Security Bulletin 22 Mar 2023

Published on 22 Mar 2023

SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.

The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:

Critical	vulnerabilities with a base score of 9.0 to 10.0
High	vulnerabilities with a base score of 7.0 to 8.9
Medium	vulnerabilities with a base score of 4.0 to 6.9
Low	vulnerabilities with a base score of 0.1 to 3.9
None	vulnerabilities with a base score of 0.0

For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.

CRITICAL VULNERABILITIES

CVE Number	Description	Base Score	Reference
CVE-2017-5226	When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.	10	https://nvd.nist.gov/vuln/detail/CVE-2017-5226
CVE-2023-27482	homeassistant is an open source home automation tool. A remotely exploitable vulnerability bypassing authentication for accessing the Supervisor API through Home Assistant has been discovered. This impacts all Home Assistant installation types that use the Supervisor 2023.01.1 or older. Installation types, like Home Assistant Container (for example Docker), or Home Assistant Core manually in a Python environment, are not affected. The issue has been mitigated and closed in Supervisor version 2023.03.1, which has been rolled out to all affected installations via the auto-update feature of the Supervisor. This rollout has been completed at the time of publication of this advisory. Home Assistant Core 2023.3.0 included mitigation for this vulnerability. Upgrading to at least that version is thus advised. In case one is not able to upgrade the Home Assistant Supervisor or the Home Assistant Core application at this time, it is advised to not expose your Home Assistant instance to the internet.	10	https://nvd.nist.gov/vuln/detail/CVE-2023-27482
CVE-2023-26489	wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug means that, with default codegen settings, a wasm-controlled load/store operation could read/write addresses up to 35 bits away from the base of linear memory. Due to this bug, however, addresses up to `0xffffffff * 8 + 0x7ffffffc = 36507222004 = ~34G` bytes away from the base of linear memory are possible from guest code. This means that the virtual memory 6G away from the base of linear memory up to ~34G away can be read/written by a malicious module. A guest module can, without the knowledge of the embedder, read/write memory in this region. The memory may belong to other WebAssembly instances when using the pooling allocator, for example. Affected embedders are recommended to analyze preexisting wasm modules to see if they're affected by the incorrect codegen rules and possibly correlate that with an anomalous number of traps during historical execution to locate possibly suspicious modules. The specific bug in Cranelift's x86_64 backend is that a WebAssembly address which is left-shifted by a constant amount from 1 to 3 will get folded into x86_64's addressing modes which perform shifts. For example `(i32.load (i32.shl (local.get 0) (i32.const 3)))` loads from the WebAssembly address `$local0 << 3`. When translated to Cranelift the `$local0 << 3` computation, a 32-bit value, is zero-extended to a 64-bit value and then added to the base address of linear memory. Cranelift would generate an instruction of the form `movl (%base, %local0, 8), %dst` which calculates `%base + %local0 << 3`. The bug here, however, is that the address computation happens with 64-bit values, where the `$local0 << 3` computation was supposed to be truncated to a a 32-bit value. This means that `%local0`, which can use up to 32-bits for an address, gets 3 extra bits of address space to be accessible via this `movl` instruction. The fix in Cranelift is to remove the erroneous lowering rules in the backend which handle these zero-extended expression. The above example is then translated to `movl %local0, %temp; shl $3, %temp; movl (%base, %temp), %dst` which correctly truncates the intermediate computation of `%local0 << 3` to 32-bits inside the `%temp` register which is then added to the `%base` value. Wasmtime version 4.0.1, 5.0.1, and 6.0.1 have been released and have all been patched to no longer contain the erroneous lowering rules. While updating Wasmtime is recommended, there are a number of possible workarounds that embedders can employ to mitigate this issue if updating is not possible. Note that none of these workarounds are on-by-default and require explicit configuration: 1. The `Config::static_memory_maximum_size(0)` option can be used to force all accesses to linear memory to be explicitly bounds-checked. This will perform a bounds check separately from the address-mode computation which correctly calculates the effective address of a load/store. Note that this can have a large impact on the execution performance of WebAssembly modules. 2. The `Config::static_memory_guard_size(1 << 36)` option can be used to greatly increase the guard pages placed after linear memory. This will guarantee that memory accesses up-to-34G away are guaranteed to be semantically correct by reserving unmapped memory for the instance. Note that this reserves a very large amount of virtual memory per-instances and can greatly reduce the maximum number of concurrent instances being run. 3. If using a non-x86_64 host is possible, then that will also work around this bug. This bug does not affect Wasmtime's or Cranelift's AArch64 backend, for example.	9.9	https://nvd.nist.gov/vuln/detail/CVE-2023-26489
CVE-2018-7084	A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files, read configuration, write files, delete files, or reboot the device. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.1	9.8	https://nvd.nist.gov/vuln/detail/CVE-2018-7084
CVE-2019-18935	Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution. (As of 2020.1.114, a default setting prevents the exploit. In 2019.3.1023, but not earlier versions, a non-default setting can prevent exploitation.)	9.8	https://nvd.nist.gov/vuln/detail/CVE-2019-18935
CVE-2022-24637	Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-24637
CVE-2022-32863	A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. Processing maliciously crafted web content may lead to arbitrary code execution.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-32863
CVE-2022-44796	An issue was discovered in Object First Ootbi BETA build 1.0.7.712. The authorization service has a flow that allows getting access to the Web UI without knowing credentials. For signing, the JWT token uses a secret key that is generated through a function that doesn't produce cryptographically strong sequences. An attacker can predict these sequences and generate a JWT token. As a result, an attacker can get access to the Web UI. This is fixed in Object First Ootbi BETA build 1.0.13.1611.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-44796
CVE-2022-1471	SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-1471
CVE-2022-47629	Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47629
CVE-2022-4357	The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-4357
CVE-2022-45588	All versions before R2022-09 of Talend's Remote Engine Gen 2 are potentially vulnerable to XML External Entity (XXE) type of attacks. Users should download the R2022-09 release or later and use it in place of the previous version. Talend Remote Engine Gen 1 and Talend Cloud Engine for Design are not impacted. This XXE vulnerability could only be exploited by someone with the appropriate rights to edit pipelines on the Talend platform. It could not be triggered remotely or by other user input.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-45588
CVE-2022-45589	All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Users of the provisioning service should upgrade to either 8.0.1-R2022-10-RT or 7.3.1-R2022-09-RT or a later release and use it in place of the previous version.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-45589
CVE-2023-24080	A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS) allows attackers to compromise user accounts via a bruteforce attack.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24080
CVE-2023-0839	Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ProMIS Process Co. InSCADA allows Account Footprinting.This issue affects inSCADA: before 20230115-1.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0839
CVE-2023-0090	The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all versions 8.20.0 and below.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0090
CVE-2023-26261	In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user. The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26261
CVE-2023-26109	All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26109
CVE-2023-26110	All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26110
CVE-2023-1251	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Akinsoft Wolvox. This issue affects Wolvox: before 8.02.03.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1251
CVE-2023-1290	A vulnerability, which was classified as critical, has been found in SourceCodester Sales Tracker Management System 1.0. Affected by this issue is some unknown functionality of the file admin/clients/view_client.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222644.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1290
CVE-2023-1291	A vulnerability, which was classified as critical, was found in SourceCodester Sales Tracker Management System 1.0. This affects an unknown part of the file admin/clients/manage_client.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222645 was assigned to this vulnerability.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1291
CVE-2023-1292	A vulnerability has been found in SourceCodester Sales Tracker Management System 1.0 and classified as critical. This vulnerability affects the function delete_client of the file classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222646 is the identifier assigned to this vulnerability.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1292
CVE-2023-1293	A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. This issue affects the function mysqli_query of the file admin_cs.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222647.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1293
CVE-2023-1294	A vulnerability was found in SourceCodester File Tracker Manager System 1.0. It has been classified as critical. Affected is an unknown function of the file /file_manager/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222648.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1294
CVE-2023-1287	An XSL template vulnerability in ENOVIA Live Collaboration V6R2013xE allows Remote Code Execution.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1287
CVE-2023-1303	A vulnerability was found in UCMS 1.6 and classified as critical. This issue affects some unknown processing of the file sadmin/fileedit.php of the component System File Management Module. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-222683.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1303
CVE-2023-1307	Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1307
CVE-2023-1091	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection.This issue affects Licensed Warehousing Automation System: through 2023.1.01.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1091
CVE-2023-24774	Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \\controller\\auth\\Auth.php.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24774
CVE-2021-33360	An issue found in Stoqey gnuplot v.0.0.3 and earlier allows attackers to execute arbitrary code via the src/index.ts, plotCallack, child_process, and/or filePath parameter(s).	9.8	https://nvd.nist.gov/vuln/detail/CVE-2021-33360
CVE-2023-1321	A vulnerability has been found in lmxcms 1.41 and classified as critical. Affected by this vulnerability is the function update of the file AcquisiAction.class.php. The manipulation of the argument id with the input -1 and updatexml(0,concat(0x7e,user()),1)# leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222727.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1321
CVE-2023-1322	A vulnerability was found in lmxcms 1.41 and classified as critical. Affected by this issue is the function reply of the file BookAction.class.php. The manipulation of the argument id with the input 1) and updatexml(0,concat(0x7e,user()),1)# leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222728.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1322
CVE-2023-26075	An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26075
CVE-2023-27852	NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27852
CVE-2023-27853	NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27853
CVE-2022-33256	Memory corruption due to improper validation of array index in Multi-mode call processor.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-33256
CVE-2022-40515	Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-40515
CVE-2022-40537	Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-40537
CVE-2023-1198	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saysis Starcities allows SQL Injection.This issue affects Starcities: through 1.3.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1198
CVE-2023-25143	An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25143
CVE-2023-1350	A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function update_job_run of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input \|date >/tmp/bad-item-link.txt leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 8d8b5b963fa64c7a2122d1bbfbb0bed46e813e59. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-222848.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1350
CVE-2023-1351	A vulnerability classified as critical has been found in SourceCodester Computer Parts Sales and Inventory System 1.0. This affects an unknown part of the file cust_transac.php. The manipulation of the argument phonenumber leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222849 was assigned to this vulnerability.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1351
CVE-2023-1352	A vulnerability, which was classified as critical, has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. This issue affects some unknown processing of the file /admin/login.php. The manipulation of the argument txtusername/txtpassword leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222851.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1352
CVE-2022-48367	An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-48367
CVE-2023-1357	A vulnerability, which was classified as critical, has been found in SourceCodester Simple Bakery Shop Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation of the argument username/password with the input admin' or 1=1 -- leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222860.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1357
CVE-2023-1358	A vulnerability, which was classified as critical, was found in SourceCodester Gadget Works Online Ordering System 1.0. This affects an unknown part of the file /philosophy/admin/login.php of the component POST Parameter Handler. The manipulation of the argument user_email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222861 was assigned to this vulnerability.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1358
CVE-2023-28154	Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-28154
CVE-2023-1368	A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component POST Parameter Handler. The manipulation of the argument user leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222874 is the identifier assigned to this vulnerability.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1368
CVE-2023-24033	The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol (SDP) module, which can lead to a denial of service.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24033
CVE-2023-26072	An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26072
CVE-2023-26074	An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26074
CVE-2023-24762	OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24762
CVE-2023-26073	An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26073
CVE-2023-27061	Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the wifiFilterListRemark parameter in the modifyWifiFilterRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27061
CVE-2023-27063	Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the DNSDomainName parameter in the formModifyDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27063
CVE-2023-26076	An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G SM message codec can occur due to insufficient parameter validation when decoding reserved options.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26076
CVE-2023-0037	The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0037
CVE-2023-1378	A vulnerability classified as critical was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. This vulnerability affects unknown code of the file paypalsuccess.php of the component POST Parameter Handler. The manipulation of the argument cusid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222904.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1378
CVE-2023-25279	OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25279
CVE-2023-25207	PrestaShop dpdfrance <6.1.3 is vulnerable to SQL Injection via dpdfrance/ajax.php.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25207
CVE-2023-0345	The Akuvox E11 secure shell (SSH) server is enabled by default and can be accessed by the root user. This password cannot be changed by the user.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0345
CVE-2023-0353	Akuvox E11 uses a weak encryption algorithm for stored passwords and uses a hard-coded password for decryption which could allow the encrypted passwords to be decrypted from the configuration file.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0353
CVE-2023-27583	PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key `PanIndex` is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, one may change the JWT key in the source code before compiling the project.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27583
CVE-2023-27052	E-Commerce System v1.0 ws discovered to contain a SQL injection vulnerability via the id parameter at /admin/delete_user.php.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27052
CVE-2023-27582	maddy is a composable, all-in-one mail server. Starting with version 0.2.0 and prior to version 0.6.3, maddy allows a full authentication bypass if SASL authorization username is specified when using the PLAIN authentication mechanisms. Instead of validating the specified username, it is accepted as is after checking the credentials for the authentication username. maddy 0.6.3 includes the fix for the bug. There are no known workarounds.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27582
CVE-2023-1391	A vulnerability, which was classified as problematic, was found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file admin/ab.php. The manipulation of the argument img leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222978 is the identifier assigned to this vulnerability.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1391
CVE-2023-1392	A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is the function save_menu. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222979.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1392
CVE-2023-1394	A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been classified as critical. This affects the function mysqli_query of the file bsitemp.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222981 was assigned to this vulnerability.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1394
CVE-2023-27074	BP Monitoring Management System v1.0 was discovered to contain a SQL injection vulnerability via the emailid parameter in the login page.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27074
CVE-2022-39216	Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, the reset password token is generated without any randomness parameter. This may lead to account takeover. The issue is fixed in versions 2.7.8 and 3.0.2-1.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2022-39216
CVE-2023-21708	Remote Procedure Call Runtime Remote Code Execution Vulnerability	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-21708
CVE-2023-23392	HTTP Protocol Stack Remote Code Execution Vulnerability	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23392
CVE-2023-23397	Microsoft Outlook Elevation of Privilege Vulnerability	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23397
CVE-2023-23415	Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23415
CVE-2023-28343	OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-28343
CVE-2023-26511	A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0 and 6.6.1 allows remote attackers to gain access to the admin panel Propiusadmin.php, which allows taking control of the affected system.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26511
CVE-2023-1327	Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web management interface by resetting the admin password.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1327
CVE-2023-27757	An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27757
CVE-2023-28371	In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-28371
CVE-2023-27239	Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27239
CVE-2023-27240	Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27240
CVE-2023-24726	Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter on the enquiry page.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24726
CVE-2023-1379	A vulnerability was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file addmem.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223127.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1379
CVE-2023-1416	A vulnerability classified as critical has been found in Simple Art Gallery 1.0. Affected is an unknown function of the file adminHome.php. The manipulation of the argument social_facebook leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223128.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1416
CVE-2020-27507	The Kamailio SIP before 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2020-27507
CVE-2023-25344	An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.prototype anonymous function.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25344
CVE-2023-24468	Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24468
CVE-2023-25280	OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25280
CVE-2023-27250	Online Book Store Project v1.0 is vulnerable to SQL Injection via /bookstore/bookPerPub.php.	9.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27250
CVE-2023-27269	SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker with non-administrative authorizations to exploit a directory traversal flaw in an available service to overwrite the system files. In this attack, no data can be read but potentially critical OS files can be overwritten making the system unavailable.	9.6	https://nvd.nist.gov/vuln/detail/CVE-2023-27269
CVE-2023-27501	SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker to exploit insufficient validation of path information provided by users, thus exploiting a directory traversal flaw in an available service to delete system files. In this attack, no data can be read but potentially critical OS files can be deleted making the system unavailable, causing significant impact on both availability and integrity	9.6	https://nvd.nist.gov/vuln/detail/CVE-2023-27501
CVE-2022-1586	An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.	9.1	https://nvd.nist.gov/vuln/detail/CVE-2022-1586
CVE-2022-1587	An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.	9.1	https://nvd.nist.gov/vuln/detail/CVE-2022-1587
CVE-2023-26957	onekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the component \\admin\\controller\\plugins.	9.1	https://nvd.nist.gov/vuln/detail/CVE-2023-26957
CVE-2023-0349	The Akuvox E11 libvoice library provides unauthenticated access to the camera capture for image and video. This could allow an attacker to view and record image and video from the camera.	9.1	https://nvd.nist.gov/vuln/detail/CVE-2023-0349
CVE-2023-0352	The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker could download the device key file. An attacker could then use this page to reset the password back to the default.	9.1	https://nvd.nist.gov/vuln/detail/CVE-2023-0352
CVE-2023-0354	The Akuvox E11 web server can be accessed without any user authentication, and this could allow an attacker to access sensitive information, as well as create and download packet captures with known default URLs.	9.1	https://nvd.nist.gov/vuln/detail/CVE-2023-0354

OTHER VULNERABILITIES

CVE Number	Description	Base Score	Reference
CVE-2018-2844	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	8.8	https://nvd.nist.gov/vuln/detail/CVE-2018-2844
CVE-2019-0853	A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2019-0853
CVE-2022-1050	A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-1050
CVE-2021-21938	A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2021-21938
CVE-2022-39286	Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted files in CWD. This vulnerability allows one user to run code as another. Version 4.11.2 contains a patch for this issue. There are no known workarounds.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-39286
CVE-2022-44794	An issue was discovered in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote attacker to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary data goes directly to the Bash interpreter. An attacker would need credentials to exploit this vulnerability. This is fixed in Object First Ootbi BETA build 1.0.13.1611.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-44794
CVE-2022-46763	A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-46763
CVE-2020-36669	The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.3.9. This is due to missing nonce validation on the backup_guard_get_import_backup() function. This makes it possible for unauthenticated attackers to upload arbitrary files to the vulnerable site's server via a forged request, granted they can trick a site's administrator into performing an action such as clicking on a link.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2020-36669
CVE-2023-27475	Goutil is a collection of miscellaneous functionality for the go language. In versions prior to 0.6.0 when users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. This vulnerability is known as a ZipSlip. This issue has been fixed in version 0.6.0, users are advised to upgrade. There are no known workarounds for this issue.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27475
CVE-2023-0089	The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0089
CVE-2023-27486	xCAT is a toolkit for deployment and administration of computer clusters. In versions prior to 2.16.5 if zones are configured as a mechanism to secure clusters in XCAT, it is possible for a local root user from one node to obtain credentials to SSH to any node in any zone, except the management node of the default zone. XCAT zones are not enabled by default. Only users that use the optional zone feature are impacted. All versions of xCAT prior to xCAT 2.16.5 are vulnerable. This problem has been fixed in xCAT 2.16.5. Users making use of zones should upgrade to 2.16.5. Users unable to upgrade may mitigate the issue by disabling zones or patching the management node with the fix contained in commit `85149c37f49`.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27486
CVE-2023-27490	NextAuth.js is an open source authentication solution for Next.js applications. `next-auth` applications using OAuth provider versions before `v4.20.1` have been found to be subject to an authentication vulnerability. A bad actor who can read traffic on the victim's network or who is able to social engineer the victim to click a manipulated login link could intercept and tamper with the authorization URL to log in as the victim, bypassing the CSRF protection. This is due to a partial failure during a compromised OAuth session where a session code is erroneously generated. This issue has been addressed in version 4.20.1. Users are advised to upgrade. Users unable to upgrade may using Advanced Initialization, manually check the callback request for state, pkce, and nonce against the provider configuration to prevent this issue. See the linked GHSA for details.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27490
CVE-2023-1313	Unrestricted Upload of File with Dangerous Type in GitHub repository cockpit-hq/cockpit prior to 2.4.1.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1313
CVE-2023-1205	NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1205
CVE-2023-27851	NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27851
CVE-2020-5002	IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. IBM X-Force ID: 192954.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2020-5002
CVE-2022-33213	Memory corruption in modem due to buffer overflow while processing a PPP packet	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-33213
CVE-2023-23328	A File Upload vulnerability exists in AvantFAX 3.3.7. An authenticated user can bypass PHP file type validation in FileUpload.php by uploading a specially crafted PHP file.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23328
CVE-2022-47166	Cross-Site Request Forgery (CSRF) vulnerability in voidCoders Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.1.1 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47166
CVE-2022-47440	Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Tickets plugin <= 1.9.10 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47440
CVE-2022-38074	SQL Injection vulnerability in VeronaLabs WP Statistics plugin <= 13.2.10 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-38074
CVE-2023-25991	Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic plugin <= 5.1.9.2 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25991
CVE-2023-25973	Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3.0.2 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25973
CVE-2023-0477	The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0477
CVE-2023-0351	The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality. This could allow an attacker to upload files with executable command instructions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0351
CVE-2023-27581	github-slug-action is a GitHub Action to expose slug value of GitHub environment variables inside of one's GitHub workflow. Starting in version 4.0.0` and prior to version 4.4.1, this action uses the `github.head_ref` parameter in an insecure way. This vulnerability can be triggered by any user on GitHub on any workflow using the action on pull requests. They just need to create a pull request with a branch name, which can contain the attack payload. This can be used to execute code on the GitHub runners and to exfiltrate any secrets one uses in the CI pipeline. A patched action is available in version 4.4.1. No workaround is available.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27581
CVE-2023-25616	In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25616
CVE-2023-25617	SAP Business Object (Adaptive Job Server) - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the public java SDK. Programs could impact the confidentiality, integrity and availability of the system.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25617
CVE-2022-47155	Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Slider by Supsystic plugin <= 1.8.5 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47155
CVE-2022-47162	Cross-Site Request Forgery (CSRF) vulnerability in Dannie Herdyawan DH – Anti AdBlocker plugin <= 36 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47162
CVE-2022-47154	Cross-Site Request Forgery (CSRF) vulnerability in Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin <= 2.4.49 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47154
CVE-2022-47141	Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Dynamic Keywords Injector plugin <= 2.3.15 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47141
CVE-2022-47143	Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG plugin <= 3.3.9 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47143
CVE-2022-47147	Cross-Site Request Forgery (CSRF) vulnerability in Kesz1 Technologies ipBlockList plugin <= 1.0 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47147
CVE-2022-47422	Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin Accept Stripe Donation – AidWP plugin <= 3.1.5 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47422
CVE-2022-47443	Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.5 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47443
CVE-2023-27309	A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27309
CVE-2023-27310	A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to otherwise non-privileged user accounts.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27310
CVE-2023-27463	A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote attackers to execute arbitrary SQL queries on the server database.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27463
CVE-2023-1299	HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1299
CVE-2023-1398	A vulnerability classified as critical was found in XiaoBingBy TeaCMS 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/upload. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222985 was assigned to this vulnerability.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1398
CVE-2023-23388	Windows Bluetooth Driver Elevation of Privilege Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23388
CVE-2023-23403	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23403
CVE-2023-23406	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23406
CVE-2023-23413	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23413
CVE-2023-24864	Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24864
CVE-2023-24867	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24867
CVE-2023-24868	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24868
CVE-2023-24871	Windows Bluetooth Service Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24871
CVE-2023-24872	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24872
CVE-2023-24876	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24876
CVE-2023-24907	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24907
CVE-2023-24909	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24909
CVE-2023-24913	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24913
CVE-2023-25206	PrestaShop ws_productreviews < 3.6.2 is vulnerable to SQL Injection.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25206
CVE-2023-28339	OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-28339
CVE-2023-26262	An issue was discovered in Sitecore XP/XM 10.3. As an authenticated Sitecore user, a unrestricted language file upload vulnerability exists the can lead to direct code execution on the content management (CM) server.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26262
CVE-2022-47427	Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47427
CVE-2023-25708	Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin <= 8.2.7 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25708
CVE-2023-25709	Cross-Site Request Forgery (CSRF) vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.11 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25709
CVE-2023-25968	Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, Madalin Ungureanu, Antohe Cristian Client Portal – Private user pages and login plugin <= 1.1.8 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25968
CVE-2023-24728	Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the contact parameter in the user profile update function.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24728
CVE-2023-24729	Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the address parameter in the user profile update function.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24729
CVE-2023-24730	Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the company parameter in the user profile update function.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24730
CVE-2023-24731	Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the query parameter in the user profile update function.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24731
CVE-2023-24732	Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the gender parameter in the user profile update function.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24732
CVE-2022-44580	SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Google Reviews plugin <= 2.2.3 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-44580
CVE-2023-27103	Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the function derive_collocated_motion_vectors at motion.cc.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27103
CVE-2023-1415	A vulnerability was found in Simple Art Gallery 1.0. It has been declared as critical. This vulnerability affects the function sliderPicSubmit of the file adminHome.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-223126 is the identifier assigned to this vulnerability.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1415
CVE-2023-26284	IBM MQ Certified Container 9.3.0.1 through 9.3.0.3 and 9.3.1.0 through 9.3.1.1 could allow authenticated users with the cluster to be granted administration access to the MQ console due to improper access controls. IBM X-Force ID: 248417.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26284
CVE-2023-1389	TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1389
CVE-2023-28337	When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. End users can use this to upload modified, unofficial, and potentially malicious firmware to the device.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-28337
CVE-2023-24760	An issue found in Ofcms v.1.1.4 allows a remote attacker to to escalate privileges via the respwd method in SysUserController.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24760
CVE-2022-4009	In affected versions of Octopus Deploy it is possible for a user to introduce code via offline package creation	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-4009
CVE-2022-38063	Cross-Site Request Forgery (CSRF) vulnerability in Social Login WP plugin <= 5.0.0.0 versions.	8.8	https://nvd.nist.gov/vuln/detail/CVE-2022-38063
CVE-2023-23857	Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services across systems. On a successful exploitation, the attacker can read and modify some sensitive information but can also be used to lock up any element or operation of the system making that it unresponsive or unavailable.	8.6	https://nvd.nist.gov/vuln/detail/CVE-2023-23857
CVE-2023-22374	In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their respective branches, a format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.	8.5	https://nvd.nist.gov/vuln/detail/CVE-2023-22374
CVE-2020-4927	A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191695.	8.2	https://nvd.nist.gov/vuln/detail/CVE-2020-4927
CVE-2020-5367	Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim's data in transit.	8.1	https://nvd.nist.gov/vuln/detail/CVE-2020-5367
CVE-2023-22891	There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.	8.1	https://nvd.nist.gov/vuln/detail/CVE-2023-22891
CVE-2023-24999	HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability is fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.11 and above.	8.1	https://nvd.nist.gov/vuln/detail/CVE-2023-24999
CVE-2023-27500	An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. In this attack, no data can be read but potentially critical OS files can be over-written making the system unavailable.	8.1	https://nvd.nist.gov/vuln/detail/CVE-2023-27500
CVE-2023-23404	Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability	8.1	https://nvd.nist.gov/vuln/detail/CVE-2023-23404
CVE-2023-23405	Remote Procedure Call Runtime Remote Code Execution Vulnerability	8.1	https://nvd.nist.gov/vuln/detail/CVE-2023-23405
CVE-2023-24869	Remote Procedure Call Runtime Remote Code Execution Vulnerability	8.1	https://nvd.nist.gov/vuln/detail/CVE-2023-24869
CVE-2023-24908	Remote Procedure Call Runtime Remote Code Execution Vulnerability	8.1	https://nvd.nist.gov/vuln/detail/CVE-2023-24908
CVE-2019-0803	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2019-0803
CVE-2019-0841	An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2019-0841
CVE-2019-0863	An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2019-0863
CVE-2019-0881	An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2019-0881
CVE-2022-40196	Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 and Intel C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-40196
CVE-2022-41342	Improper buffer restrictions in the Intel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-41342
CVE-2021-32142	Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2021-32142
CVE-2023-26544	In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26544
CVE-2023-26545	In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26545
CVE-2023-26605	In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26605
CVE-2023-26606	In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26606
CVE-2023-23514	A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges..	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23514
CVE-2023-1127	Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1127
CVE-2023-1003	A vulnerability, which was classified as critical, was found in Typora up to 1.5.5. Affected is an unknown function of the component WSH JScript Handler. The manipulation leads to code injection. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.8 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-221736.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1003
CVE-2023-27985	emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27985
CVE-2023-27986	emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27986
CVE-2023-27117	WebAssembly v1.0.29 was discovered to contain a heap overflow via the component component wabt::Node::operator.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27117
CVE-2022-20929	A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cryptographic signature verification of upgrade files. An attacker could exploit this vulnerability by providing an administrator with an unauthentic upgrade file. A successful exploit could allow the attacker to fully compromise the Cisco NFVIS system.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-20929
CVE-2022-25655	Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-25655
CVE-2022-25694	Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-25694
CVE-2022-25705	Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-25705
CVE-2022-25709	Memory corruption in modem due to use of out of range pointer offset while processing qmi msg	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-25709
CVE-2022-33242	Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-33242
CVE-2022-33245	Memory corruption in WLAN due to use after free	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-33245
CVE-2022-33260	Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-33260
CVE-2022-33278	Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-33278
CVE-2022-40530	Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-40530
CVE-2022-40531	Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-40531
CVE-2022-40539	Memory corruption in Automotive Android OS due to improper validation of array index.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-40539
CVE-2022-40540	Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2022-40540
CVE-2023-25144	An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25144
CVE-2023-25145	A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25145
CVE-2023-25146	A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to quarantine a file, delete the original folder and replace with a junction to an arbitrary location, ultimately leading to an arbitrary file dropped to an arbitrary location. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25146
CVE-2023-25148	A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to exploit the vulnerability by changing a specific file into a pseudo-symlink, allowing privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-25148
CVE-2023-0628	Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0628
CVE-2023-27398	A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20304)	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27398
CVE-2023-27399	A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20299, ZDI-CAN-20346)	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27399
CVE-2023-27400	A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20300)	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27400
CVE-2023-27401	A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20308, ZDI-CAN-20345)	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27401
CVE-2023-27402	A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20334)	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27402
CVE-2023-27403	A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains a memory corruption vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20303, ZDI-CAN-20348)	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27403
CVE-2023-27404	A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to stack-based buffer while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20433)	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27404
CVE-2023-27405	A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20432)	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27405
CVE-2023-27406	A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to stack-based buffer while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20449)	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27406
CVE-2023-23399	Microsoft Excel Remote Code Execution Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23399
CVE-2023-23401	Windows Media Remote Code Execution Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23401
CVE-2023-23402	Windows Media Remote Code Execution Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23402
CVE-2023-23410	Windows HTTP.sys Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23410
CVE-2023-23412	Windows Accounts Picture Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23412
CVE-2023-23416	Windows Cryptographic Services Remote Code Execution Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23416
CVE-2023-23417	Windows Partition Management Driver Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23417
CVE-2023-23418	Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23418
CVE-2023-23419	Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23419
CVE-2023-23420	Windows Kernel Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23420
CVE-2023-23421	Windows Kernel Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23421
CVE-2023-23422	Windows Kernel Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23422
CVE-2023-23423	Windows Kernel Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-23423
CVE-2023-24910	Windows Graphics Component Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24910
CVE-2023-24930	Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24930
CVE-2023-27590	Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27590
CVE-2023-27781	jpegoptim v1.5.2 was discovered to contain a heap overflow in the optimize function at jpegoptim.c.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27781
CVE-2023-24229	DrayTek Vigor2960 v1.5.1.4 was discovered to contain a command injection vulnerability via the mainfunction.cgi component.	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-24229
CVE-2019-0752	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-0752
CVE-2019-0810	A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-0810
CVE-2019-20454	An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \\X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-20454
CVE-2019-10790	taffydb npm module, vulnerable in all versions up to and including 2.7.3, allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. taffy sets an internal index for each data item in its DB. However, it is found that the internal index can be forged by adding additional properties into user-input. If index is found in the query, taffyDB will ignore other query conditions and directly return the indexed data item. Moreover, the internal index is in an easily-guessable format (e.g., T000002R000001). As such, attackers can use this vulnerability to access any data items in the DB.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-10790
CVE-2022-22643	This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A user may send audio and video in a FaceTime call without knowing that they have done so.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-22643
CVE-2022-24793	PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to CVE-2023-27585. The difference is that this issue is in parsing the query record `parse_rr()`, while the issue in CVE-2023-27585 is in `parse_query()`. A patch is available in the `master` branch of the `pjsip/pjproject` GitHub repository. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver instead.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-24793
CVE-2022-27782	libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-27782
CVE-2022-32793	Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-32793
CVE-2023-24580	An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24580
CVE-2023-0361	A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0361
CVE-2022-3353	A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:::::::* * cpe:2.3:a:hitachienergy:gms600:1.3.0:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:::::::* * cpe:2.3:a:hitachienergy:mms:2.2.3:::::::* * cpe:2.3:a:hitachienergy:pwc600:1.0:::::::* * cpe:2.3:a:hitachienergy:pwc600:1.1:::::::* * cpe:2.3:a:hitachienergy:pwc600:1.2:::::::* * cpe:2.3:o:hitachienergy:reb500:7:::::::: * cpe:2.3:o:hitachienergy:reb500:8:::::::* * cpe:2.3:o:hitachienergy:relion670:1.2.::::::: * cpe:2.3:o:hitachienergy:relion670:2.0.::::::: * cpe:2.3:o:hitachienergy:relion650:1.1.::::::: * cpe:2.3:o:hitachienergy:relion650:1.3.::::::: * cpe:2.3:o:hitachienergy:relion650:2.1.::::::: * cpe:2.3:o:hitachienergy:relion670:2.1.::::::: * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:::::::* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:::::::* * cpe:2.3:o:hitachienergy:relion670:2.2.::::::: * cpe:2.3:o:hitachienergy:relion650:2.2.::::::: * cpe:2.3:o:hitachienergy:rtu500cmu:12..:::::::* * cpe:2.3:a:hitachienergy:rtu500cmu:13..:::::::* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.::::::: * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:::::::* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:::::::*	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-3353
CVE-2023-23918	A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23918
CVE-2023-23919	A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23919
CVE-2023-27476	OWSLib is a Python package for client programming with Open Geospatial Consortium (OGC) web service interface standards, and their related content models. OWSLib's XML parser (which supports both `lxml` and `xml.etree`) does not disable entity resolution, and could lead to arbitrary file reads from an attacker-controlled XML payload. This affects all XML parsing in the codebase. This issue has been addressed in version 0.28.1. All users are advised to upgrade. The only known workaround is to patch the library manually. See `GHSA-8h9c-r582-mggc` for details.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27476
CVE-2023-26956	onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/curd/code.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-26956
CVE-2023-24533	Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24533
CVE-2021-33639	REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only memory/file modified.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2021-33639
CVE-2023-26948	onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/file/download.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-26948
CVE-2023-1288	An XML External Entity injection (XXE) vulnerability in ENOVIA Live Collaboration V6R2013xE allows an attacker to read local files on the server.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1288
CVE-2023-25573	metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exists in `/api/jmeter/download/files`, which allows any user to download any file without authentication. This issue may expose all files available to the running process. This issue has been addressed in version 1.20.20 lts and 2.7.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-25573
CVE-2023-27483	crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. An out of memory panic vulnerability has been discovered in affected versions. Applications that use the `Paved` type's `SetValue` method with user provided input without proper validation might use excessive amounts of memory and cause an out of memory panic. In the fieldpath package, the Paved.SetValue method sets a value on the Paved object according to the provided path, without any validation. This allows setting values in slices at any provided index, which grows the target array up to the requested index, the index is currently capped at max uint32 (4294967295) given how indexes are parsed, but that is still an unnecessarily large value. If callers are not validating paths' indexes on their own, which most probably are not going to do, given that the input is parsed directly in the SetValue method, this could allow users to consume arbitrary amounts of memory. Applications that do not use the `Paved` type's `SetValue` method are not affected. This issue has been addressed in versions 0.16.1 and 0.19.2. Users are advised to upgrade. Users unable to upgrade can parse and validate the path before passing it to the `SetValue` method of the `Paved` type, constraining the index size as deemed appropriate.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27483
CVE-2023-20049	A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-20049
CVE-2021-34125	An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2021-34125
CVE-2014-125093	A vulnerability has been found in Ad Blocking Detector Plugin up to 1.2.1 and classified as problematic. This vulnerability affects unknown code of the file ad-blocking-detector.php. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 1.2.2 is able to address this issue. The name of the patch is 3312b9cd79e5710d1e282fc9216a4e5ab31b3d94. It is recommended to upgrade the affected component. VDB-222610 is the identifier assigned to this vulnerability.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2014-125093
CVE-2023-27161	Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /Repositories. This vulnerability allows attackers to access network resources and sensitive information via a crafted POST request.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27161
CVE-2022-33244	Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-33244
CVE-2022-33250	Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-33250
CVE-2022-33254	Transient DOS due to reachable assertion in Modem while processing SIB1 Message.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-33254
CVE-2022-33272	Transient DOS in modem due to reachable assertion.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-33272
CVE-2022-33309	Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-33309
CVE-2022-40527	Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-40527
CVE-2022-40535	Transient DOS due to buffer over-read in WLAN while sending a packet to device.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-40535
CVE-2022-43902	IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS is vulnerable to a denial of service attack caused by specially crafted PCF or MQSC messages. IBM X-Force ID: 240832.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-43902
CVE-2023-1246	Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations.This issue affects Starcities: through 1.3.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1246
CVE-2023-27900	Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in hudson.util.MultipartFormDataParser, allowing attackers to trigger a denial of service.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27900
CVE-2023-27901	Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27901
CVE-2022-44574	An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-44574
CVE-2023-23911	An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23911
CVE-2023-27530	A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27530
CVE-2023-27532	Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27532
CVE-2023-1364	A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file category.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222871.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1364
CVE-2023-1365	A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222872.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1365
CVE-2023-25283	A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-25283
CVE-2022-31474	Directory Traversal vulnerability in iThemes BackupBuddy plugin 8.5.8.0 - 8.7.4.1 versions.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-31474
CVE-2023-27062	Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27062
CVE-2023-27064	Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27064
CVE-2023-27065	Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27065
CVE-2023-0355	Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt sensitive information.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0355
CVE-2023-0346	Akuvox E11 cloud login is performed through an unencrypted HTTP connection. An attacker could gain access to the Akuvox cloud and device if the MAC address of a device if known.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0346
CVE-2023-0348	Akuvox E11 allows direct SIP calls. No access control is enforced by the SIP servers, which could allow an attacker to contact any device within Akuvox to call any other device.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0348
CVE-2023-27271	In SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own admintools, leading to a high impact on availability.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27271
CVE-2023-27896	In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own CMS, leading to a high impact on availability.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27896
CVE-2022-47163	Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database – Insert CSV file content into WordPress plugin <= 2.6 versions.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47163
CVE-2023-25957	A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All Versions >= 1.16.4 < 1.17.2), Mendix SAML (Mendix 8 compatible) (All versions >= 2.2.0 < 2.2.3), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= 3.1.9 < 3.2.5), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= 3.1.9 < 3.2.5). The affected versions of the module insufficiently verifies the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-25957
CVE-2022-39214	Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, a user who can log in on iTop is able to take over any account just by knowing the account's username. This issue is fixed in versions 2.7.8 and 3.0.2-1.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-39214
CVE-2023-24856	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24856
CVE-2023-24857	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24857
CVE-2023-24858	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24858
CVE-2023-24859	Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24859
CVE-2023-24922	Microsoft Dynamics 365 Information Disclosure Vulnerability	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24922
CVE-2023-27588	Hasura is an open-source product that provides users GraphQL or REST APIs. A path traversal vulnerability has been discovered within Hasura GraphQL Engine prior to versions 1.3.4, 2.55.1, 2.20.1, and 2.21.0-beta1. Projects running on Hasura Cloud were not vulnerable. Self-hosted Hasura Projects with deployments that are publicly exposed and not protected by a WAF or other HTTP protection layer should be upgraded to version 1.3.4, 2.55.1, 2.20.1, or 2.21.0-beta1 to receive a patch.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27588
CVE-2022-38456	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ernest Marcinko Ajax Search Lite plugin <= 4.10.3 versions.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-38456
CVE-2023-25345	Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-25345
CVE-2023-27596	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, OpenSIPS crashes when a malformed SDP body is sent multiple times to an OpenSIPS configuration that makes use of the `stream_process` function. This issue was discovered during coverage guided fuzzing of the function `codec_delete_except_re`. By abusing this vulnerability, an attacker is able to crash the server. It affects configurations containing functions that rely on the affected code, such as the function `codec_delete_except_re`. This issue has been fixed in version 3.1.8 and 3.2.5.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27596
CVE-2023-27597	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, when a specially crafted SIP message is processed by the function `rewrite_ruri`, a crash occurs due to a segmentation fault. This issue causes the server to crash. It affects configurations containing functions that make use of the affected code, such as the function `setport`. This issue has been fixed in version 3.1.8 and 3.2.5.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27597
CVE-2023-27598	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, sending a malformed `Via` header to OpenSIPS triggers a segmentation fault when the function `calc_tag_suffix` is called. A specially crafted `Via` header, which is deemed correct by the parser, will pass uninitialized strings to the function `MD5StringArray` which leads to the crash. Abuse of this vulnerability leads to Denial of Service due to a crash. Since the uninitialized string points to memory location `0x0`, no further exploitation appears to be possible. No special network privileges are required to perform this attack, as long as the OpenSIPS configuration makes use of functions such as `sl_send_reply` or `sl_gen_totag` that trigger the vulnerable code. This issue has been fixed in versions 3.1.7 and 3.2.4.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27598
CVE-2023-27599	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, when the function `append_hf` handles a SIP message with a malformed To header, a call to the function `abort()` is performed, resulting in a crash. This is due to the following check in `data_lump.c:399` in the function `anchor_lump`. An attacker abusing this vulnerability will crash OpenSIPS leading to Denial of Service. It affects configurations containing functions that make use of the affected code, such as the function `append_hf`. This issue has been fixed in versions 3.1.7 and 3.2.4.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27599
CVE-2023-28450	An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-28450
CVE-2023-27600	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the `delete_sdp_line` function in the sipmsgops module. This issue can be reproduced by calling the function with an SDP body that does not terminate by a line feed (i.e. `\\n`). The vulnerability was found while performing black-box fuzzing against an OpenSIPS server running a configuration that made use of the functions `codec_delete_except_re` and `codec_delete_re`. The same issue was also discovered while performing coverage guided fuzzing on the function `codec_delete_except_re`. The crash happens because the function `delete_sdp_line` expects that an SDP line is terminated by a line feed (`\\n`). By abusing this vulnerability, an attacker is able to crash the server. It affects configurations containing functions that rely on the affected code, such as the function `codec_delete_except_re`. Due to the sanity check that is performed in the `del_lump` function, exploitation of this issue will generate an `abort` in the lumps processing function, resulting in a Denial of Service. This issue is patched in versions 3.1.7 and 3.2.4.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27600
CVE-2023-27601	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the `delete_sdp_line` function in the sipmsgops module. This issue can be reproduced by calling the function with an SDP body that does not terminate by a line feed (i.e. `\\n`). The vulnerability was found while performing black-box fuzzing against an OpenSIPS server running a configuration that made use of the functions `codec_delete_except_re` and `codec_delete_re`. The same issue was also discovered while performing coverage guided fuzzing on the function `codec_delete_except_re`. The crash happens because the function `delete_sdp_line` expects that an SDP line is terminated by a line feed (`\\n`): By abusing this vulnerability, an attacker is able to crash the server. It affects configurations containing functions that rely on the affected code, such as the function `codec_delete_except_re`. Due to the sanity check that is performed in the `del_lump` function, exploitation of this issue will generate an `abort` in the lumps processing function, resulting in a Denial of Service. This issue has been fixed in versions 3.1.7 and 3.2.4.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27601
CVE-2023-28095	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Versions prior to 3.1.7 and 3.2.4 have a potential issue in `msg_translator.c:2628` which might lead to a server crash. This issue was found while fuzzing the function `build_res_buf_from_sip_req` but could not be reproduced against a running instance of OpenSIPS. This issue could not be exploited against a running instance of OpenSIPS since no public function was found to make use of this vulnerable code. Even in the case of exploitation through unknown vectors, it is highly unlikely that this issue would lead to anything other than Denial of Service. This issue has been fixed in versions 3.1.7 and 3.2.4.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-28095
CVE-2023-28096	OpenSIPS, a Session Initiation Protocol (SIP) server implementation, has a memory leak starting in the 2.3 branch and priot to versions 3.1.8 and 3.2.5. The memory leak was detected in the function `parse_mi_request` while performing coverage-guided fuzzing. This issue can be reproduced by sending multiple requests of the form `{"jsonrpc": "2.0","method": "log_le`. This malformed message was tested against an instance of OpenSIPS via FIFO transport layer and was found to increase the memory consumption over time. To abuse this memory leak, attackers need to reach the management interface (MI) which typically should only be exposed on trusted interfaces. In cases where the MI is exposed to the internet without authentication, abuse of this issue will lead to memory exhaustion which may affect the underlying system’s availability. No authentication is typically required to reproduce this issue. On the other hand, memory leaks may occur in other areas of OpenSIPS where the cJSON library is used for parsing JSON objects. The issue has been fixed in versions 3.1.8 and 3.2.5.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-28096
CVE-2023-28097	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large _Content-Length_ value and a specially crafted Request-URI causes a segmentation fault in OpenSIPS. This issue occurs when a large amount of shared memory using the `-m` flag was allocated to OpenSIPS, such as 10 GB of RAM. On the test system, this issue occurred when shared memory was set to `2362` or higher. This issue is fixed in versions 3.1.9 and 3.2.6. The only workaround is to guarantee that the Content-Length value of input messages is never larger than `2147483647`.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-28097
CVE-2023-28098	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, a specially crafted Authorization header causes OpenSIPS to crash or behave in an unexpected way due to a bug in the function `parse_param_name()` . This issue was discovered while performing coverage guided fuzzing of the function parse_msg. The AddressSanitizer identified that the issue occurred in the function `q_memchr()` which is being called by the function `parse_param_name()`. This issue may cause erratic program behaviour or a server crash. It affects configurations containing functions that make use of the affected code, such as the function `www_authorize()` . Versions 3.1.7 and 3.2.4 contain a fix.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-28098
CVE-2023-28099	OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, if `ds_is_in_list()` is used with an invalid IP address string (`NULL` is illegal input), OpenSIPS will attempt to print a string from a random address (stack garbage), which could lead to a crash. All users of `ds_is_in_list()` without the `$si` variable as 1st parameter could be affected by this vulnerability to a larger, lesser or no extent at all, depending if the data passed to the function is a valid IPv4 or IPv6 address string or not. Fixes will are available starting with the 3.1.9 and 3.2.6 minor releases. There are no known workarounds.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-28099
CVE-2023-28338	Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting in the device becoming unusable until it is rebooted.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-28338
CVE-2023-25281	A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-25281
CVE-2023-26459	Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, an attacker authenticated as a non-administrative user can craft a request which will trigger the application server to send a request to an arbitrary URL which can reveal, modify or make unavailable non-sensitive information, leading to low impact on Confidentiality, Integrity and Availability.	7.4	https://nvd.nist.gov/vuln/detail/CVE-2023-26459
CVE-2020-17381	An issue was discovered in Ghisler Total Commander 9.51. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the %SYSTEMDRIVE%\\totalcmd\\TOTALCMD64.EXE binary.	7.3	https://nvd.nist.gov/vuln/detail/CVE-2020-17381
CVE-2022-38136	Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.	7.3	https://nvd.nist.gov/vuln/detail/CVE-2022-38136
CVE-2022-4331	An issue has been discovered in GitLab EE affecting all versions starting from 15.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. If a group with SAML SSO enabled is transferred to a new namespace as a child group, it's possible previously removed malicious maintainer or owner of the child group can still gain access to the group via SSO or a SCIM token to perform actions on the group.	7.3	https://nvd.nist.gov/vuln/detail/CVE-2022-4331
CVE-2022-28695	On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, an authenticated attacker with high privileges can upload a maliciously crafted file to the BIG-IP AFM Configuration utility, which allows an attacker to run arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated	7.2	https://nvd.nist.gov/vuln/detail/CVE-2022-28695
CVE-2022-4355	The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin	7.2	https://nvd.nist.gov/vuln/detail/CVE-2022-4355
CVE-2022-4356	The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin	7.2	https://nvd.nist.gov/vuln/detail/CVE-2022-4356
CVE-2022-4371	The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as subscriber could exploit this as well	7.2	https://nvd.nist.gov/vuln/detail/CVE-2022-4371
CVE-2023-27320	Sudo before 1.9.13p2 has a double free in the per-command chroot feature.	7.2	https://nvd.nist.gov/vuln/detail/CVE-2023-27320
CVE-2023-1328	A vulnerability was found in Guizhou 115cms 4.2. It has been classified as problematic. Affected is an unknown function of the file /admin/content/index. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222738 is the identifier assigned to this vulnerability.	7.2	https://nvd.nist.gov/vuln/detail/CVE-2023-1328
CVE-2022-48365	An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives excessive privileges.	7.2	https://nvd.nist.gov/vuln/detail/CVE-2022-48365
CVE-2023-0888	An improper neutralization of directives in dynamically evaluated code vulnerability in the WiFi Battery embedded web server in versions L90/U70 and L92/U92 can be used to gain administrative access to the WiFi communication module. An authenticated user, having access to both the medical device WiFi network (such as a biomedical engineering staff member) and the specific B.Braun Battery Pack SP with WiFi web server credentials, could get administrative (root) access on the infusion pump communication module. This could be used as a vector to start further attacks	7.2	https://nvd.nist.gov/vuln/detail/CVE-2023-0888
CVE-2023-1366	A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been classified as critical. This affects the function query of the file admin/categories/manage_category.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222873 was assigned to this vulnerability.	7.2	https://nvd.nist.gov/vuln/detail/CVE-2023-1366
CVE-2023-27498	SAP Host Agent (SAPOSCOL) - version 7.22, allows an unauthenticated attacker with network access to a server port assigned to the SAP Start Service to submit a crafted request which results in a memory corruption error. This error can be used to reveal but not modify any technical information about the server. It can also make a particular service temporarily unavailable	7.2	https://nvd.nist.gov/vuln/detail/CVE-2023-27498
CVE-2023-23400	Windows DNS Server Remote Code Execution Vulnerability	7.2	https://nvd.nist.gov/vuln/detail/CVE-2023-23400
CVE-2023-27235	An arbitrary file upload vulnerability in the \\admin\\c\\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file.	7.2	https://nvd.nist.gov/vuln/detail/CVE-2023-27235
CVE-2023-1407	A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223111.	7.2	https://nvd.nist.gov/vuln/detail/CVE-2023-1407
CVE-2023-26607	In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.	7.1	https://nvd.nist.gov/vuln/detail/CVE-2023-26607
CVE-2023-1161	ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file	7.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1161
CVE-2023-0629	Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/docker_engine_linux on Windows, via the -H (--host) CLI flag or the DOCKER_HOST environment variable and launch containers without the additional hardening features provided by ECI. This would not affect already running containers, nor containers launched through the usual approach (without Docker's raw socket). The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. This issue has been fixed in Docker Desktop 4.17.0. Affected Docker Desktop versions: from 4.13.0 before 4.17.0.	7.1	https://nvd.nist.gov/vuln/detail/CVE-2023-0629
CVE-2023-23407	Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability	7.1	https://nvd.nist.gov/vuln/detail/CVE-2023-23407
CVE-2023-23414	Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability	7.1	https://nvd.nist.gov/vuln/detail/CVE-2023-23414
CVE-2022-33257	Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.	7	https://nvd.nist.gov/vuln/detail/CVE-2022-33257
CVE-2023-27899	Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution.	7	https://nvd.nist.gov/vuln/detail/CVE-2023-27899
CVE-2023-23385	Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability	7	https://nvd.nist.gov/vuln/detail/CVE-2023-23385
CVE-2023-23393	Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability	7	https://nvd.nist.gov/vuln/detail/CVE-2023-23393
CVE-2023-24861	Windows Graphics Component Elevation of Privilege Vulnerability	7	https://nvd.nist.gov/vuln/detail/CVE-2023-24861
CVE-2023-28144	KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls.	7	https://nvd.nist.gov/vuln/detail/CVE-2023-28144
CVE-2023-28466	do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).	7	https://nvd.nist.gov/vuln/detail/CVE-2023-28466
CVE-2023-27850	NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device.	6.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27850
CVE-2022-34377	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	6.7	https://nvd.nist.gov/vuln/detail/CVE-2022-34377
CVE-2022-47461	In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.	6.7	https://nvd.nist.gov/vuln/detail/CVE-2022-47461
CVE-2022-47462	In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.	6.7	https://nvd.nist.gov/vuln/detail/CVE-2022-47462
CVE-2023-25147	An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an attacker must first obtain administrative access on the target system via another method in order to exploit this.	6.7	https://nvd.nist.gov/vuln/detail/CVE-2023-25147
CVE-2023-0978	A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI command. The vulnerability allows the attack	6.7	https://nvd.nist.gov/vuln/detail/CVE-2023-0978
CVE-2023-24571	Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.	6.7	https://nvd.nist.gov/vuln/detail/CVE-2023-24571
CVE-2023-1170	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.	6.6	https://nvd.nist.gov/vuln/detail/CVE-2023-1170
CVE-2023-1175	Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.	6.6	https://nvd.nist.gov/vuln/detail/CVE-2023-1175
CVE-2022-44795	An issue was discovered in Object First Ootbi BETA build 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That can lead to prediction of the generated URL. As a result, an attacker can get access to system logs. An attacker would need credentials to exploit this vulnerability. This is fixed in Object First Ootbi BETA build 1.0.13.1611. Important note - This vulnerability is related to the Object First Ootbi BETA version, which is not released for production and therefore has no impact on the production environment. The production-ready Object First Ootbi version will have this vulnerability fixed.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2022-44795
CVE-2022-44644	In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.1	6.5	https://nvd.nist.gov/vuln/detail/CVE-2022-44644
CVE-2023-0845	Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0845
CVE-2023-25814	metersphere is an open source continuous testing platform. In versions prior to 2.7.1 a user who has permission to create a resource file through UI operations is able to append a path to their submission query which will be read by the system and displayed to the user. This allows a users of the system to read arbitrary files on the filesystem of the server so long as the server process itself has permission to read the requested files. This issue has been addressed in version 2.7.1. All users are advised to upgrade. There are no known workarounds for this issue.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-25814
CVE-2022-3767	Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2022-3767
CVE-2023-1201	Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1201
CVE-2023-1203	Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access sensitive data on entries that were edited using the affected submodule.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1203
CVE-2023-1361	SQL Injection in GitHub repository unilogies/bumsys prior to v2.0.2.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1361
CVE-2023-0749	The Ocean Extra WordPress plugin before 2.1.3 does not ensure that the template to be loaded via a shortcode is actually a template, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, such as draft, private or even password protected ones.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0749
CVE-2023-0772	The Popup Builder by OptinMonster WordPress plugin before 2.12.2 does not ensure that the campaign to be loaded via some shortcodes is actually a campaign, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, like draft, private or even password protected ones.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0772
CVE-2023-0350	Akuvox E11 does not ensure that a file extension is associated with the file provided. This could allow an attacker to upload a file to the device by changing the extension of a malicious file to an accepted file type.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0350
CVE-2023-27587	ReadtoMyShoe, a web app that lets users upload articles and listen to them later, generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google Cloud TTS request, then it will include the full URL of the request. The request URL contains the Google Cloud API key. This has been patched in commit 8533b01. Upgrading should be accompanied by deleting the current GCP API key and issuing a new one. There are no known workarounds.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27587
CVE-2023-25618	SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a non-administrative user can craft a request with certain parameters which will consume the server's resources sufficiently to make it unavailable. There is no ability to view or modify any information.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-25618
CVE-2023-27270	SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in a class for test purposes in which an attacker authenticated as a non-administrative user can craft a request with certain parameters, which will consume the server's resources sufficiently to make it unavailable. There is no ability to view or modify any information.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27270
CVE-2023-27895	SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On successful exploitation, an attacker can read some sensitive information but cannot modify and delete the data.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27895
CVE-2022-47595	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Go Maps (formerly WP Google Maps) plugin <= 9.0.15 versions.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47595
CVE-2023-24180	Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmap_loader.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted elf file.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24180
CVE-2023-27073	A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27073
CVE-2023-23411	Windows Hyper-V Denial of Service Vulnerability	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23411
CVE-2023-24863	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24863
CVE-2023-24865	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24865
CVE-2023-24866	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24866
CVE-2023-24870	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24870
CVE-2023-24890	Microsoft OneDrive for iOS Security Feature Bypass Vulnerability	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24890
CVE-2023-24906	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24906
CVE-2023-27589	Minio is a Multi-Cloud Object Storage framework. Starting with RELEASE.2020-12-23T02-24-12Z and prior to RELEASE.2023-03-13T19-46-17Z, a user with `consoleAdmin` permissions can potentially create a user that matches the root credential `accessKey`. Once this user is created successfully, the root credential ceases to work appropriately. The issue is patched in RELEASE.2023-03-13T19-46-17Z. There are ways to work around this via adding higher privileges to the disabled root user via `mc admin policy set`.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27589
CVE-2023-27234	A Cross-Site Request Forgery (CSRF) in /Sys/index.html of Jizhicms v2.4.5 allows attackers to arbitrarily make configuration changes within the application.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27234
CVE-2023-27102	Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decoder_context::process_slice_segment_header at decctx.cc.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27102
CVE-2022-46774	IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to incorrect default permissions which could give access to a user to actions that they should not have access to. IBM X-Force ID: 242953.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2022-46774
CVE-2023-22876	IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.1 could allow a privileged user to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 244364.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-22876
CVE-2023-25282	A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-25282
CVE-2022-46773	IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 242951.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2022-46773
CVE-2023-25680	IBM Robotic Process Automation 21.0.1 through 21.0.5 is vulnerable to insufficiently protecting credentials. Queue Provider credentials are not obfuscated while editing queue provider details. IBM X-Force ID: 247032.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-25680
CVE-2023-27095	Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker toescalate privileges via the AddUser method of the UserController function in Tenant Management module.	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27095
CVE-2020-36670	The NEX-Forms. plugin for WordPress is vulnerable to unauthorized disclosure and modification of data in versions up to, and including 7.7.1 due to missing capability checks on several AJAX actions. This makes it possible for authenticated attackers with subscriber level permissions and above to invoke these functions which can be used to perform actions like modify form submission records, deleting files, sending test emails, modifying plugin settings, and more.	6.3	https://nvd.nist.gov/vuln/detail/CVE-2020-36670
CVE-2023-23389	Microsoft Defender Elevation of Privilege Vulnerability	6.3	https://nvd.nist.gov/vuln/detail/CVE-2023-23389
CVE-2023-20104	A vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending an arbitrary file to a user and persuading that user to browse to a specific URL. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-20104
CVE-2022-4317	An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2022-4317
CVE-2022-3381	An issue has been discovered in GitLab affecting all versions starting from 10.0 to 15.7.8, 15.8 prior to 15.8.4 and 15.9 prior to 15.9.2. A crafted URL could be used to redirect users to arbitrary sites	6.1	https://nvd.nist.gov/vuln/detail/CVE-2022-3381
CVE-2013-10020	A vulnerability, which was classified as problematic, was found in MMDeveloper A Forms Plugin up to 1.4.2. This affects an unknown part of the file a-forms.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.3 is able to address this issue. The name of the patch is 3e693197bd69b7173cc16d8d2e0a7d501a2a0b06. It is recommended to upgrade the affected component. The identifier VDB-222609 was assigned to this vulnerability.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2013-10020
CVE-2017-20182	A vulnerability was found in Mobile Vikings Django AJAX Utilities up to 1.2.1 and classified as problematic. This issue affects the function Pagination of the file django_ajax/static/ajax-utilities/js/pagination.js of the component Backslash Handler. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 329eb1dd1580ca1f9d4f95bc69939833226515c9. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-222611.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2017-20182
CVE-2022-48111	A cross-site scripting (XSS) vulnerability in the check_login function of SIPE s.r.l WI400 between version 8 and 11 included allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the f parameter.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2022-48111
CVE-2023-0746	The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-0746
CVE-2021-27788	HCL Verse is susceptible to a Cross Site Scripting (XSS) vulnerability. By tricking a user into clicking a crafted URL, a remote unauthenticated attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive information.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2021-27788
CVE-2023-24975	IBM Spectrum Symphony 7.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 247030.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-24975
CVE-2023-1349	A vulnerability, which was classified as problematic, has been found in Hsycms 3.1. Affected by this issue is some unknown functionality of the file controller\\cate.php of the component Add Category Module. The manipulation of the argument title leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-222842 is the identifier assigned to this vulnerability.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1349
CVE-2023-1353	A vulnerability, which was classified as problematic, was found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. Affected is an unknown function of the file verification.php. The manipulation of the argument txtvaccinationID leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222852.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1353
CVE-2023-1354	A vulnerability has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file register.php. The manipulation of the argument txtfullname/txtage/txtaddress/txtphone leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222853 was assigned to this vulnerability.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1354
CVE-2013-10021	A vulnerability was found in dd32 Debug Bar Plugin up to 0.8. It has been declared as problematic. Affected by this vulnerability is the function render of the file panels/class-debug-bar-queries.php. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 0.8.1 is able to address this issue. The name of the patch is 0842af8f8a556bc3e39b9ef758173b0a8a9ccbfc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222739.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2013-10021
CVE-2021-46875	An issue was discovered in eZ Platform Ibexa Kernel before 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html or .js file.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2021-46875
CVE-2023-1362	Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior to v2.0.2.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1362
CVE-2023-1372	The WH Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters such as wh_homepage, wh_text_short, wh_text_full and in versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1372
CVE-2023-27093	Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post function.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-27093
CVE-2023-24279	A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-24279
CVE-2023-0021	Due to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password, which could lead to reflected Cross-Site scripting. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-0021
CVE-2023-26457	SAP Content Server - version 7.53, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can read and modify some sensitive information but cannot delete the data.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-26457
CVE-2021-4195	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows XSS Targeting HTML Attributes.This issue affects Customer Relation Manager: before 2022.03.13.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2021-4195
CVE-2022-23790	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows Cross-Site Scripting (XSS).This issue affects Customer Relation Manager: before 2022.03.13.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2022-23790
CVE-2022-23791	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows Cross-Site Scripting (XSS).This issue affects Customer Relation Manager: before 2022.03.13.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2022-23791
CVE-2023-1395	A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been declared as problematic. This vulnerability affects the function query of the file admin/user/list.php. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222982 is the identifier assigned to this vulnerability.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1395
CVE-2023-1396	A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin/traveller_details.php. The manipulation of the argument address leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222983.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1396
CVE-2023-1397	A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222984.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1397
CVE-2023-0322	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software UNIS allows Reflected XSS.This issue affects UNIS: before 28376.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-0322
CVE-2023-1418	A vulnerability classified as problematic was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file cashconfirm.php of the component POST Parameter Handler. The manipulation of the argument transactioncode leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223129 was assigned to this vulnerability.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1418
CVE-2022-43874	IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239963.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2022-43874
CVE-2023-1421	A reflected cross-site scripting vulnerability in the OAuth flow completion endpoints in Mattermost allows an attacker to send AJAX requests on behalf of the victim via sharing a crafted link with a malicious state parameter.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2023-1421
CVE-2022-40699	Cross-Site Scripting (XSS) vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin <= 3.1.2 versions.	6.1	https://nvd.nist.gov/vuln/detail/CVE-2022-40699
CVE-2018-18506	When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox < 65.	5.9	https://nvd.nist.gov/vuln/detail/CVE-2018-18506
CVE-2021-29444	jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. But a possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to make use of that oracle to decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). A patch was released which ensures the HMAC tag is verified before performing CBC decryption. The fixed versions are `>=3.11.4`. Users should upgrade to `^3.11.4`.	5.9	https://nvd.nist.gov/vuln/detail/CVE-2021-29444
CVE-2021-29445	jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. But a possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to make use of that oracle to decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). A patch was released which ensures the HMAC tag is verified before performing CBC decryption. The fixed versions are `>=3.11.4`. Users should upgrade to `^3.11.4`.	5.9	https://nvd.nist.gov/vuln/detail/CVE-2021-29445
CVE-2021-29446	jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. But a possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to make use of that oracle to decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). A patch was released which ensures the HMAC tag is verified before performing CBC decryption. The fixed versions are `>=3.11.4`. Users should upgrade to `^3.11.4`.	5.9	https://nvd.nist.gov/vuln/detail/CVE-2021-29446
CVE-2023-22302	In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3, when an HTTP profile is configured on a virtual server and conditions beyond the attacker’s control exist on the target pool member, undisclosed requests sent to the BIG-IP system can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.	5.9	https://nvd.nist.gov/vuln/detail/CVE-2023-22302
CVE-2023-27371	GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.	5.9	https://nvd.nist.gov/vuln/detail/CVE-2023-27371
CVE-2016-15028	A vulnerability was found in ICEPAY REST-API-NET 0.9. It has been declared as problematic. Affected by this vulnerability is the function RestClient of the file Classes/RestClient.cs of the component Checksum Validation. The manipulation leads to improper validation of integrity check value. The attack can be launched remotely. Upgrading to version 1.0 is able to address this issue. The name of the patch is 61f6b8758e5c971abff5f901cfa9f231052b775f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222847.	5.9	https://nvd.nist.gov/vuln/detail/CVE-2016-15028
CVE-2022-32877	A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Monterey 12.6. An app may be able to access user-sensitive data.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-32877
CVE-2022-34376	Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-34376
CVE-2023-0795	LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0795
CVE-2023-0796	LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0796
CVE-2023-0798	LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0798
CVE-2023-0799	LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0799
CVE-2023-0800	LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0800
CVE-2023-0801	LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0801
CVE-2023-0802	LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0802
CVE-2023-0803	LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-0803
CVE-2022-4645	LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-4645
CVE-2023-1264	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1264
CVE-2023-27114	radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27114
CVE-2023-27115	WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::cat_compute_size.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27115
CVE-2023-27116	WebAssembly v1.0.29 discovered to contain an abort in CWriter::MangleType.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27116
CVE-2023-27119	WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::Decompiler::WrapChild.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-27119
CVE-2022-22075	Information Disclosure in Graphics during GPU context switch.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-22075
CVE-2022-37939	A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be locally exploited to allow disclosure of information. HPE has made the following software to resolve the vulnerability in HPE Superdome Flex Servers v3.65.8 and Superdome Flex 280 Servers v1.45.8.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-37939
CVE-2022-47453	In wcn service, there is a possible missing params check. This could lead to local denial of service in wcn service.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47453
CVE-2022-47454	In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47454
CVE-2022-47455	In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47455
CVE-2022-47456	In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47456
CVE-2022-47457	In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47457
CVE-2022-47458	In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47458
CVE-2022-47459	In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47459
CVE-2022-47460	In gpu device, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47460
CVE-2022-47471	In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47471
CVE-2022-47472	In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47472
CVE-2022-47473	In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47473
CVE-2022-47474	In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47474
CVE-2022-47475	In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47475
CVE-2022-47476	In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47476
CVE-2022-47477	In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47477
CVE-2022-47478	In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47478
CVE-2022-47479	In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47479
CVE-2022-47480	In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47480
CVE-2022-47481	In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47481
CVE-2022-47482	In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47482
CVE-2022-47483	In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47483
CVE-2022-47484	In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-47484
CVE-2023-1355	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1355
CVE-2023-1369	A vulnerability was found in TG Soft Vir.IT eXplorer 9.4.86.0. It has been rated as problematic. This issue affects some unknown processing in the library VIRAGTLT.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 9.5 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222875.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-1369
CVE-2023-23391	Office for Android Spoofing Vulnerability	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23391
CVE-2023-23394	Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23394
CVE-2023-23396	Microsoft Excel Denial of Service Vulnerability	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23396
CVE-2023-23398	Microsoft Excel Spoofing Vulnerability	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23398
CVE-2023-23409	Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23409
CVE-2023-24862	Windows Secure Channel Denial of Service Vulnerability	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24862
CVE-2023-24882	Microsoft OneDrive for Android Information Disclosure Vulnerability	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24882
CVE-2023-24923	Microsoft OneDrive for Android Information Disclosure Vulnerability	5.5	https://nvd.nist.gov/vuln/detail/CVE-2023-24923
CVE-2022-45155	An Improper Handling of Exceptional Conditions vulnerability in obs-service-go_modules of openSUSE Factory allows attackers that can influence the call to the service to delete files and directories on the system of the victim. This issue affects: SUSE openSUSE Factory obs-service-go_modules versions prior to 0.6.1.	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-45155
CVE-2023-0070	The ResponsiveVoice Text To Speech WordPress plugin before 1.7.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-0070
CVE-2023-0150	The Cloak Front End Email WordPress plugin before 1.9.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-0150
CVE-2022-47412	Given a malicious document provided by an attacker, the ONLYOFFICE Workspace DMS is vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2022-47412
CVE-2022-47419	An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2022-47419
CVE-2023-22462	Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on "Markdown" or "HTML" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-22462
CVE-2020-36667	The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to unauthorized back-up location changes in versions up to, and including 1.4.1 due to a lack of proper capability checking on the backup_guard_cloud_dropbox, backup_guard_cloud_gdrive, and backup_guard_cloud_oneDrive functions. This makes it possible for authenticated attackers, with minimal permissions, such as a subscriber to change to location of back-ups and potentially steal sensitive information from them.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2020-36667
CVE-2023-0050	An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to perform arbitrary actions on behalf of victims.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-0050
CVE-2022-3758	An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Due to improper permissions checks an unauthorised user was able to read, add or edit a users private snippet.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2022-3758
CVE-2023-27898	Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-27898
CVE-2023-27905	Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a plugin for hosting.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-27905
CVE-2023-23326	A Stored Cross-Site Scripting (XSS) vulnerability exists in AvantFAX 3.3.7. An authenticated low privilege user can inject arbitrary Javascript into their e-mail address which is executed when an administrator logs into AvantFAX to view the admin dashboard. This may result in stealing an administrator's session cookie and hijacking their session.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-23326
CVE-2023-1363	A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222870 is the identifier assigned to this vulnerability.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-1363
CVE-2022-4466	The WordPress Infinite Scroll WordPress plugin before 5.6.0.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2022-4466
CVE-2022-4652	The Video Background WordPress plugin before 2.7.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks	5.4	https://nvd.nist.gov/vuln/detail/CVE-2022-4652
CVE-2022-4661	The Widgets for WooCommerce Products on Elementor WordPress plugin before 1.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks	5.4	https://nvd.nist.gov/vuln/detail/CVE-2022-4661
CVE-2023-0066	The Companion Sitemap Generator WordPress plugin through 4.5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-0066
CVE-2023-0073	The Client Logo Carousel WordPress plugin through 3.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-0073
CVE-2023-0172	The Juicer WordPress plugin before 1.11 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-0172
CVE-2023-0219	The FluentSMTP WordPress plugin before 2.2.3 does not sanitize or escape email content, making it vulnerable to stored cross-site scripting attacks (XSS) when an administrator views the email logs. This exploit requires other plugins to enable users to send emails with unfiltered HTML.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-0219
CVE-2023-0538	The Campaign URL Builder WordPress plugin before 1.8.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-0538
CVE-2023-27069	A stored cross-site scripting (XSS) vulnerability in TotalJS OpenPlatform commit b80b09d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the account name field.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-27069
CVE-2023-27070	A stored cross-site scripting (XSS) vulnerability in TotalJS OpenPlatform commit b80b09d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-27070
CVE-2023-23383	Service Fabric Explorer Spoofing Vulnerability	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-23383
CVE-2023-24879	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-24879
CVE-2023-24891	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-24891
CVE-2023-24919	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-24919
CVE-2023-24920	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-24920
CVE-2023-24921	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-24921
CVE-2023-26951	onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Member List module.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2023-26951
CVE-2022-41554	Stored Cross-Site Scripting (XSS) vulnerability in John West Slideshow SE plugin <= 2.5.5 versions.	5.4	https://nvd.nist.gov/vuln/detail/CVE-2022-41554
CVE-2021-3293	emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2021-3293
CVE-2023-22232	Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not require user interaction.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-22232
CVE-2023-24532	The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-24532
CVE-2022-29056	A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiMail version 6.4.0, version 6.2.0 through 6.2.4 and before 6.0.9 allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2022-29056
CVE-2023-26208	A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiAuthenticator 6.4.x and before allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-26208
CVE-2023-26209	A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiDeceptor 3.1.x and before allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-26209
CVE-2023-0223	An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve release descriptions via the API, even if the release visibility is restricted to project members only in the project settings.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-0223
CVE-2023-1072	An issue has been discovered in GitLab affecting all versions starting from 9.0 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible to trigger a resource depletion attack due to improper filtering for number of requests to read commits details.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1072
CVE-2023-27904	Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-27904
CVE-2021-46876	An issue was discovered in eZ Publish Ibexa Kernel before 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2021-46876
CVE-2023-0347	The Akuvox E11 Media Access Control (MAC) address, a primary identifier, combined with the Akuvox E11 IP address, could allow an attacker to identify the device on the Akuvox cloud.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-0347
CVE-2023-24526	SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of privileges. This failure has a low impact on confidentiality of the data such that an unassigned user can read non-sensitive server data.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-24526
CVE-2023-27268	SAP NetWeaver AS Java (Object Analyzing Service) - version 7.50, does not perform necessary authorization checks, allowing an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access a service which will enable them to access but not modify server settings and data with no effect on availability., resulting in escalation of privileges.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-27268
CVE-2023-27894	SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to execute malicious requests, resulting in sensitive information disclosure. This causes limited impact on confidentiality of data.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-27894
CVE-2023-1296	HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1296
CVE-2023-24911	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-24911
CVE-2023-25695	Generation of Error Message Containing Sensitive Information vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.5.2.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-25695
CVE-2023-25804	Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a limited path traversal vulnerability. An SSH key can be saved into an unintended location, for example the `/tmp` folder using a payload `../../../../../tmp/test111_dev`. This issue has been fixed in version 6.3.5.0.	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-25804
CVE-2023-27484	crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. In affected versions an already highly privileged user able to create or update Compositions can specify an arbitrarily high index in a patch's `ToFieldPath`, which could lead to excessive memory usage once such Composition is selected for a Composite resource. Compositions allow users to specify patches inserting elements into arrays at an arbitrary index. When a Composition is selected for a Composite Resource, patches are evaluated and if a specified index is greater than the current size of the target slice, Crossplane will grow that slice up to the specified index, which could lead to an excessive amount of memory usage and therefore the Pod being OOM-Killed. The index is already capped to the maximum value for a uint32 (4294967295) when parsed, but that is still an unnecessarily large value. This issue has been addressed in versions 1.11.2, 1.10.3, and 1.9.2. Users are advised to upgrade. Users unable to upgrade can restrict write privileges on Compositions to only admin users as a workaround.	4.9	https://nvd.nist.gov/vuln/detail/CVE-2023-27484
CVE-2023-27577	flarum is a forum software package for building communities. In versions prior to 1.7.0 an admin account which has already been compromised by an attacker may use a vulnerability in the `LESS` parser which can be exploited to read sensitive files on the server through the use of path traversal techniques. An attacker can achieve this by providing an absolute path to a sensitive file in the custom `LESS` setting, which the `LESS` parser will then read. For example, an attacker could use the following code to read the contents of the `/etc/passwd` file on a linux machine. The scope of what files are vulnerable will depend on the permissions given to the running flarum process. The vulnerability has been addressed in version `1.7`. Users should upgrade to this version to mitigate the vulnerability. Users unable to upgrade may mitigate the vulnerability by ensuring that their admin accounts are secured with strong passwords and follow other best practices for account security. Additionally, users can limit the exposure of sensitive files on the server by implementing appropriate file permissions and access controls at the operating system level.	4.9	https://nvd.nist.gov/vuln/detail/CVE-2023-27577
CVE-2023-23327	An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Backups of the AvantFAX sent/received faxes, and database backups are stored using the current date as the filename and hosted on the web server without access controls.	4.9	https://nvd.nist.gov/vuln/detail/CVE-2023-23327
CVE-2023-1360	A vulnerability was found in SourceCodester Employee Payslip Generator with Sending Mail 1.2.0 and classified as critical. This issue affects some unknown processing of the file classes/Users.php?f=save of the component New User Creation. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222863.	4.9	https://nvd.nist.gov/vuln/detail/CVE-2023-1360
CVE-2023-25615	Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead to a high impact on the confidentiality and no impact on the availability and integrity of the application.	4.9	https://nvd.nist.gov/vuln/detail/CVE-2023-25615
CVE-2023-26461	SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker with sufficient privileges to access the XML parser which can submit a crafted XML file which when parsed will enable them to access but not modify sensitive files and data. It allows the attacker to view sensitive data which is owned by certain privileges.	4.9	https://nvd.nist.gov/vuln/detail/CVE-2023-26461
CVE-2021-24705	The NEX-Forms WordPress plugin before 8.3.3 does not have CSRF checks in place when editing a form, and does not escape some of its settings as well as form fields before outputting them in attributes. This could allow attackers to make a logged in admin edit arbitrary forms with Cross-Site Scripting payloads in them	4.8	https://nvd.nist.gov/vuln/detail/CVE-2021-24705
CVE-2022-3837	The Uji Countdown WordPress plugin before 2.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	4.8	https://nvd.nist.gov/vuln/detail/CVE-2022-3837
CVE-2023-1286	Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.19.	4.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1286
CVE-2023-1312	Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.19.	4.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1312
CVE-2023-27164	An arbitrary file upload vulnerability in Halo up to v1.6.1 allows attackers to execute arbitrary code via a crafted .md file.	4.8	https://nvd.nist.gov/vuln/detail/CVE-2023-27164
CVE-2023-1359	A vulnerability has been found in SourceCodester Gadget Works Online Ordering System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /philosophy/admin/user/controller.php?action=add of the component Add New User. The manipulation of the argument U_NAME leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222862 is the identifier assigned to this vulnerability.	4.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1359
CVE-2023-1374	The Solidres plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'currency_name' parameter in versions up to, and including, 0.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator privileges to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	4.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1374
CVE-2023-0844	The Namaste! LMS WordPress plugin before 2.6 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	4.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0844
CVE-2022-47171	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul C. Schroeder IP Vault – WP Firewall plugin <= 1.1 versions.	4.8	https://nvd.nist.gov/vuln/detail/CVE-2022-47171
CVE-2022-34148	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JetBackup JetBackup – WP Backup, Migrate & Restore plugin <= 1.6.9.0 versions.	4.8	https://nvd.nist.gov/vuln/detail/CVE-2022-34148
CVE-2022-37402	Stored Cross-site Scripting (XSS) vulnerability in AFS Analytics plugin <= 4.18 versions.	4.8	https://nvd.nist.gov/vuln/detail/CVE-2022-37402
CVE-2023-26912	Cross site scripting (XSS) vulnerability in xenv S-mall-ssm thru commit 3d9e77f7d80289a30f67aaba1ae73e375d33ef71 on Feb 17, 2020, allows local attackers to execute arbitrary code via the evaluate button.	4.8	https://nvd.nist.gov/vuln/detail/CVE-2023-26912
CVE-2023-24892	Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability	4.7	https://nvd.nist.gov/vuln/detail/CVE-2023-24892
CVE-2022-46752	Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.	4.6	https://nvd.nist.gov/vuln/detail/CVE-2022-46752
CVE-2023-20064	A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.	4.6	https://nvd.nist.gov/vuln/detail/CVE-2023-20064
CVE-2023-23408	Azure Apache Ambari Spoofing Vulnerability	4.5	https://nvd.nist.gov/vuln/detail/CVE-2023-23408
CVE-2023-0193	NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure.	4.4	https://nvd.nist.gov/vuln/detail/CVE-2023-0193
CVE-2023-27903	Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.	4.4	https://nvd.nist.gov/vuln/detail/CVE-2023-27903
CVE-2023-24880	Windows SmartScreen Security Feature Bypass Vulnerability	4.4	https://nvd.nist.gov/vuln/detail/CVE-2023-24880
CVE-2020-29130	slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2020-29130
CVE-2022-46705	A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2022-46705
CVE-2020-36668	The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to sensitive information disclosure in versions up to, and including, 1.4.0 due to a lack of proper capability checking on the backup_guard_get_manual_modal function called via an AJAX action. This makes it possible for subscriber-level attackers, and above, to invoke the function and obtain database table information.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2020-36668
CVE-2023-27477	wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x86_64 platforms for the WebAssembly `i8x16.select` instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indices are greater than 16. There is an off-by-one error in the calculation of the mask to the `pshufb` instruction which causes incorrect results to be returned if lanes are selected from the second vector. This codegen bug has been fixed in Wasmtiem 6.0.1, 5.0.1, and 4.0.1. Users are recommended to upgrade to these updated versions. If upgrading is not an option for you at this time, you can avoid this miscompilation by disabling the Wasm simd proposal. Additionally the bug is only present on x86_64 hosts. Other platforms such as AArch64 and s390x are not affected.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-27477
CVE-2022-4462	An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. This vulnerability could allow a user to unmask the Discord Webhook URL through viewing the raw API response.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2022-4462
CVE-2022-4289	An issue has been discovered in GitLab affecting all versions starting from 15.3 before 15.7.8, versions of 15.8 before 15.8.4, and version 15.9 before 15.9.2. Google IAP details in Prometheus integration were not hidden, could be leaked from instance, group, or project settings to other users.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2022-4289
CVE-2023-1333	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clear_page_cache function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete the plugin's cache.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1333
CVE-2023-1334	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the queue_posts function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to modify the plugin's cache.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1334
CVE-2023-1335	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucss_connect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to connect a new license key to the site.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1335
CVE-2023-1336	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the ajax_deactivate function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to disable caching.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1336
CVE-2023-1337	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clear_uucss_logs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete plugin log files.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1337
CVE-2023-1338	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attach_rule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to modify cache rules.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1338
CVE-2023-1339	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucss_update_rule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to update caching rules.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1339
CVE-2023-1340	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clear_uucss_logs function. This makes it possible for unauthenticated attackers to clear plugin logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1340
CVE-2023-1341	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ajax_deactivate function. This makes it possible for unauthenticated attackers to turn off caching via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1341
CVE-2023-1342	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ucss_connect function. This makes it possible for unauthenticated attackers to connect the site to a new license key via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1342
CVE-2023-1343	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attach_rule function. This makes it possible for unauthenticated attackers to modify the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1343
CVE-2023-1344	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the uucss_update_rule function. This makes it possible for unauthenticated attackers to modify the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1344
CVE-2023-1345	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the queue_posts function. This makes it possible for unauthenticated attackers to modify the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1345
CVE-2023-1346	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clear_page_cache function. This makes it possible for unauthenticated attackers to clear the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-1346
CVE-2023-27902	Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-27902
CVE-2022-2258	In affected versions of Octopus Deploy it is possible for a user to view Tagsets without being explicitly assigned permissions to view these items	4.3	https://nvd.nist.gov/vuln/detail/CVE-2022-2258
CVE-2022-2259	In affected versions of Octopus Deploy it is possible for a user to view Workerpools without being explicitly assigned permissions to view these items	4.3	https://nvd.nist.gov/vuln/detail/CVE-2022-2259
CVE-2023-22700	Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager plugin <= 9.3.0 versions.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-22700
CVE-2023-23711	Cross-Site Request Forgery (CSRF) vulnerability in A2 Hosting A2 Optimized WP plugin <= 3.0.4 versions.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-23711
CVE-2023-27462	A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query handler of the affected application fails to check for proper permissions for specific read queries. This could allow authenticated remote attackers to access data they are not authorized for.	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-27462
CVE-2023-23920	An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.	4.2	https://nvd.nist.gov/vuln/detail/CVE-2023-23920
CVE-2021-2173	Vulnerability in the Recovery component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA Level Account privilege with network access via Oracle Net to compromise Recovery. While the vulnerability is in Recovery, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Recovery accessible data. CVSS 3.1 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).	4.1	https://nvd.nist.gov/vuln/detail/CVE-2021-2173
CVE-2021-3592	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.	3.8	https://nvd.nist.gov/vuln/detail/CVE-2021-3592
CVE-2021-3593	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.	3.8	https://nvd.nist.gov/vuln/detail/CVE-2021-3593
CVE-2021-3594	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.	3.8	https://nvd.nist.gov/vuln/detail/CVE-2021-3594
CVE-2021-3595	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.	3.8	https://nvd.nist.gov/vuln/detail/CVE-2021-3595
CVE-2023-0483	An issue has been discovered in GitLab affecting all versions starting from 12.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible for a project maintainer to extract a Datadog integration API key by modifying the site.	3.8	https://nvd.nist.gov/vuln/detail/CVE-2023-0483
CVE-2023-1367	Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0.	3.8	https://nvd.nist.gov/vuln/detail/CVE-2023-1367
CVE-2022-48366	An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack.	3.7	https://nvd.nist.gov/vuln/detail/CVE-2022-48366
CVE-2022-3343	The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer Discy WordPress themes) incorrectly tries to validate that a user already follows another in the wpqa_following_you_ajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them.	3.5	https://nvd.nist.gov/vuln/detail/CVE-2022-3343
CVE-2020-14394	An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.	3.2	https://nvd.nist.gov/vuln/detail/CVE-2020-14394
CVE-2023-22591	IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. IBM X-Force ID: 243710.	3.2	https://nvd.nist.gov/vuln/detail/CVE-2023-22591
CVE-2023-23395	Microsoft SharePoint Server Spoofing Vulnerability	3.1	https://nvd.nist.gov/vuln/detail/CVE-2023-23395
CVE-2023-1084	An issue has been discovered in GitLab CE/EE affecting all versions before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A malicious project Maintainer may create a Project Access Token with Owner level privileges using a crafted request.	2.7	https://nvd.nist.gov/vuln/detail/CVE-2023-1084
CVE-2023-25803	Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a directory traversal vulnerability that allows the inclusion of server-side files. This issue is fixed in version 6.3.5.0.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25803
CVE-2023-27585	PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27585
CVE-2023-26084	The armv8_dec_aes_gcm_full() API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26084
CVE-2023-0100	In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter (e.g. __report=http://xyz.com/report.rptdesign). If the host indicated in the __report parameter matched the HTTP Host header value, the report would be retrieved. However, the Host header can be tampered with on some configurations where no virtual hosts are put in place (e.g. in the default configuration of Apache Tomcat) or when the default host points to the BIRT server. This vulnerability was patched on Eclipse BIRT 4.13.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0100
CVE-2020-4556	IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 183329.	–	https://nvd.nist.gov/vuln/detail/CVE-2020-4556
CVE-2023-26484	KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler (the KubeVirt node-daemon) is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can, for instance, read all secrets on the cluster, or can exec into pods on other nodes. This way, a compromised node can be used to elevate privileges beyond the node until potentially having full privileged access to the whole cluster. The simplest way to exploit this, once a user could compromise a specific node, is to set with the virt-handler service account all other nodes to unschedulable and simply wait until system-critical components with high privileges appear on its node. No patches are available as of time of publication. As a workaround, gatekeeper users can add a webhook which will block the `virt-handler` service account to modify the spec of a node.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26484
CVE-2023-25267	An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 (fixed in 10.0.0). There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25267
CVE-2022-4313	A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-4313
CVE-2023-28460	A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28460
CVE-2023-28461	Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28461
CVE-2023-28486	Sudo before 1.9.13 does not escape control characters in log messages.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28486
CVE-2023-28487	Sudo before 1.9.13 does not escape control characters in sudoreplay output.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28487
CVE-2023-23150	SA-WR915ND router firmware v17.35.1 was discovered to be vulnerable to code execution.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-23150
CVE-2023-24795	Command execution vulnerability was discovered in JHR-N916R router firmware version<=21.11.1.1483.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-24795
CVE-2023-26784	SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to execute arbitrary code via the /admin.php?controller=admin_commonuser parameter.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26784
CVE-2023-27084	Permissions vulnerability found in isoftforce Dreamer CMS v.4.0.1 allows local attackers to obtain sensitive information via the AttachmentController parameter.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27084
CVE-2022-38971	Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin <= 2.7.5 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-38971
CVE-2022-34406	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34406
CVE-2022-34407	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34407
CVE-2022-34408	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34408
CVE-2022-34409	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34409
CVE-2022-34410	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34410
CVE-2022-34411	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34411
CVE-2022-34412	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34412
CVE-2022-34413	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34413
CVE-2022-34414	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34414
CVE-2022-34415	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34415
CVE-2022-34416	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34416
CVE-2022-34417	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34417
CVE-2022-34418	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34418
CVE-2022-34419	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34419
CVE-2022-34420	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34420
CVE-2022-34421	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34421
CVE-2022-34422	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34422
CVE-2023-1429	Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.19.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1429
CVE-2023-24671	VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-24671
CVE-2022-26080	Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-26080
CVE-2022-34423	Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-34423
CVE-2023-1431	The WP Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.6.3 due to the plugin saving shopping cart data exports in a publicly accessible location (/wp-content/plugins/wordpress-simple-paypal-shopping-cart/includes/admin/). This makes it possible for unauthenticated attackers to view information that should be limited to administrators only and can include data like first name, last name, email, address, IP Address, and more.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1431
CVE-2023-1432	A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /fos/admin/ajax.php?action=save_settings of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be launched remotely. VDB-223214 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1432
CVE-2023-1433	A vulnerability was found in SourceCodester Gadget Works Online Ordering System 1.0. It has been classified as problematic. This affects an unknown part of the file admin/products/controller.php?action=add of the component Products Handler. The manipulation of the argument filename leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223215.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1433
CVE-2023-27875	IBM Aspera Faspex 5.0.4 could allow a user to change other user's credentials due to improper access controls. IBM X-Force ID: 249847.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27875
CVE-2020-19947	Cross Site Scripting vulnerability found in Markdown Edit allows a remote attacker to execute arbitrary code via the edit parameter of the webpage.	–	https://nvd.nist.gov/vuln/detail/CVE-2020-19947
CVE-2020-22647	An issue found in DepositGame v.1.0 allows an attacker to gain sensitive information via the GetBonusWithdraw and withdraw functions.	–	https://nvd.nist.gov/vuln/detail/CVE-2020-22647
CVE-2021-31637	An issue found in UwAmp v.1.1, 1.2, 1.3, 2.0, 2.1, 2.2, 2.2.1, 3.0.0, 3.0.1, 3.0.2 allows a remote attacker to execute arbitrary code via a crafted DLL.	–	https://nvd.nist.gov/vuln/detail/CVE-2021-31637
CVE-2021-36821	Unauth. Stored Cross-Site Scripting (XSS) vulnerability in WPMU DEV Forminator – Contact Form, Payment Form & Custom Form Builder plugin <= 1.14.11 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2021-36821
CVE-2023-26767	Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26767
CVE-2023-26768	Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26768
CVE-2023-26769	Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26769
CVE-2023-27037	Qibosoft QiboCMS v7 was discovered to contain a remote code execution (RCE) vulnerability via the Get_Title function at label_set_rs.php	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27037
CVE-2023-27130	Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27130
CVE-2023-27131	Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code viathe Post Editorparameter.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27131
CVE-2023-27707	SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dede/group_store.php endpoint.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27707
CVE-2023-27709	SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dedestory_catalog.php endpoint.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27709
CVE-2023-27711	Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via the Comment Manager /admin/manage-comments.php component.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27711
CVE-2023-27783	An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27783
CVE-2023-27784	An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27784
CVE-2023-27785	An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27785
CVE-2023-27786	An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27786
CVE-2023-27787	An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27787
CVE-2023-27788	An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27788
CVE-2023-27789	An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27789
CVE-2023-27040	Simple Image Gallery v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the username parameter.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27040
CVE-2023-28100	Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the `TIOCLINUX` ioctl command instead of `TIOCSTI`. If a Flatpak app is run on a Linux virtual console such as `/dev/tty1`, it can copy text from the virtual console and paste it into the command buffer, from which the command might be run after the Flatpak app has exited. Ordinary graphical terminal emulators like xterm, gnome-terminal and Konsole are unaffected. This vulnerability is specific to the Linux virtual consoles `/dev/tty1`, `/dev/tty2` and so on. A patch is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, don't run Flatpak on a Linux virtual console. Flatpak is primarily designed to be used in a Wayland or X11 graphical environment.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28100
CVE-2023-28101	Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28101
CVE-2023-28104	`silverstripe/graphql` serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly affects websites with particularly large/complex graphql schemas. Users should upgrade to `silverstripe/graphql` 4.2.3 or 4.1.2 to remedy the vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28104
CVE-2023-27041	School Registration and Fee System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at/bilal final/edit_user.php.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27041
CVE-2023-28105	go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use `zip.Unzip` to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version 0.0.34. There are no known workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28105
CVE-2023-28106	Pimcore is an open source data and experience management platform. Prior to version 10.5.19, an attacker can use cross-site scripting to send a malicious script to an unsuspecting user. Users may upgrade to version 10.5.19 to receive a patch or, as a workaround, apply the patch manually.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28106
CVE-2023-28108	Pimcore is an open source data and experience management platform. Prior to version 10.5.19, quoting is not done properly in UUID DAO model. There is the theoretical possibility to inject custom SQL if the developer is using this methods with input data and not doing proper input validation in advance and so relies on the auto-quoting being done by the DAO class. Users should update to version 10.5.19 to receive a patch or, as a workaround, apply the patch manually.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28108
CVE-2023-28109	Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use `play-with-docker.com` as an example and set the origin header in an http request as `evil-play-with-docker.com`. The domain would echo in response header, which successfully bypassed the CORS policy and retrieved basic user information. This issue has been fixed in commit ed82247c9ab7990ad76ec2bf1498c2b2830b6f1a. There are no known workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28109
CVE-2023-28110	Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko can result in the execution of dangerous commands that may disrupt the Koko container environment and affect normal usage. The vulnerability has been fixed in v2.28.8.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28110
CVE-2023-0811	Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0811
CVE-2023-1256	The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1256
CVE-2023-0598	GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may allow an attacker to insert malicious configuration files in the expected web server execution path and gain full control of the HMI software.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0598
CVE-2022-43441	A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious input to trigger this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-43441
CVE-2022-43604	An out-of-bounds write vulnerability exists in the GetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out-of-bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-43604
CVE-2022-43605	An out-of-bounds write vulnerability exists in the SetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-43605
CVE-2022-43606	A use-of-uninitialized-pointer vulnerability exists in the Forward Open connection_management_entry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-43606
CVE-2023-1390	A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1390
CVE-2023-21449	Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21449
CVE-2023-21452	Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21452
CVE-2023-21453	Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21453
CVE-2023-21454	Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21454
CVE-2023-21455	Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21455
CVE-2023-21456	Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21456
CVE-2023-21457	Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21457
CVE-2023-21458	Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21458
CVE-2023-21459	Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21459
CVE-2023-21460	Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21460
CVE-2023-21461	Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21461
CVE-2023-21462	The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21462
CVE-2023-21463	Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21463
CVE-2023-21464	Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21464
CVE-2023-21465	Improper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models allows untrusted applications access local files.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-21465
CVE-2023-22880	Zoom for Windows clients before version 5.13.3, Zoom Rooms for Windows clients before version 5.13.5 and Zoom VDI for Windows clients before 5.13.1 contain an information disclosure vulnerability. A recent update to the Microsoft Edge WebView2 runtime used by the affected Zoom clients, transmitted text to Microsoft’s online Spellcheck service instead of the local Windows Spellcheck. Updating Zoom remediates this vulnerability by disabling the feature. Updating Microsoft Edge WebView2 Runtime to at least version 109.0.1481.0 and restarting Zoom remediates this vulnerability by updating Microsoft’s telemetry behavior.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22880
CVE-2023-22881	Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22881
CVE-2023-22882	Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22882
CVE-2023-22883	Zoom Client for IT Admin Windows installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to the SYSTEM user.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22883
CVE-2023-23935	Discourse is an open-source messaging platform. In versions 3.0.1 and prior on the `stable` branch and versions 3.1.0.beta2 and prior on the `beta` and `tests-passed` branches, the count of personal messages displayed for a tag is a count of all personal messages regardless of whether the personal message is visible to a given user. As a result, any users can technically poll a sensitive tag to determine if a new personal message is created even if the user does not have access to the personal message. In the patched versions, the count of personal messages tagged with a given tag is hidden by default. To revert to the old behaviour of displaying the count of personal messages for a given tag, an admin may enable the `display_personal_messages_tag_counts` site setting.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-23935
CVE-2023-27494	Streamlit, software for turning data scripts into web applications, had a cross-site scripting (XSS) vulnerability in versions 0.63.0 through 0.80.0. Users of hosted Streamlit app(s) were vulnerable to a reflected XSS vulnerability. An attacker could craft a malicious URL with Javascript payloads to a Streamlit app. The attacker could then trick the user into visiting the malicious URL and, if successful, the server would render the malicious javascript payload as-is, leading to XSS. Version 0.81.0 contains a patch for this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27494
CVE-2023-28113	russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and server or those of a russh peer with some other misbehaving peer are most likely to be problematic. These may vulnerable to eavesdropping. Most other implementations reject such keys, so this is mainly an interoperability issue in such a case. This issue is fixed in versions 0.36.2 and 0.37.1	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28113
CVE-2023-27059	A cross-site scripting (XSS) vulnerability in the Edit Group function of ChurchCRM v4.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Group Name text field.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27059
CVE-2023-28531	ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28531
CVE-2021-21548	Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.	–	https://nvd.nist.gov/vuln/detail/CVE-2021-21548
CVE-2023-1439	A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracker System 1.0. This issue affects some unknown processing of the file medicines/view_details.php of the component GET Parameter Handler. The manipulation of the argument GET leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223283.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1439
CVE-2023-1440	A vulnerability, which was classified as critical, was found in SourceCodester Automatic Question Paper Generator System 1.0. Affected is an unknown function of the file users/user/manage_user.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223284.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1440
CVE-2023-1441	A vulnerability has been found in SourceCodester Automatic Question Paper Generator System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/courses/view_course.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223285 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1441
CVE-2023-1442	A vulnerability was found in Meizhou Qingyunke QYKCMS 4.3.0. It has been classified as problematic. This affects an unknown part of the file /admin_system/api.php of the component Update Handler. The manipulation of the argument downurl leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223287.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1442
CVE-2023-1443	A vulnerability was found in Filseclab Twister Antivirus 8. It has been declared as problematic. This vulnerability affects unknown code in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223288.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1443
CVE-2023-1444	A vulnerability was found in Filseclab Twister Antivirus 8. It has been rated as critical. This issue affects some unknown processing in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223289 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1444
CVE-2023-1445	A vulnerability classified as problematic has been found in Filseclab Twister Antivirus 8. Affected is an unknown function in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-223290 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1445
CVE-2023-1446	A vulnerability classified as problematic was found in Watchdog Anti-Virus 1.4.214.0. Affected by this vulnerability is an unknown functionality in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223291.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1446
CVE-2023-1447	A vulnerability, which was classified as problematic, has been found in SourceCodester Medicine Tracker System 1.0. Affected by this issue is some unknown functionality of the file app/?page=medicines/manage_medicine.They. The manipulation of the argument name/description with the input --redacted-- leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-223292	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1447
CVE-2023-1448	A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223293 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1448
CVE-2023-1449	A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1449
CVE-2023-1450	A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223295.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1450
CVE-2023-1451	A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223296.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1451
CVE-2023-1452	A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223297 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1452
CVE-2023-1453	A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223298 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1453
CVE-2023-1454	A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223299.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1454
CVE-2023-1455	A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file admin/ajax.php?action=login2 of the component Login Page. The manipulation of the argument email with the input abc%40qq.com' AND (SELECT 9110 FROM (SELECT(SLEEP(5)))XSlc) AND 'jFNl'='jFNl leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223300.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1455
CVE-2023-1459	A vulnerability was found in SourceCodester Canteen Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file changeUsername.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223304.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1459
CVE-2023-1460	A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=save_user of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The identifier VDB-223305 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1460
CVE-2023-1152	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Utarit Information Technologies Persolus allows SQL Injection. This issue affects Persolus: before 2.03.93.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1152
CVE-2023-1461	A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects the function query of the file createCategories.php. The manipulation of the argument categoriesStatus leads to sql injection. The attack can be initiated remotely. VDB-223306 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1461
CVE-2023-1463	Improper Authorization in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1463
CVE-2023-1464	A vulnerability, which was classified as critical, was found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file Users.php?f=save_user. The manipulation of the argument firstname/middlename/lastname/username/password leads to improper authentication. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-223311.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1464
CVE-2023-1466	A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0. It has been rated as critical. This issue affects the function view_student of the file admin/?page=students/view_student. The manipulation of the argument id with the input 3' AND (SELECT 2100 FROM (SELECT(SLEEP(5)))FWlC) AND 'butz'='butz leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223325 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1466
CVE-2023-1467	A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file Master.php?f=delete_img of the component POST Parameter Handler. The manipulation of the argument path with the input C%3A%2Ffoo.txt leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-223326 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1467
CVE-2023-1468	A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=reports&date_from=2023-02-17&date_to=2023-03-17 of the component Report Handler. The manipulation of the argument date_from/date_to leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-223327.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1468
CVE-2023-1172	The Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the full name value in versions up to, and including, 21.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1172
CVE-2023-1469	The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator-level access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note: This can potentially be exploited by lower-privileged users if the `Admin Dashboard Access Permission` setting it set for those users to access the dashboard.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1469
CVE-2022-43461	Stored Cross-Site Scripting (XSS) vulnerability in John West Slideshow SE plugin <= 2.5.5 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-43461
CVE-2022-45814	Stored Cross-Site Scripting (XSS) vulnerability in Fabian von Allmen WP Calendar plugin <= 1.5.3 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-45814
CVE-2022-45817	Cross-Site Scripting (XSS) vulnerability in Erin Garscadden GC Testimonials plugin <= 1.3.2 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-45817
CVE-2023-1470	The eCommerce Product Catalog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via some of its settings parameters in versions up to, and including, 3.3.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1470
CVE-2023-1471	The WP Popup Banners plugin for WordPress is vulnerable to SQL Injection via the 'banner_id' parameter in versions up to, and including, 1.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with minimal permissions, such as a subscrber, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1471
CVE-2023-1472	The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to invoke those functions, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. Actions include resetting the API key, accessing or deleting log files, and deleting cache among others.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1472
CVE-2023-1474	A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file users/question_papers/manage_question_paper.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223336.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1474
CVE-2023-1475	A vulnerability, which was classified as critical, has been found in SourceCodester Canteen Management System 1.0. This issue affects the function query of the file createuser.php. The manipulation of the argument uemail leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223337 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1475
CVE-2023-23622	Discourse is an open-source discussion platform. Prior to version 3.0.1 of the `stable` branch and version 3.1.0.beta2 of the `beta` and `tests-passed` branches, the count of topics displayed for a tag is a count of all regular topics regardless of whether the topic is in a read restricted category or not. As a result, any users can technically poll a sensitive tag to determine if a new topic is created in a category which the user does not have excess to. In version 3.0.1 of the `stable` branch and version 3.1.0.beta2 of the `beta` and `tests-passed` branches, the count of topics displayed for a tag defaults to only counting regular topics which are not in read restricted categories. Staff users will continue to see a count of all topics regardless of the topic's category read restrictions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-23622
CVE-2023-26040	Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the `tests-passed` branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the `tests-passed` branch. There are no known workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26040
CVE-2022-46854	Cross-Site Request Forgery (CSRF) vulnerability in Obox Themes Launchpad – Coming Soon & Maintenance Mode plugin <= 1.0.13 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-46854
CVE-2022-46867	Cross-Site Request Forgery (CSRF) vulnerability in Chasil Universal Star Rating plugin <= 2.1.0 version.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-46867
CVE-2023-0027	Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. If exploited, an unauthorized user could read the connected device’s Modbus TCP Server AOI information.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0027
CVE-2023-25172	Discourse is an open-source discussion platform. Prior to version 3.0.1 of the `stable` branch and version 3.1.0.beta2 of the `beta` and `tests-passed` branches, a maliciously crafted URL can be included in a user's full name field to to carry out cross-site scripting attacks on sites with a disabled or overly permissive CSP (Content Security Policy). Discourse's default CSP prevents this vulnerability. The vulnerability is patched in version 3.0.1 of the `stable` branch and version 3.1.0.beta2 of the `beta` and `tests-passed` branches. As a workaround, enable and/or restore your site's CSP to the default one provided with Discourse.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25172
CVE-2023-28107	Discourse is an open-source discussion platform. Prior to version 3.0.2 of the `stable` branch and version 3.1.0.beta3 of the `beta` and `tests-passed` branches, a user logged as an administrator can request backups multiple times, which will eat up all the connections to the DB. If this is done on a site using multisite, then it can affect the whole cluster. The vulnerability is patched in version 3.0.2 of the `stable` branch and version 3.1.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28107
CVE-2023-28111	Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the `beta` and `tests-passed` branches, attackers are able to bypass Discourse's server-side request forgery (SSRF) protection for private IPv4 addresses by using a IPv4-mapped IPv6 address. The issue is patched in the latest beta and tests-passed version of Discourse. version 3.1.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28111
CVE-2023-28112	Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the `beta` and `tests-passed` branches, some user provided URLs were being passed to FastImage without SSRF protection. Insufficient protections could enable attackers to trigger outbound network connections from the Discourse server to private IP addresses. This affects any site running the `tests-passed` or `beta` branches versions 3.1.0.beta2 and prior. This issue is patched in version 3.1.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28112
CVE-2023-27591	Miniflux is a feed reader. Prior to version 2.0.43, an unauthenticated user can retrieve Prometheus metrics from a publicly reachable Miniflux instance where the `METRICS_COLLECTOR` configuration option is enabled and `METRICS_ALLOWED_NETWORKS` is set to `127.0.0.1/8` (the default). A patch is available in Miniflux 2.0.43. As a workaround, set `METRICS_COLLECTOR` to `false` (default) or run Miniflux behind a trusted reverse-proxy.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27591
CVE-2023-27592	Miniflux is a feed reader. Since v2.0.25, Miniflux will automatically proxy images served over HTTP to prevent mixed content errors. When an outbound request made by the Go HTTP client fails, the `html.ServerError` is returned unescaped without the expected Content Security Policy header added to valid responses. By creating an RSS feed item with the inline description containing an `<img>` tag with a `srcset` attribute pointing to an invalid URL like `http:a--redacted--`, we can coerce the proxy handler into an error condition where the invalid URL is returned unescaped and in full. This results in JavaScript execution on the Miniflux instance as soon as the user is convinced (e.g. by a message in the alt text) to open the broken image. An attacker can execute arbitrary JavaScript in the context of a victim Miniflux user when they open a broken image in a crafted RSS feed. This can be used to perform actions on the Miniflux instance as that user and gain administrative access to the Miniflux instance if it is reachable and the victim is an administrator. A patch is available in version 2.0.43. As a workaround sisable image proxy; default value is `http-only`	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27592
CVE-2023-27593	Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to `/opt/cni/bin` due to a `hostPath` mount of that directory in the agent pod. By replacing the CNI binary with their own malicious binary and waiting for the creation of a new pod on the node, the attacker can gain access to the underlying node. The issue has been fixed and the fix is available on versions 1.11.15, 1.12.8, and 1.13.1. Some workarounds are available. Kubernetes RBAC should be used to deny users and service accounts `exec` access to Cilium agent pods. In cases where a user requires `exec` access to Cilium agent pods, but should not have access to the underlying node, no workaround is possible.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27593
CVE-2023-27594	Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePorts are used to route traffic to pods. IPv6 and endpoint routes are both disabled by default. The problem has been fixed and is available on versions 1.11.15, 1.12.8, and 1.13.1. As a workaround, disable IPv6 routing.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27594
CVE-2023-24678	A vulnerability in Centralite Pearl Thermostat 0x04075010 allows attackers to cause a Denial of Service (DoS) via a crafted Zigbee message.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-24678
CVE-2023-27253	A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27253
CVE-2023-27595	Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This can cause disruption to newly established connections during this period due to the lack of Load Balancing, or can cause Network Policy bypass due to the lack of Network Policy enforcement during the window. This vulnerability impacts any Cilium-managed endpoints on the node (such as Kubernetes Pods), as well as the host network namespace (including Host Firewall). This vulnerability is fixed in Cilium 1.13.1 or later. Cilium releases 1.12.x, 1.11.x, and earlier are not affected. There are no known workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27595
CVE-2023-28115	Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the `file_exists()` function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution especially when snappy is used with frameworks with documented POP chains like Laravel/Symfony vulnerable developer code. If a user can control the output file from the `generateFromHtml()` function, it will invoke deserialization. This vulnerability is capable of remote code execution if Snappy is used with frameworks or developer code with vulnerable POP chains. It has been fixed in version 1.4.2.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28115
CVE-2023-28116	Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer (packetbuf) for processing of packets, with the size of PACKETBUF_SIZE. In particular, when using the BLE L2CAP module with the default configuration, the PACKETBUF_SIZE value becomes larger then the actual size of the packetbuf. When large packets are processed by the L2CAP module, a buffer overflow can therefore occur when copying the packet data to the packetbuf. The vulnerability has been patched in the "develop" branch of Contiki-NG, and will be included in release 4.9. The problem can be worked around by applying the patch manually.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28116
CVE-2023-24278	Squidex before 7.4.0 was discovered to contain a squid.svg cross-site scripting (XSS) vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-24278
CVE-2023-26113	Versions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26113
CVE-2023-1479	A vulnerability classified as critical has been found in SourceCodester Simple Music Player 1.0. Affected is an unknown function of the file save_music.php. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-223362 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1479
CVE-2023-1480	A vulnerability classified as critical was found in SourceCodester Monitoring of Students Cyber Accounts System 1.0. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Parameter Handler. The manipulation of the argument un leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223363.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1480
CVE-2023-1481	A vulnerability, which was classified as problematic, has been found in SourceCodester Monitoring of Students Cyber Accounts System 1.0. Affected by this issue is some unknown functionality of the file modules/balance/index.php?view=balancelist of the component POST Parameter Handler. The manipulation of the argument id with the input ">--redacted-- leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223364	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1481
CVE-2023-1482	A vulnerability, which was classified as problematic, was found in HkCms 2.2.4.230206. This affects an unknown part of the file /admin.php/appcenter/local.html?type=addon of the component External Plugin Handler. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223365 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1482
CVE-2023-1483	A vulnerability has been found in XiaoBingBy TeaCMS up to 2.0.2 and classified as critical. This vulnerability affects unknown code of the file /admin/getallarticleinfo. The manipulation of the argument searchInfo leads to sql injection. The attack can be initiated remotely. VDB-223366 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1483
CVE-2023-1484	A vulnerability was found in xzjie cms up to 1.0.3 and classified as critical. This issue affects some unknown processing of the file /api/upload. The manipulation of the argument uploadFile leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-223367.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1484
CVE-2023-28606	js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28606
CVE-2023-28607	js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28607
CVE-2023-1485	A vulnerability classified as problematic has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This affects an unknown part of the file /bsenordering/index.php of the component GET Parameter Handler. The manipulation of the argument category with the input --redacted-- leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223371	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1485
CVE-2023-1486	A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects unknown code in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1486
CVE-2023-1487	A vulnerability, which was classified as problematic, has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54. This issue affects some unknown processing in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-223373 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1487
CVE-2023-1488	A vulnerability, which was classified as problematic, was found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54. Affected is an unknown function in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-223374 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1488
CVE-2023-28609	api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28609
CVE-2021-46877	jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.	–	https://nvd.nist.gov/vuln/detail/CVE-2021-46877
CVE-2023-1489	A vulnerability has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54 and classified as critical. Affected by this vulnerability is an unknown functionality in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223375.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1489
CVE-2023-1490	A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1 and classified as critical. Affected by this issue is some unknown functionality in the library SDActMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223376.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1490
CVE-2023-1491	A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been classified as critical. This affects an unknown part in the library MaxCryptMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-223377 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1491
CVE-2023-1492	A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been declared as problematic. This vulnerability affects unknown code in the library MaxProc64.sys of the component IoControlCode Handler. The manipulation of the argument SystemBuffer leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223378 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1492
CVE-2023-1493	A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been rated as problematic. This issue affects some unknown processing in the library MaxProctetor64.sys of the component IoControlCode Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223379.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1493
CVE-2023-1494	A vulnerability classified as critical has been found in IBOS 4.5.5. Affected is an unknown function of the file ApiController.php. The manipulation of the argument emailids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223380.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1494
CVE-2023-1495	A vulnerability classified as critical was found in Rebuild up to 3.2.3. Affected by this vulnerability is the function queryListOfConfig of the file /admin/robot/approval/list. The manipulation of the argument q leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is c9474f84e5f376dd2ade2078e3039961a9425da7. It is recommended to apply a patch to fix this issue. The identifier VDB-223381 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1495
CVE-2022-48422	ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local users to gain privileges via a Trojan horse libgcc_s.so.1 in the current working directory, which may be any directory in which an ONLYOFFICE document is located.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-48422
CVE-2023-26805	Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function formIPMacBindModify.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26805
CVE-2023-26806	Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function formSetSysTime,	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26806
CVE-2023-26905	An issue was discovered in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /alphaware/details.php?id.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26905
CVE-2022-48423	In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-48423
CVE-2022-48424	In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-48424
CVE-2022-48425	In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-48425
CVE-2023-28617	org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28617
CVE-2023-1496	Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1496
CVE-2023-1497	A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. It has been rated as critical. This issue affects some unknown processing of the file uploaderm.php. The manipulation of the argument submit leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223397 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1497
CVE-2023-1498	A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-223398 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1498
CVE-2023-1499	A vulnerability classified as critical was found in code-projects Simple Art Gallery 1.0. Affected by this vulnerability is an unknown functionality of the file adminHome.php. The manipulation of the argument reach_city leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223399.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1499
CVE-2023-1500	A vulnerability, which was classified as problematic, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file adminHome.php. The manipulation of the argument about_info leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223400.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1500
CVE-2023-1501	A vulnerability, which was classified as critical, was found in RockOA 2.3.2. This affects the function runAction of the file acloudCosAction.php.SQL. The manipulation of the argument fileid leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223401 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1501
CVE-2015-10096	A vulnerability, which was classified as critical, was found in Zarthus IRC Twitter Announcer Bot up to 1.1.0. This affects the function get_tweets of the file lib/twitterbot/plugins/twitter_announcer.rb. The manipulation of the argument tweet leads to command injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.1 is able to address this issue. The name of the patch is 6b1941b7fc2c70e1f40981b43c84a2c20cc12bd3. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-223383.	–	https://nvd.nist.gov/vuln/detail/CVE-2015-10096
CVE-2022-4933	A vulnerability, which was classified as critical, has been found in ATM Consulting dolibarr_module_quicksupplierprice up to 1.1.6. Affected by this issue is the function upatePrice of the file script/interface.php. The manipulation leads to sql injection. The attack may be launched remotely. Upgrading to version 1.1.7 is able to address this issue. The name of the patch is ccad1e4282b0e393a32fcc852e82ec0e0af5446f. It is recommended to upgrade the affected component. VDB-223382 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-4933
CVE-2023-1248	Improper Input Validation vulnerability in OTRS AG OTRS (Ticket Actions modules), OTRS AG ((OTRS)) Community Edition (Ticket Actions modules) allows Cross-Site Scripting (XSS).This issue affects OTRS: from 7.0.X before 7.0.42; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1248
CVE-2023-1250	Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names This issue affects OTRS: from 7.0.X before 7.0.42, from 8.0.X before 8.0.31; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1250
CVE-2023-1502	A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/edit_customer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP(5) AND 'dAbu'='dAbu leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-223406 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1502
CVE-2023-1503	A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/admin_index.php. The manipulation of the argument username/password with the input admin' AND (SELECT 8062 FROM (SELECT(SLEEP(5)))meUD)-- hLiX leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223407.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1503
CVE-2023-1504	A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND (SELECT 6077 FROM (SELECT(SLEEP(5)))dltn) AND 'PhRa'='PhRa leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223408.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1504
CVE-2023-1505	A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND (SELECT 8973 FROM (SELECT(SLEEP(5)))OoAD) leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223409 was assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1505
CVE-2023-1506	A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument U_USERNAME leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-223410 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1506
CVE-2023-1507	A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ecommerce/admin/category/controller.php of the component Category Name Handler. The manipulation of the argument CATEGORY leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223411.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1507
CVE-2023-25782	Auth. (admin+) vulnerability in Second2none Service Area Postcode Checker plugin <= 2.0.8 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25782
CVE-2023-22681	Cross-Site Request Forgery (CSRF) vulnerability in Aarvanshinfotech Online Exam Software: eExamhall plugin <= 4.0 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22681
CVE-2023-24381	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsThemes Advanced Social Pixel plugin <= 2.1.1 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-24381
CVE-2023-25064	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Matteo Candura WP htpasswd plugin <= 1.7 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25064
CVE-2023-25794	Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Mighty Digital Nooz plugin <= 1.6.0 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25794
CVE-2023-25795	Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in WP-master.Ir Feed Changer & Remover plugin <= 0.2 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25795
CVE-2022-47592	Reflected Cross-Site Scripting (XSS) vulnerability in Dmytriy.Cooperman MagicForm plugin <= 0.1 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-47592
CVE-2023-22678	Cross-Site Request Forgery (CSRF) vulnerability in Rafael Dery Superior FAQ plugin <= 1.0.2 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22678
CVE-2023-22679	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nicolas Lemoine WP Better Emails plugin <= 0.4 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22679
CVE-2023-22680	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Altanic No API Amazon Affiliate plugin <= 4.2.2 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22680
CVE-2023-22682	Reflected Cross-Site Scripting (XSS) vulnerability in Manuel Masia \| Pixedelic.Com Camera slideshow plugin <= 1.4.0.1 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22682
CVE-2023-23718	Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Esstat17 Page Loading Effects plugin <= 2.0.0 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-23718
CVE-2023-23721	Cross-Site Request Forgery (CSRF) vulnerability in David Gwyer Admin Log plugin <= 1.50 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-23721
CVE-2022-47591	Reflected Cross-Site Scripting (XSS) vulnerability in Mickael Austoni Map Multi Marker plugin <= 3.2.1 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-47591
CVE-2023-0320	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Izmir Katip Celebi University UBYS allows Stored XSS.This issue affects UBYS: before 23.03.16.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0320
CVE-2023-26513	Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26513
CVE-2023-28118	kaml provides YAML support for kotlinx.serialization. Prior to version 0.53.0, applications that use kaml to parse untrusted input containing anchors and aliases may consume excessive memory and crash. Version 0.53.0 and later default to refusing to parse YAML documents containing anchors and aliases. There are no known workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28118
CVE-2023-28424	Soko if the code that powers packages.gentoo.org. Prior to version 1.0.2, the two package search handlers, `Search` and `SearchFeed`, implemented in `pkg/app/handler/packages/search.go`, are affected by a SQL injection via the `q` parameter. As a result, unauthenticated attackers can execute arbitrary SQL queries on `https://packages.gentoo.org/`. It was also demonstrated that primitive was enough to gain code execution in the context of the PostgreSQL container. The issue was addressed in commit `4fa6e4b619c0362728955b6ec56eab0e0cbf1e23y` of version 1.0.2 using prepared statements to interpolate user-controlled data in SQL queries.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28424
CVE-2023-28426	savg-sanitizer is a PHP SVG/XML Sanitizer. A bypass has been found in versions prior to 0.16.0 that allows an attacker to upload an SVG with persistent cross-site scripting. HTML elements within CDATA needed to be sanitized correctly, as we were converting them to a textnode and therefore, the library wasn't seeing them as DOM elements. This issue is fixed in version 0.16.0. Any data within a CDATA node will now be sanitised using HTMLPurifier. The maintainers have also removed many of the HTML and MathML elements from the allowed element list, as without ForiegnObject, they're not legal within the SVG context. There are no known workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28426
CVE-2023-1515	Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.19.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1515
CVE-2023-28428	PDFio is a C library for reading and writing PDF files. In versions 1.1.0 and prior, a denial of service vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. This is different from CVE-2023-24808. A patch for this issue is available in version 1.1.1.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28428
CVE-2023-28429	Pimcore is an open source data and experience management platform. Versions prior to 10.5.19 have an unsecured tooltip field in DataObject class definition. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Users should upgrade to version 10.5.19 or, as a workaround, apply the patch manually.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28429
CVE-2022-3894	The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.5 does not have CSRF check when deleting a client, and does not ensure that the object to be deleted is actually a client, which could allow attackers to make a logged in admin delete arbitrary client and post via a CSRF attack.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-3894
CVE-2022-4148	The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.5 has a flawed CSRF and authorisation check when deleting a client, which could allow any authenticated users, such as subscriber to delete arbitrary client.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-4148
CVE-2023-0145	The Saan World Clock WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0145
CVE-2023-0167	The GetResponse for WordPress plugin through 5.5.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0167
CVE-2023-0175	The Responsive Clients Logo Gallery Plugin for WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0175
CVE-2023-0273	The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0273
CVE-2023-0340	The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. RCE could also be achieved if the attacker manage to upload a malicious image containing PHP code, and then include it via the affected attribute, on a default WP install, authors could easily achieve that given that they have the upload_file capability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0340
CVE-2023-0364	The real.Kit WordPress plugin before 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0364
CVE-2023-0365	The React Webcam WordPress plugin through 1.2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0365
CVE-2023-0369	The GoToWP WordPress plugin through 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0369
CVE-2023-0370	The WPB Advanced FAQ WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0370
CVE-2023-0630	The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0630
CVE-2023-0631	The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0631
CVE-2023-0865	The WooCommerce Multiple Customer Addresses & Shipping WordPress plugin before 21.7 does not ensure that the address to add/update/retrieve/delete and duplicate belong to the user making the request, or is from a high privilege users, allowing any authenticated users, such as subscriber to add/update/duplicate/delete as well as retrieve addresses of other users.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0865
CVE-2023-0875	The WP Meta SEO WordPress plugin before 4.5.3 does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL Injection vulnerability that can be exploited by subscriber+ users.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0875
CVE-2023-0876	The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0876
CVE-2023-0890	The WordPress Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 5.12.8 does not ensure that posts to be displayed via some shortcodes are already public and can be accessed by the user making the request, allowing any authenticated users such as subscriber to view draft, private or even password protected posts. It is also possible to leak the password of protected posts	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0890
CVE-2023-0911	The WordPress Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 5.12.8 does not validate the user meta to be retrieved via the user shortcode, allowing any authenticated users such as subscriber to retrieve arbitrary user meta (except the user_pass), such as the user email and activation key by default.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0911
CVE-2023-0937	The VK All in One Expansion Unit WordPress plugin before 9.87.1.0 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0937
CVE-2023-0940	The ProfileGrid WordPress plugin before 5.3.1 provides an AJAX endpoint for resetting a user password but does not implement proper authorization. This allows a user with low privileges, such as subscriber, to change the password of any account, including Administrator ones.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0940
CVE-2023-1517	Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.19.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1517
CVE-2023-22288	HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails	–	https://nvd.nist.gov/vuln/detail/CVE-2023-22288
CVE-2023-27586	CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27586
CVE-2023-0681	Rapid7 InsightVM versions 6.6.178 and lower suffers from an open redirect vulnerability, whereby an attacker has the ability to redirect the user to a site of the attacker’s choice using the ‘page’ parameter of the ‘data/console/redirect’ component of the application. This issue was resolved in the February, 2023 release of version 6.6.179.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0681
CVE-2023-27578	Galaxy is an open-source platform for data analysis. All supported versions of Galaxy are affected prior to 22.01, 22.05, and 23.0 are affected by an insufficient permission check. Unsupported versions are likely affected as far back as the functionality of Visualizations/Pages exists. Due to this issue, an attacker can modify or delete any Galaxy Visualization or Galaxy Page given they know the encoded ID of it. Additionally, they can copy or import any Galaxy Visualization given they know the encoded ID of it. Patches are available for versions 22.01, 22.05, and 23.0. For the changes to take effect, you must restart all Galaxy server processes. There are no supported workarounds.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27578
CVE-2023-28425	Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-28425
CVE-2022-43663	An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-43663
CVE-2022-45124	An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-45124
CVE-2012-10009	A vulnerability was found in 404like Plugin up to 1.0.2. It has been classified as critical. Affected is the function checkPage of the file 404Like.php. The manipulation of the argument searchWord leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is 2c4b589d27554910ab1fd104ddbec9331b540f7f. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-223404.	–	https://nvd.nist.gov/vuln/detail/CVE-2012-10009
CVE-2023-1527	Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/corebos prior to 8.0.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1527
CVE-2023-1535	Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1535
CVE-2023-1536	Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1536
CVE-2023-1537	Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1537
CVE-2023-1538	Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1538
CVE-2023-1539	Guessable CAPTCHA in GitHub repository answerdev/answer prior to 1.0.6.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1539
CVE-2023-1540	Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1540
CVE-2023-1541	Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1541
CVE-2023-1542	Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1542
CVE-2023-1543	Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1543
CVE-2022-41785	Auth. (contributor+) Stored Cross-Site Scripting vulnerability in Galleryape Gallery Images Ape plugin <= 2.2.8 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-41785
CVE-2022-41831	Auth. (contributor+) Cross-Site Scripting vulnerability in TCBarrett WP Glossary plugin <= 3.1.2 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-41831
CVE-2022-42485	Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Galaxy Weblinks Gallery with thumbnail slider plugin <= 6.0 versions.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-42485
CVE-2023-27980	A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report directory, this could lead to remote code execution when a victim eventually opens the report. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior)	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27980
CVE-2023-27982	A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard files in the IGSS project report directory, when an attacker sends specific crafted messages to the Data Server TCP port, this could lead to remote code execution when a victim eventually opens a malicious dashboard file. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27982
CVE-2023-1462	Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse. This issue affects DigiKent: before 23.03.20.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1462
CVE-2023-27978	A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27978
CVE-2023-27981	A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Custom Reports that could cause a remote code execution when a victim tries to open a malicious report. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27981
CVE-2016-15029	A vulnerability has been found in Ydalb mapicoin up to 1.9.0 and classified as problematic. This vulnerability affects unknown code of the file webroot/stats.php. The manipulation of the argument link/search leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.10.0 is able to address this issue. The name of the patch is 67e87f0f0c1ac238fcd050f4c3db298229bc9679. It is recommended to upgrade the affected component. VDB-223402 is the identifier assigned to this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2016-15029
CVE-2023-1545	SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1545
CVE-2023-27984	A CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to remote code execution when a user opens a malicious report file planted by an attacker. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27984
CVE-2023-1153	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pacsrapor allows SQL Injection, Command Line Execution through SQL Injection.This issue affects Pacsrapor: before 1.22.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1153
CVE-2023-1154	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pacsrapor allows Reflected XSS.This issue affects Pacsrapor: before 1.22.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1154
CVE-2023-1314	A vulnerability has been discovered in cloudflared's installer (<= 2023.3.0) for Windows 32-bits devices that allows a local attacker with no administrative permissions to escalate their privileges on the affected device. This vulnerability exists because the MSI installer used by cloudflared relied on a world-writable directory. An attacker with local access to the device (without Administrator rights) can use symbolic links to trick the MSI installer into deleting files in locations that the attacker would otherwise have no access to. By creating a symlink from the world-writable directory to the target file, the attacker can manipulate the MSI installer's repair functionality to delete the target file during the repair process. Exploitation of this vulnerability could allow an attacker to delete important system files or replace them with malicious files, potentially leading to the affected device being compromised. The cloudflared client itself is not affected by this vulnerability, only the installer for 32-bit Windows devices.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1314
CVE-2023-27977	A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss of data when an attacker sends specific crafted messages to the Data Server TCP port. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27977
CVE-2022-42331	x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-42331
CVE-2022-42332	x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tables as well as auxiliary data structures. To migrate or snapshot guests, Xen additionally runs them in so called log-dirty mode. The data structures needed by the log-dirty tracking are part of aformentioned auxiliary data. In order to keep error handling efforts within reasonable bounds, for operations which may require memory allocations shadow mode logic ensures up front that enough memory is available for the worst case requirements. Unfortunately, while page table memory is properly accounted for on the code path requiring the potential establishing of new shadows, demands by the log-dirty infrastructure were not taken into consideration. As a result, just established shadow page tables could be freed again immediately, while other code is still accessing them on the assumption that they would remain allocated.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-42332
CVE-2022-42333	x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).	–	https://nvd.nist.gov/vuln/detail/CVE-2022-42333
CVE-2022-42334	x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).	–	https://nvd.nist.gov/vuln/detail/CVE-2022-42334
CVE-2023-27979	A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to denial of service when an attacker sends specific crafted messages to the Data Server TCP port. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27979
CVE-2023-27983	A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would lead to loss of data when an attacker abuses this functionality. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27983
CVE-2023-25687	IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an authenticated user to obtain sensitive information from log files. IBM X-Force ID: 247602.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25687
CVE-2023-25689	IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1 , and 4.1.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 247618.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25689
CVE-2023-27842	Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrary code via the index.php compenent	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27842
CVE-2023-27871	IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM X-Force ID: 249613.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27871
CVE-2023-27873	IBM Aspera Faspex 4.4.2 could allow a remote authenticated attacker to obtain sensitive credential information using specially crafted XML input. IBM X-Force ID: 249654.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27873
CVE-2023-27874	IBM Aspera Faspex 4.4.2 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands. IBM X-Force ID: 249845.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27874
CVE-2022-45635	An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to gain access to sensitive account information via insecure password policy.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-45635
CVE-2022-45637	An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-45637
CVE-2023-25686	IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 247601.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25686
CVE-2023-25923	IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an attacker to upload files that could be used in a denial of service attack due to incorrect authorization. IBM X-Force ID: 247629.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25923
CVE-2023-27569	The eo_tags package before 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27569
CVE-2023-27570	The eo_tags package before 1.4.19 for PrestaShop allows SQL injection via a crafted _ga cookie.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27570
CVE-2023-1304	An authenticated attacker can leverage an exposed getattr() method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1304
CVE-2023-1305	An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided those files can be parsed as yaml or JSON. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1305
CVE-2023-1306	An authenticated attacker can leverage an exposed resource.db() accessor method to smuggle Python method calls via a Jinja template, which can lead to code execution. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1306
CVE-2023-25684	IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 247597.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25684
CVE-2018-25082	A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The name of the patch is e54abadc777715b6dcb545c13214d1dea63df6c9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-223403.	–	https://nvd.nist.gov/vuln/detail/CVE-2018-25082
CVE-2022-36429	A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-36429
CVE-2022-37337	A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-37337
CVE-2022-38452	A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-38452
CVE-2022-38458	A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-38458
CVE-2022-45636	An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to unlock model(s) without authorization via arbitrary API requests.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-45636
CVE-2023-25134	McAfee Total Protection prior to 16.0.50 may allow an adversary (with full administrative access) to modify a McAfee specific Component Object Model (COM) in the Windows Registry. This can result in the loading of a malicious payload.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-25134
CVE-2023-27087	Permissions vulnerabiltiy found in Xuxueli xxl-job v2.2.0, v 2.3.0 and v.2.3.1 allows attacker to obtain sensitive information via the pageList parameter.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-27087
CVE-2023-0391	MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the administrative interface, shared across every installation of CloudPanel. This behavior was observed in version 2.2.0. There has been no indication from the vendor this has been addressed in version 2.2.1.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-0391
CVE-2023-1261	Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and earlier allows malicious node to route malicious messages through network.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1261
CVE-2023-1262	Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1262
CVE-2023-1528	Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1528
CVE-2023-1529	Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1529
CVE-2023-1530	Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1530
CVE-2023-1531	Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1531
CVE-2023-1532	Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1532
CVE-2023-1533	Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1533
CVE-2023-1534	Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	–	https://nvd.nist.gov/vuln/detail/CVE-2023-1534
CVE-2023-26497	An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Memory corruption can occur when processing Session Description Negotiation for Video Configuration Attribute.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-26497
CVE-2022-41696	Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-41696
CVE-2022-43512	Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-43512
CVE-2022-45121	Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-45121
CVE-2022-45468	Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-45468
CVE-2022-46286	Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-46286
CVE-2022-46300	Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.	–	https://nvd.nist.gov/vuln/detail/CVE-2022-46300
CVE-2023-24709	An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters.	–	https://nvd.nist.gov/vuln/detail/CVE-2023-24709