Builder: from n/a through 1.0.239. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50833 |
CVE-2023-50831 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme CURCY – Multi Currency for WooCommerce allows Stored XSS.This issue affects CURCY – Multi Currency for WooCommerce: from n/a through 2.2.0. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50831 |
CVE-2023-50825 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Terrier Tenacity iframe Shortcode allows Stored XSS.This issue affects iframe Shortcode: from n/a through 2.0. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50825 |
CVE-2023-50824 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Batt Insert or Embed Articulate Content into WordPress allows Stored XSS.This issue affects Insert or Embed Articulate Content into WordPress: from n/a through 4.3000000021. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50824 |
CVE-2023-50823 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wipeout Media CSS & JavaScript Toolbox allows Stored XSS.This issue affects CSS & JavaScript Toolbox: from n/a through 11.7. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50823 |
CVE-2023-50822 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Currency.Wiki Currency Converter Widget – Exchange Rates allows Stored XSS.This issue affects Currency Converter Widget – Exchange Rates: from n/a through 3.0.2. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-50822 |
CVE-2022-45377 | Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a through 1.0.8. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-45377 |
CVE-2023-51390 | journalpump is a daemon that takes log messages from journald and pumps them to a given output. A logging vulnerability was found in journalpump which logs out the configuration of a service integration in plaintext to the supplied logging pipeline, including credential information contained in the configuration if any. The problem has been patched in journalpump 2.5.0. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-51390 |
CVE-2023-46131 | Grails is a framework used to build web applications with the Groovy programming language. A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. This issue has been patched in version 3.3.17, 4.1.3, 5.3.4, 6.1.0. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-46131 |
CVE-2022-44684 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-44684 |
CVE-2023-30872 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BannerSky BSK Forms Blacklist.This issue affects BSK Forms Blacklist: from n/a through 3.6.2. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-30872 |
CVE-2023-6910 | A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource consumption. Authenticated attacker can exhaust server storage space to a point where the server can no longer serve requests. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-6910 |
CVE-2023-6744 | The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'et_pb_text' shortcode in all versions up to, and including, 4.23.1 due to insufficient input sanitization and output escaping on user supplied custom field data. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-6744 |
CVE-2023-7111 | A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249006 is the identifier assigned to this vulnerability. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7111 |
CVE-2023-7100 | A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/bwdates-report-details.php. The manipulation of the argument fdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248952. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7100 |
CVE-2023-7099 | A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of the file bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248951. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7099 |
CVE-2023-7097 | A vulnerability classified as critical has been found in code-projects Water Billing System 1.0. This affects an unknown part of the file /addbill.php. The manipulation of the argument owners_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248949 was assigned to this vulnerability. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7097 |
CVE-2023-7091 | A vulnerability was found in Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /upload/uploadFile. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248938 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7091 |
CVE-2023-50727 | Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. Reflected XSS issue occurs when /queues is appended with /"><svg%20onload=alert(domain)>. This issue has been patched in version 2.6.0. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50727 |
CVE-2023-50725 | Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. The following paths in resque-web have been found to be vulnerable to reflected XSS: "/failed/?class=--redacted--" and "/queues/><img src=a onerror=alert(document.cookie)>". This issue has been patched in version 2.2.1 | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50725 |
CVE-2023-7058 | A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument page leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248749 was assigned to this vulnerability. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7058 |
CVE-2023-46649 | A race condition in GitHub Enterprise Server was identified that could allow an attacker administrator access. To exploit this, an organization needs to be converted from a user. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-46649 |
CVE-2023-7039 | A vulnerability classified as critical has been found in Beijing Baichuo S210 up to 20231210. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248688. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7039 |
CVE-2023-7037 | A vulnerability was found in automad up to 1.10.9. It has been declared as critical. This vulnerability affects the function import of the file FileController.php. The manipulation of the argument importUrl leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248686 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7037 |
CVE-2023-50724 | Resque (pronounced like "rescue") is a Redis-backed library for creating background jobs, placing those jobs on multiple queues, and processing them later. resque-web in resque versions before 2.1.0 are vulnerable to reflected XSS through the current_queue parameter in the path of the queues endpoint. This issue has been patched in version 2.1.0. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50724 |
CVE-2023-51655 | In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-51655 |
CVE-2023-7023 | A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/vehicle/query/delete.php. The manipulation of the argument VU_ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-248570 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7023 |
CVE-2023-7022 | A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/work_plan/manage/delete_all.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248569 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7022 |
CVE-2023-7021 | A vulnerability was found in Tongda OA 2017 up to 11.9. It has been classified as critical. Affected is an unknown function of the file general/vehicle/checkup/delete_search.php. The manipulation of the argument VU_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248568. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7021 |
CVE-2023-7020 | A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. This issue affects some unknown processing of the file general/wiki/cp/ct/view.php. The manipulation of the argument TEMP_ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248567. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7020 |
CVE-2023-35895 | IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 259116. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-35895 |
CVE-2023-50703 | An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application. | 6.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50703 |
CVE-2023-45165 | IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 267963. | 6.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-45165 |
CVE-2023-42012 | An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509. | 6.2 | https://nvd.nist.gov/vuln/detail/CVE-2023-42012 |
CVE-2023-50708 | yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth1/2 `state` and OpenID Connect `nonce` is vulnerable for a `timing attack` since it is compared via regular string comparison (instead of `Yii::$app->getSecurity()->compareString()`). Version 2.2.15 contains a patch for the issue. No known workarounds are available. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-50708 |
CVE-2023-49088 | Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-49088 |
CVE-2023-49086 | Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). Bypassing an earlier fix (CVE-2023-39360) that leads to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. Impact of the vulnerability - execution of arbitrary javascript code in the attacked user's browser. This issue has been patched in version 1.2.26. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-49086 |
CVE-2023-6122 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ?stanbul Soft Informatics and Consultancy Limited Company Softomi Geli?mi? C2C Pazaryeri Yaz?l?m? allows Reflected XSS.This issue affects Softomi Geli?mi? C2C Pazaryeri Yaz?l?m?: before 12122023. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-6122 |
CVE-2023-5988 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies LioXERP allows Reflected XSS.This issue affects LioXERP: before v.146. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-5988 |
CVE-2023-49272 | Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'children' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-49272 |
CVE-2023-51651 | AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the `buildEndpoint` method in the RestSerializer component of the AWS SDK for PHP v3 prior to 3.288.1. The `buildEndpoint` method relies on the Guzzle Psr7 UriResolver utility, which strips dot segments from the request path in accordance with RFC 3986. Under certain conditions, this could lead to an arbitrary object being accessed. This issue has been patched in version 3.288.1. | 6 | https://nvd.nist.gov/vuln/detail/CVE-2023-51651 |
CVE-2023-51662 | The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List (CRL) were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between 2.0.25 and 2.1.4 (inclusive). Snowflake fixed the issue in version 2.1.5. | 6 | https://nvd.nist.gov/vuln/detail/CVE-2023-51662 |
CVE-2023-7008 | A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-7008 |
CVE-2023-48298 | ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an unauthenticated attacker. The vulnerability is very similar to CVE-2023-47118 with how the vulnerable function can be exploited. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-48298 |
CVE-2023-50832 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mondula GmbH Multi Step Form allows Stored XSS.This issue affects Multi Step Form: from n/a through 1.7.13. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50832 |
CVE-2023-50830 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seosbg Seos Contact Form allows Stored XSS.This issue affects Seos Contact Form: from n/a through 1.8.0. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50830 |
CVE-2023-50829 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.3. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50829 |
CVE-2023-50828 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Vongries Ultimate Dashboard – Custom WordPress Dashboard allows Stored XSS.This issue affects Ultimate Dashboard – Custom WordPress Dashboard: from n/a through 3.7.11. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50828 |
CVE-2023-50827 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Accredible Accredible Certificates & Open Badges allows Stored XSS.This issue affects Accredible Certificates & Open Badges: from n/a through 1.4.8. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50827 |
CVE-2023-50826 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50826 |
CVE-2023-50377 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AB-WP Simple Counter allows Stored XSS.This issue affects Simple Counter: from n/a through 1.0.2. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-50377 |
CVE-2023-47527 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sajjad Hossain Sagor WP Edit Username allows Stored XSS.This issue affects WP Edit Username: from n/a through 1.0.5. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-47527 |
CVE-2023-47525 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Event Monster – Event Management, Tickets Booking, Upcoming Event allows Stored XSS.This issue affects Event Monster – Event Management, Tickets Booking, Upcoming Event: from n/a through 1.3.2. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-47525 |
CVE-2023-2487 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Smackcoders Export All Posts, Products, Orders, Refunds & Users.This issue affects Export All Posts, Products, Orders, Refunds & Users: from n/a through 2.4.1. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-2487 |
CVE-2023-6803 | A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | 5.8 | https://nvd.nist.gov/vuln/detail/CVE-2023-6803 |
CVE-2023-51449 | Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of `gradio` prior to 4.11.0 contained a vulnerability in the `/file` route which made them susceptible to file traversal attacks in which an attacker could access arbitrary files on a machine running a Gradio app with a public URL (e.g. if the demo was created with `share=True`, or on Hugging Face Spaces) if they knew the path of files to look for. This issue has been patched in version 4.11.0. | 5.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-51449 |
CVE-2023-7054 | A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /user/add-notes.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248741 was assigned to this vulnerability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-7054 |
CVE-2023-4256 | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-4256 |
CVE-2023-4255 | An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-4255 |
CVE-2022-47599 | Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager.This issue affects File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager: from n/a through 5.2.7. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-47599 |
CVE-2023-50250 | Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-50250 |
CVE-2023-49791 | Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when an attacker manages to get access to an active session of another user via another way, they could delete and modify workflows by sending calls directly to the API bypassing the password confirmation shown in the UI. Nextcloud Server versions 26.0.9 and 27.1.4 and Nextcloud Enterprise Server versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4 contain a patch for this issue. No known workarounds are available. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-49791 |
CVE-2023-7041 | A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248690 is the identifier assigned to this vulnerability. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-7041 |
CVE-2023-32747 | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-32747 |
CVE-2023-22674 | Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Hal Gatewood Dashicons + Custom Post Types.This issue affects Dashicons + Custom Post Types: from n/a through 1.0.2. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-22674 |
CVE-2023-5989 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies LioXERP allows Stored XSS.This issue affects LioXERP: before v.146. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-5989 |
CVE-2023-50639 | Cross Site Scripting (XSS) vulnerability in CuteHttpFileServer v.1.0 and v.2.0 allows attackers to obtain sensitive information via the file upload function in the home page. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-50639 |
CVE-2023-49271 | Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_out_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-49271 |
CVE-2023-49270 | Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_in_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-49270 |
CVE-2023-49269 | Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'adults' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-49269 |
CVE-2023-36520 | Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-36520 |
CVE-2023-51462 | Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51462 |
CVE-2023-51461 | Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51461 |
CVE-2023-51460 | Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51460 |
CVE-2023-51459 | Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51459 |
CVE-2023-51458 | Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51458 |
CVE-2023-51457 | Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-51457 |
CVE-2023-38513 | Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media Organizer & Lightroom).This issue affects Photo Engine (Media Organizer & Lightroom): from n/a through 6.2.5. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-38513 |
CVE-2023-47707 | IBM Security Guardium Key Lifecycle Manager 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271522. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-47707 |
CVE-2023-7094 | A vulnerability classified as problematic was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected by this vulnerability is an unknown functionality of the file /protocol/nsasg6.0.tgz. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248941 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7094 |
CVE-2023-7093 | A vulnerability classified as critical has been found in KylinSoft kylin-system-updater up to 2.0.5.16-0k2.33. Affected is an unknown function of the file /usr/share/kylin-system-updater/SystemUpdater/UpgradeStrategiesDbus.py of the component com.kylin.systemupgrade Service. The manipulation of the argument SetDownloadspeedMax leads to os command injection. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248940. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7093 |
CVE-2023-50259 | Medusa is an automatic video library manager for TV shows. Versions prior to 1.0.19 are vulnerable to unauthenticated blind server-side request forgery (SSRF). The `testslack` request handler in `medusa/server/web/home/handler.py` does not validate the user-controlled `slack_webhook` variable and passes it to the `notifiers.slack_notifier.test_notify` method, then `_notify_slack` and finally `_send_slack` method, which sends a POST request to the user-controlled URL on line 103 in `/medusa/notifiers/slack.py`, which leads to a blind server-side request forgery (SSRF). This issue allows for crafting POST requests on behalf of the Medusa server. Version 1.0.19 contains a fix for the issue. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50259 |
CVE-2023-50258 | Medusa is an automatic video library manager for TV shows. Versions prior to 1.0.19 are vulnerable to unauthenticated blind server-side request forgery (SSRF). The `testDiscord` request handler in `medusa/server/web/home/handler.py` does not validate the user-controlled `discord_webhook` variable and passes it to the `notifiers.discord_notifier.test_notify` method, then `_notify_discord` and finally `_send_discord_msg` method, which sends a POST request to the user-controlled URL on line 64 in `/medusa/notifiers/discord.py`, which leads to a blind server-side request forgery. This issue allows for crafting POST requests on behalf of the Medusa server. Version 1.0.19 contains a fix for the issue. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50258 |
CVE-2023-49792 | Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when a (reverse) proxy is configured as trusted proxy the server could be tricked into reading a wrong remote address for an attacker, allowing them executing authentication attempts than intended. Nextcloud Server versions 26.0.9 and 27.1.4 and Nextcloud Enterprise Server versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4 contain a patch for this issue. No known workarounds are available. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-49792 |
CVE-2023-27319 | ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerability that can allow an unauthenticated attacker to enumerate URLs via REST API. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-27319 |
CVE-2023-46646 | Improper access control in all versions of GitHub Enterprise Server allows unauthorized users to view private repository names via the "Get a check run" API endpoint. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected GitHub Enterprise Server version 3.7.0 and above and was fixed in version 3.17.19, 3.8.12, 3.9.7 3.10.4, and 3.11.0. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-46646 |
CVE-2023-49162 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-49162 |
CVE-2023-28421 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP Email Capture: from n/a through 3.10. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-28421 |
CVE-2023-49762 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AppMySite AppMySite – Create an app with the Best Mobile App Builder.This issue affects AppMySite – Create an app with the Best Mobile App Builder: from n/a through 3.11.0. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-49762 |
CVE-2023-45703 | HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-45703 |
CVE-2022-47597 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Popup Maker Popup Maker – Popup for opt-ins, lead gen, & more.This issue affects Popup Maker – Popup for opt-ins, lead gen, & more: from n/a through 1.17.1. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-47597 |
CVE-2023-41796 | Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Galleries for Photographers: from n/a before 3.0.0. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-41796 |
CVE-2023-47703 | IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 271197. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-47703 |
CVE-2023-50705 | An attacker could create malicious requests to obtain sensitive information about the web server. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50705 |
CVE-2023-47161 | IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. IBM X-Force ID: 270799. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-47161 |
CVE-2023-42013 | IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 265510. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-42013 |
CVE-2023-51379 | An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token. This vulnerability did not allow unauthorized access to any repository content as it also required contents:write and issues:read permissions. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-51379 |
CVE-2023-7096 | A vulnerability was found in code-projects Faculty Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/php/crud.php. The manipulation of the argument fieldname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248948. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-7096 |
CVE-2023-7036 | A vulnerability was found in automad up to 1.10.9. It has been classified as problematic. This affects the function upload of the file FileCollectionController.php of the component Content Type Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248685 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-7036 |
CVE-2023-6784 | A malicious user could potentially use the Sitefinity system for the distribution of phishing emails. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-6784 |
CVE-2023-50712 | Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting (XSS) vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.3.7. The vulnerability may allow an attacker to inject malicious scripts into the application, which could then be executed when a user visits the affected locations. This could lead to unauthorized access, data theft, or other related malicious activities. An attacker need to be authenticated on the application to exploit this vulnerability. The issue is fixed in version v2.3.7 of iris-web. No known workarounds are available. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-50712 |
CVE-2023-41097 | An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-41097 |
CVE-2023-6769 | Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the "lp_admin.php" file in the "question" and "item" parameters. This vulnerability could lead to malicious JavaScript execution while the page is loading. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2023-6769 |
CVE-2023-49594 | An information disclosure vulnerability exists in the challenge functionality of instipod DuoUniversalKeycloakAuthenticator 1.0.7 plugin. A specially crafted HTTP request can lead to a disclosure of sensitive information. An user login to Keycloak using DuoUniversalKeycloakAuthenticator plugin triggers this vulnerability. | 4.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-49594 |
CVE-2023-7042 | A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-7042 |
CVE-2012-10017 | A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.04 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 2.06 is able to address this issue. The patch is named 68af950330c3202a706f0ae9bbb52ceaa17dda9d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248955. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2012-10017 |
CVE-2023-7092 | A vulnerability was found in Uniway UW-302VP 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /boaform/wlan_basic_set.cgi of the component Admin Web Interface. The manipulation of the argument wlanssid/password leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248939. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7092 |
CVE-2023-51451 | Symbolicator is a service used in Sentry. Starting in Symbolicator version 0.3.3 and prior to version 21.12.1, an attacker could make Symbolicator send GET HTTP requests to arbitrary URLs with internal IP addresses by using an invalid protocol. The responses of those requests could be exposed via Symbolicator's API. In affected Sentry instances, the data could be exposed through the Sentry API and user interface if the attacker has a registered account. The issue has been fixed in Symbolicator release 23.12.1, Sentry self-hosted release 23.12.1, and has already been mitigated on sentry.io on December 18, 2023. If updating is not possible, some other mitigations are available. One may disable JS processing by toggling the option `Allow JavaScript Source Fetching` in `Organization Settings > Security & Privacy` and/or disable all untrusted public repositories under `Project Settings > Debug Files`. Alternatively, if JavaScript and native symbolication are not required, disable Symbolicator completely in `config.yml`. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-51451 |
CVE-2023-49790 | The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. No known workarounds are available. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-49790 |
CVE-2023-7055 | A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0. Affected is an unknown function of the file /user/profile.php of the component Contact Information Handler. The manipulation of the argument mobilenumber leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-248742 is the identifier assigned to this vulnerability. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7055 |
CVE-2023-7052 | A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been classified as problematic. This affects an unknown part of the file /user/profile.php. The manipulation of the argument name leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248739. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7052 |
CVE-2023-7051 | A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/manage-notes.php of the component Notes Handler. The manipulation of the argument delid leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248738 is the identifier assigned to this vulnerability. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7051 |
CVE-2023-7040 | A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248689 was assigned to this vulnerability. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7040 |
CVE-2023-49765 | Authorization Bypass Through User-Controlled Key vulnerability in Blaz K. Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.1. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-49765 |
CVE-2023-7038 | A vulnerability was found in automad up to 1.10.9. It has been rated as problematic. This issue affects some unknown processing of the file /dashboard?controller=UserCollection::createUser of the component User Creation Handler. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248687. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7038 |
CVE-2023-7026 | A vulnerability was found in Lightxun IPTV Gateway up to 20231208. It has been rated as problematic. This issue affects some unknown processing of the file /ZHGXTV/index.php/admin/index/web_upload_template.html. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248579. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-7026 |
CVE-2023-45700 | HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-45700 |
CVE-2023-47705 | IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to manipulate username data due to improper input validation. IBM X-Force ID: 271228. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-47705 |
CVE-2023-50704 | An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2023-50704 |
CVE-2023-50706 | A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session tokens. | 4.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-50706 |
CVE-2023-6690 | A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | 3.9 | https://nvd.nist.gov/vuln/detail/CVE-2023-6690 |
CVE-2015-10127 | A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able to address this issue. The patch is identified as 1274afc635170daafd38306487b6bb8a01f78ecd. It is recommended to upgrade the affected component. VDB-248954 is the identifier assigned to this vulnerability. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2015-10127 |
CVE-2014-125109 | A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.27. It has been declared as problematic. This vulnerability affects the function bws_add_menu_render of the file bws_menu/bws_menu.php. The manipulation of the argument bwsmn_form_email leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 2.28 is able to address this issue. The name of the patch is d2ede580474665af56ff262a05783fbabe4529b8. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248956. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2014-125109 |
CVE-2023-51649 | Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level `extras.run_job` permission is checked (i.e., does the user have permission to run Jobs in general). Object-level permissions (i.e., does the user have permission to run this specific Job?) are not enforced by the URL/view used in this case. A user with permissions to run even a single Job can actually run all configured JobButton Jobs. Fix will be available in Nautobot 1.6.8 and 2.1.0 | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-51649 |
CVE-2023-7076 | A vulnerability was found in slawkens MyAAC up to 0.8.13. It has been declared as problematic. This vulnerability affects unknown code of the file system/pages/bugtracker.php. The manipulation of the argument bug[2]['subject']/bug[2]['text']/report['subject'] leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.8.14 is able to address this issue. The name of the patch is 83a91ec540072d319dd338abff45f8d5ebf48190. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248848. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-7076 |
CVE-2023-7075 | A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /main/checkout.php. The manipulation of the argument pt leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248846 is the identifier assigned to this vulnerability. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-7075 |
CVE-2023-7059 | A vulnerability was found in SourceCodester School Visitor Log e-Book 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file log-book.php. The manipulation of the argument Full Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248750 is the identifier assigned to this vulnerability. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-7059 |
CVE-2023-7057 | A vulnerability, which was classified as problematic, has been found in code-projects Faculty Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/pages/yearlevel.php. The manipulation of the argument Year Level/Section leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248744. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-7057 |
CVE-2023-48308 | Nextcloud/Cloud is a calendar app for Nextcloud. An attacker can gain access to stacktrace and internal paths of the server when generating an exception while editing a calendar appointment. It is recommended that the Nextcloud Calendar app is upgraded to 4.5.3 | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-48308 |
CVE-2023-7050 | A vulnerability has been found in PHPGurukul Online Notes Sharing System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file user/profile.php. The manipulation of the argument name/email leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248737 was assigned to this vulnerability. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-7050 |
CVE-2023-2585 | Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized access to an existing OAuth client. | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2023-2585 |
CVE-2014-125108 | A vulnerability was found in w3c online-spellchecker-py up to 20140130. It has been rated as problematic. This issue affects some unknown processing of the file spellchecker. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of the patch is d6c21fd8187c5db2a50425ff80694149e75d722e. It is recommended to apply a patch to fix this issue. The identifier VDB-248849 was assigned to this vulnerability. | 3.1 | https://nvd.nist.gov/vuln/detail/CVE-2014-125108 |
CVE-2023-7053 | A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user/signup.php. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248740. | 3.1 | https://nvd.nist.gov/vuln/detail/CVE-2023-7053 |
CVE-2023-51380 | An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-51380 |
CVE-2023-46311 | Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3. | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2023-46311 |
CVE-2023-7056 | A vulnerability classified as problematic was found in code-projects Faculty Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/pages/subjects.php. The manipulation of the argument Description/Units leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248743. | 2.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-7056 |
CVE-2023-7035 | A vulnerability was found in automad up to 1.10.9 and classified as problematic. Affected by this issue is some unknown functionality of the file packages\\standard\\templates\\post.php of the component Setting Handler. The manipulation of the argument sitename leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248684. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2.4 | https://nvd.nist.gov/vuln/detail/CVE-2023-7035 |
CVE-2023-52096 | SteVe Community ocpp-jaxb before 0.0.8 generates invalid timestamps such as ones with month 00 in certain situations (such as when an application receives a StartTransaction Open Charge Point Protocol message with a timestamp parameter of 1000000). This may lead to a SQL exception in applications, and may undermine the integrity of transaction records. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-52096 |
CVE-2023-49438 | An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49438 |
CVE-2023-48003 | An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the '<meta http-equiv="refresh"' in the WebSocket messages. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48003 |
CVE-2023-6268 | The JSON Content Importer WordPress plugin before 1.5.4 does not sanitise and escape the tab parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | – | https://nvd.nist.gov/vuln/detail/CVE-2023-6268 |
CVE-2023-6250 | The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password protected posts to unauthenticated users via a meta tag | – | https://nvd.nist.gov/vuln/detail/CVE-2023-6250 |
CVE-2023-6166 | The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting | – | https://nvd.nist.gov/vuln/detail/CVE-2023-6166 |
CVE-2023-6155 | The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the `ays_quiz_author_user_search` AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-6155 |
CVE-2023-6114 | The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. When directory listing is enabled in the web server, this allows unauthenticated attackers to discover and access these sensitive files, which include a full database dump and a zip archive of the site. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-6114 |
CVE-2023-5991 | The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5991 |
CVE-2023-5980 | The BSK Forms Blacklist WordPress plugin before 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5980 |
CVE-2023-5939 | The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5939 |
CVE-2023-5931 | The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5931 |
CVE-2023-5674 | The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5674 |
CVE-2023-5673 | The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5673 |
CVE-2023-5672 | The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5672 |
CVE-2023-5645 | The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5645 |
CVE-2023-5644 | The WP Mail Log WordPress plugin before 1.1.3 does not correctly authorize its REST API endpoints, allowing users with the Contributor role to view and delete data that should only be accessible to Admin users. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5644 |
CVE-2023-5203 | The WP Sessions Time Monitoring Full Automatic WordPress plugin before 1.0.9 does not sanitize the request URL or query parameters before using them in an SQL query, allowing unauthenticated attackers to extract sensitive data from the database via blind time based SQL injection techniques, or in some cases an error/union based technique. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-5203 |
CVE-2023-52086 | resumable.php (aka PHP backend for resumable.js) 0.1.4 before 3c6dbf5 allows arbitrary file upload anywhere in the filesystem via ../ in multipart/form-data content to upload.php. (File overwrite hasn't been possible with the code available in GitHub in recent years, however.) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-52086 |
CVE-2023-51102 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formWifiMacFilterSet. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51102 |
CVE-2023-51101 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetUplinkInfo. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51101 |
CVE-2023-51100 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formGetDiagnoseInfo . | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51100 |
CVE-2023-51099 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formexeCommand . | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51099 |
CVE-2023-51098 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formSetDiagnoseInfo . | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51098 |
CVE-2023-51097 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPing. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51097 |
CVE-2023-51094 | Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the function TendaTelnet. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51094 |
CVE-2023-51093 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVlanInfo. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51093 |
CVE-2023-51092 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51092 |
CVE-2023-51091 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51091 |
CVE-2023-51090 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51090 |
CVE-2023-45251 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-45251 |
CVE-2023-43851 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-43851 |
CVE-2023-51095 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51095 |
CVE-2023-51467 | The vulnerability allows attackers to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51467 |
CVE-2023-51107 | A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon compute_color() of jquant2.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51107 |
CVE-2023-51106 | A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon pnm_binary_read_image() of load-pnm.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51106 |
CVE-2023-51105 | A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function bmp_decompress_rle4() of load-bmp.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51105 |
CVE-2023-51104 | A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon pnm_binary_read_image() of load-pnm.c line 527. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51104 |
CVE-2023-51103 | A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon fz_new_pixmap_from_float_data() of pixmap.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51103 |
CVE-2023-49949 | Passwork before 6.2.0 allows remote authenticated users to bypass 2FA by sending all one million of the possible 6-digit codes. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49949 |
CVE-2023-50968 | Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recommended to upgrade to version 18.12.11, which fixes this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50968 |
CVE-2023-51363 | VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51363 |
CVE-2023-50339 | Stored cross-site scripting vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.1.11. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50339 |
CVE-2023-50332 | Improper authorization vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.0.6. If this vulnerability is exploited, a user may delete or suspend its own account without the user's intention.\r | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50332 |
CVE-2023-50294 | The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50294 |
CVE-2023-50175 | Stored cross-site scripting vulnerability exists in the App Settings (/admin/app) page, the Markdown Settings (/admin/markdown) page, and the Customize (/admin/customize) page of GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50175 |
CVE-2023-49807 | Stored cross-site scripting vulnerability when processing the MathJax exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49807 |
CVE-2023-49779 | Stored cross-site scripting vulnerability exists in the anchor tag of GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49779 |
CVE-2023-49598 | Stored cross-site scripting vulnerability exists in the event handlers of the pre tags in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49598 |
CVE-2023-49119 | Stored cross-site scripting vulnerability via the img tags exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49119 |
CVE-2023-47215 | Stored cross-site scripting vulnerability which is exploiting a behavior of the XSS Filter exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47215 |
CVE-2023-46711 | VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-46711 |
CVE-2023-46699 | Cross-site request forgery (CSRF) vulnerability exists in the User settings (/me) page of GROWI versions prior to v6.0.0. If a user views a malicious page while logging in, settings may be changed without the user's intention. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-46699 |
CVE-2023-46681 | Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-46681 |
CVE-2023-45741 | VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-45741 |
CVE-2023-45740 | Stored cross-site scripting vulnerability when processing profile images exists in GROWI versions prior to v4.1.3. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-45740 |
CVE-2023-45737 | Stored cross-site scripting vulnerability exists in the App Settings (/admin/app) page and the Markdown Settings (/admin/markdown) page of GROWI versions prior to v3.5.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-45737 |
CVE-2023-42436 | Stored cross-site scripting vulnerability exists in the presentation feature of GROWI versions prior to v3.4.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-42436 |
CVE-2023-51654 | Improper link resolution before file access ('Link Following') issue exists in iPrint&Scan Desktop for Windows versions 11.0.0 and earlier. A symlink attack by a malicious user may cause a Denial-of-service (DoS) condition on the PC. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51654 |
CVE-2023-50297 | Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50297 |
CVE-2023-49117 | PowerCMS (6 Series, 5 Series, and 4 Series) contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user's web browser. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49117 |
CVE-2023-28616 | An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28616 |
CVE-2023-27150 | openCRX 5.2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name field after creation of a Tracker in Manage Activity. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27150 |
CVE-2023-38321 | OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-38321 |
CVE-2023-49954 | The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49954 |
CVE-2023-49944 | The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49944 |
CVE-2023-49226 | An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console allows users with admin privileges to execute arbitrary commands as root. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49226 |
CVE-2023-48652 | Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via /ccm/system/dialogs/logs/delete_all/submit. An attacker can force an admin user to delete server report logs on a web application to which they are currently authenticated. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48652 |
CVE-2023-38826 | A Cross Site Scripting (XSS) vulnerability exists in Follet Learning Solutions Destiny through 20.0_1U. via the handlewpesearchform.do. searchString. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-38826 |
CVE-2023-36486 | The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user by uploading a workflow definition file with a malicious filename. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-36486 |
CVE-2023-36485 | The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user via a malicious BPMN2 workflow definition file. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-36485 |
CVE-2023-31224 | There is broken access control during authentication in Jamf Pro Server before 10.46.1. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31224 |
CVE-2022-34268 | An issue was discovered in RWS WorldServer before 11.7.3. /clientLogin deserializes Java objects without authentication, leading to command execution on the host. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-34268 |
CVE-2022-34267 | An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 bypasses all authentication requirements. Arbitrary Java code can be uploaded and executed via a .jar archive to the ws-api/v2/customizations/api endpoint. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-34267 |
CVE-2023-47247 | In SysAid On-Premise before 23.3.34, there is an edge case in which an end user is able to delete a Knowledge Base article, aka bug 15102. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47247 |
CVE-2023-47091 | An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie threshold, making an IPsec connection impossible. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47091 |
CVE-2023-37188 | C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_rate_decompress at zfp/blosc2-zfp.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-37188 |
CVE-2023-37187 | C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the zfp/blosc2-zfp.c zfp_acc_decompress. function. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-37187 |
CVE-2023-37186 | C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference in ndlz/ndlz8x8.c via a NULL pointer to memset. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-37186 |
CVE-2023-37185 | C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_prec_decompress at zfp/blosc2-zfp.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-37185 |
CVE-2023-31297 | An issue was discovered in SESAMI planfocus CPTO (Cash Point & Transport Optimizer) 6.3.8.6 718. There is XSS via the Name field when modifying a client. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31297 |
CVE-2023-28872 | Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\\Temp\\NcpSupport* location. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-28872 |
CVE-2023-51772 | One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a session timeout, click on the Help icon, observe that there is a browser window for the One Identity website, navigate to any website that offers file upload, navigate to cmd.exe from the file explorer window, and launch cmd.exe as NT AUTHORITY\\SYSTEM. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51772 |
CVE-2023-49328 | On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49328 |
CVE-2023-48654 | One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the Google ReCAPTCHA section, click on the Privacy link, observe that there is a new browser window, navigate to any website that offers file upload, navigate to cmd.exe from the file explorer window, and launch cmd.exe as NT AUTHORITY\\SYSTEM. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48654 |
CVE-2023-40236 | In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-40236 |
CVE-2023-37225 | Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-37225 |
CVE-2023-31455 | Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31455 |
CVE-2023-31289 | Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-31289 |
CVE-2022-43675 | An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all parameters. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-43675 |
CVE-2022-41762 | An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41762 |
CVE-2022-41761 | An issue was discovered in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41761 |
CVE-2022-41760 | An issue was discovered in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated attacker to read arbitrary files. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-41760 |
CVE-2022-39822 | In NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GET parameter. An authenticated attacker is required for exploitation. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-39822 |
CVE-2022-39820 | In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-39820 |
CVE-2022-39818 | In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-39818 |
CVE-2023-51771 | In MicroHttpServer (aka Micro HTTP Server) through a8ab029, _ParseHeader in lib/server.c allows a one-byte recv buffer overflow via a long URI. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51771 |
CVE-2023-30451 | In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF]. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-30451 |
CVE-2023-7102 | Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-7102 |
CVE-2023-7101 | Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-7101 |
CVE-2023-51714 | An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51714 |
CVE-2023-51767 | OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51767 |
CVE-2023-51766 | Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51766 |
CVE-2023-51765 | sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51765 |
CVE-2023-51764 | Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required: the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51764 |
CVE-2023-51763 | csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows CSV injection. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51763 |
CVE-2023-51035 | TOTOLINK EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51035 |
CVE-2023-51034 | TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51034 |
CVE-2023-51033 | TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi setOpModeCfg interface. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51033 |
CVE-2023-51022 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langFlag’ parameter of the setLanguageCfg interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51022 |
CVE-2023-51021 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51021 |
CVE-2023-51020 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51020 |
CVE-2023-51019 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51019 |
CVE-2023-51018 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘opmode’ parameter of the setWiFiApConfig interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51018 |
CVE-2023-51017 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51017 |
CVE-2023-51016 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51016 |
CVE-2023-51015 | TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51015 |
CVE-2023-51014 | TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51014 |
CVE-2023-51013 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51013 |
CVE-2023-51012 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51012 |
CVE-2023-51011 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgi | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51011 |
CVE-2023-50147 | There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50147 |
CVE-2023-51028 | TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51028 |
CVE-2023-51027 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51027 |
CVE-2023-51026 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51026 |
CVE-2023-51025 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51025 |
CVE-2023-51024 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51024 |
CVE-2023-51023 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51023 |
CVE-2023-45957 | A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error mishandling. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-45957 |
CVE-2023-42465 | Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-42465 |
CVE-2023-50569 | Reflected Cross Site Scripting (XSS) vulnerability in Cacti v1.2.25, allows remote attackers to escalate privileges when uploading an xml template file via templates_import.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50569 |
CVE-2023-49391 | An issue was discovered in free5GC version 3.3.0, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) on AMF component via crafted NGAP message. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49391 |
CVE-2023-49356 | A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49356 |
CVE-2023-43741 | A time-of-check-time-of-use race condition vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to bypass a symbolic link check for the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-43741 |
CVE-2023-43116 | A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-43116 |
CVE-2023-24609 | Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-24609 |
CVE-2022-47532 | FileRun 20220519 allows SQL Injection via the "dir" parameter in a /?module=users§ion=cpanel&page=list request. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-47532 |
CVE-2023-51713 | make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51713 |
CVE-2023-51708 | Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For Transportation before 23.00.01.25. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51708 |
CVE-2023-51707 | MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51707 |
CVE-2023-51704 | An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group-*-member messages can result in XSS on Special:log/rights. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51704 |
CVE-2023-7024 | Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-7024 |
CVE-2023-51052 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51052 |
CVE-2023-51051 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51051 |
CVE-2023-51050 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51050 |
CVE-2023-51049 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51049 |
CVE-2023-51048 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51048 |
CVE-2023-7047 | Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL data sources. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-7047 |
CVE-2023-50119 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-45292. Reason: This record is a reservation duplicate of CVE-2023-45292. Notes: All CVE users should reference CVE-2023-45292 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50119 |
CVE-2023-48116 | SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48116 |
CVE-2023-48115 | SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48115 |
CVE-2023-48114 | SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS by using image/svg+xml and an uploaded SVG document. This occurs because the application tries to allow youtube.com URLs, but actually allows youtube.com followed by an @ character and an attacker-controlled domain name. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48114 |
CVE-2023-51656 | Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-51656 |
CVE-2023-50481 | An issue was discovered in blinksocks version 3.3.8, allows remote attackers to obtain sensitive information via weak encryption algorithms in the component /presets/ssr-auth-chain.js. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50481 |
CVE-2023-50477 | An issue was discovered in nos client version 0.6.6, allows remote attackers to escalate privileges via getRPCEndpoint.js. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50477 |
CVE-2023-50475 | An issue was discovered in bcoin-org bcoin version 2.2.0, allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \\vendor\\faye-websocket.js. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50475 |
CVE-2023-50473 | Cross-Site Scripting (XSS) vulnerability in bill-ahmed qbit-matUI version 1.16.4, allows remote attackers to obtain sensitive information via fixed session identifiers (SID) in index.js file. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50473 |
CVE-2023-50783 | Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable. This flaw compromises the integrity of variable management, potentially leading to unauthorized data modification. Users are recommended to upgrade to 2.8.0, which fixes this issue | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50783 |
CVE-2023-49920 | Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigger a DAG in a GET request without CSRF validation. As a result, it was possible for a malicious website opened in the same browser - by the user who also had Airflow UI opened - to trigger the execution of DAGs without the user's consent. Users are advised to upgrade to version 2.8.0 or later which is not affected | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49920 |
CVE-2023-48291 | Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't. This is a missing fix for CVE-2023-42792 in Apache Airflow 2.7.2 Users of Apache Airflow are strongly advised to upgrade to version 2.8.0 or newer to mitigate the risk associated with this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-48291 |
CVE-2023-47265 | Apache Airflow, versions 2.6.0 through 2.7.3 has a stored XSS vulnerability that allows a DAG author to add an unbounded and not-sanitized javascript in the parameter description field of the DAG. This Javascript can be executed on the client side of any of the user who looks at the tasks in the browser sandbox. While this issue does not allow to exit the browser sandbox or manipulation of the server-side data - more than the DAG author already has, it allows to modify what the user looking at the DAG details sees in the browser - which opens up all kinds of possibilities of misleading other users. Users of Apache Airflow are recommended to upgrade to version 2.8.0 or newer to mitigate the risk associated with this vulnerability | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47265 |
CVE-2023-29487 | An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29487 |
CVE-2023-29486 | An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29486 |
CVE-2023-29485 | An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-29485 |
CVE-2023-49032 | An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-49032 |
CVE-2023-47093 | An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47093 |
CVE-2023-41166 | An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know if a specific user account exists on the SNS firewall by using remote access commands. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-41166 |
CVE-2023-50993 | Ruijie WS6008 v1.x v2.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 and WS6108 v1.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 was discovered to contain a command injection vulnerability via the function downFiles. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50993 |
CVE-2023-47990 | SQL Injection vulnerability in components/table_manager/html/edit_admin_table.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-47990 |
CVE-2023-7018 | Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-7018 |
CVE-2023-3742 | Insufficient policy enforcement in ADB in Google Chrome on ChromeOS prior to 114.0.5735.90 allowed a local attacker to bypass device policy restrictions via physical access to the device. (Chromium security severity: High) | – | https://nvd.nist.gov/vuln/detail/CVE-2023-3742 |
CVE-2023-50628 | Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary code and obtain sensitive information via parser.c component. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50628 |
CVE-2023-50044 | Buffer Overflow vulnerability in Cesanta MJS version 2.22.0, allows attackers to execute arbitrary code, cause a denial of service (Dos), and obtain sensitive information via segmentation fault can occur in getprop_builtin_foreign when input string includes a name of Built-in APIs. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-50044 |
CVE-2023-6977 | This vulnerability enables malicious users to read sensitive files on the server. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-6977 |
CVE-2023-6976 | This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-6976 |
CVE-2023-6975 | A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-6975 |
CVE-2023-6974 | A malicious user could use this issue to access internal HTTP(s) servers and in the worst case (ie: aws instance) it could be abuse to get a remote code execution on the victim machine. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-6974 |
CVE-2023-27172 | Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-27172 |
CVE-2023-45887 | DS Wireless Communication (DWC) with DWC_VERSION_3 and DWC_VERSION_11 allows remote attackers to execute arbitrary code on a game-playing client's machine via a modified GPCM message. | – | https://nvd.nist.gov/vuln/detail/CVE-2023-45887 |