Cisco IP Phone 6800, 7800, and 8800 Series denial of service | CVE-2023-20079
NAME__________Cisco IP Phone 6800, 7800, and 8800 Series denial of servicePlatforms Affected:Cisco IP Phone 6800 Series Cisco IP Phone 7800...
Month: March 2023
FabulaTech Webcam for Remote Desktop denial of service | CVE-2023-1188
NAME__________FabulaTech Webcam for Remote Desktop denial of servicePlatforms Affected:Risk Level:3.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________FabulaTech Webcam for Remote Desktop is...
Zhong Bang CRMEB Java SQL injection | CVE-2023-1165
NAME__________Zhong Bang CRMEB Java SQL injectionPlatforms Affected:Zhong Bang CRMEB Java 1.3.4Risk Level:5.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Zhong Bang CRMEB Java is vulnerable to...
Vega cross-site scripting | CVE-2023-26487
NAME__________Vega cross-site scriptingPlatforms Affected:Vega Vega 5.13.0 Vega Vega 5.22.1Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Vega is vulnerable to cross-site scripting, caused by improper...
ECshop file upload | CVE-2023-1184
NAME__________ECshop file uploadPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ECshop could allow a remote authenticated attacker to upload arbitrary files, caused by the...
WiseCleaner Wise Folder Hider denial of service | CVE-2023-1189
NAME__________WiseCleaner Wise Folder Hider denial of servicePlatforms Affected:Risk Level:3.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________WiseCleaner Wise Folder Hider is vulnerable to...
systemd privilege escalation | CVE-2023-26604
NAME__________systemd privilege escalationPlatforms Affected:systemd systemd 246Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________systemd could allow a local authenticated attacker to gain elevated privileges on...
gosaml2 denial of service | CVE-2023-26483
NAME__________gosaml2 denial of servicePlatforms Affected:gosaml2 gosaml2 0.8.1Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________gosaml2 is vulnerable to a denial of service, caused by...
Shenzhen Zhibotong Electronics WBT WE1626 Router information disclosure | CVE-2022-45552
NAME__________Shenzhen Zhibotong Electronics WBT WE1626 Router information disclosurePlatforms Affected:Shenzhen Zhibotong Electronics WBT WE1626 Router 21.06.18Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Shenzhen Zhibotong Electronics...
OpenZeppelin Contracts security bypass | CVE-2023-26488
NAME__________OpenZeppelin Contracts security bypassPlatforms Affected:OpenZeppelin OpenZeppelin Contracts 4.8.1Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Openzeppelin Contracts could allow a remote authenticated attacker to bypass...
pg_ivm privilege escalation | CVE-2023-23554
NAME__________pg_ivm privilege escalationPlatforms Affected:pg_ivm pg_ivm 1.5.0Risk Level:5.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________pg_ivm could allow a remote authenticated attacker to gain elevated privileges on...
FabulaTech Webcam for Remote Desktop denial of service | CVE-2023-1187
NAME__________FabulaTech Webcam for Remote Desktop denial of servicePlatforms Affected:Risk Level:3.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________FabulaTech Webcam for Remote Desktop is...
EasyImage2.0 cross-site scripting | CVE-2023-1181
NAME__________EasyImage2.0 cross-site scriptingPlatforms Affected:Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________EasyImage2.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
DrayTek routers cross-site scripting | CVE-2023-23313
NAME__________DrayTek routers cross-site scriptingPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________DrayTek routers are vulnerable to cross-site scripting, caused by improper validation of user-supplied...
mailcow command execution | CVE-2023-26490
NAME__________mailcow command executionPlatforms Affected:mailcow mailcow 2023-02aRisk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________mailcow could allow a remote attacker to execute arbitrary commands on the...
NVIDIA CUDA Toolkit SDK denial of service | CVE-2023-0196
NAME__________NVIDIA CUDA Toolkit SDK denial of servicePlatforms Affected:Risk Level:3.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NVIDIA CUDA Toolkit SDK is vulnerable to a denial...
Metform Elementor Contact Form Builder Plugin for WordPress security bypass | CVE-2023-0085
NAME__________Metform Elementor Contact Form Builder Plugin for WordPress security bypassPlatforms Affected:WordPress Metform Elementor Contact Form Builder Plugin for WordPress 3.2.1Risk...
Vega cross-site scripting | CVE-2023-26486
NAME__________Vega cross-site scriptingPlatforms Affected:Vega Vega 5.13.0Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Vega is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
ECshop file upload | CVE-2023-1185
NAME__________ECshop file uploadPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ECshop could allow a remote authenticated attacker to upload arbitrary files, caused by the...
FabulaTech Webcam for Remote Desktop denial of service | CVE-2023-1186
NAME__________FabulaTech Webcam for Remote Desktop denial of servicePlatforms Affected:Risk Level:3.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________FabulaTech Webcam for Remote Desktop is...
YouTube Embedded SDK code execution | CVE-2023-0460
NAME__________YouTube Embedded SDK code executionPlatforms Affected:Risk Level:5.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________YouTube Embedded SDK could allow a remote attacker to execute arbitrary code...
Craft CMS cross-site scripting | CVE-2023-23927
NAME__________Craft CMS cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Craft CMS is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
KioWare code execution | CVE-2022-44875
NAME__________KioWare code executionPlatforms Affected:KioWare KioWare 8.33Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________KioWare could allow a local authenticated attacker to execute arbitrary code on...
Yf-exam file upload | CVE-2023-25402
NAME__________Yf-exam file uploadPlatforms Affected:CleverStupidDog yf-exam 1.8.0Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Yf-exam could allow a remote attacker to upload arbitrary files, caused by...
