UNISOC mobile phone chipsets for Android denial of service | CVE-2023-42750
NAME__________UNISOC mobile phone chipsets for Android denial of servicePlatforms Affected:Unisoc SC9863A Unisoc SC9832E Unisoc SC7731E Unisoc T610 Unisoc T606 Unisoc...
Year: 2023
Bitrix24 information disclosure | CVE-2023-1719
NAME__________Bitrix24 information disclosurePlatforms Affected:Bitrix24 Bitrix24 22.0.300Risk Level:7.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________Bitrix24 could allow a remote attacker to obtain sensitive information,...
FUJIFILM and Xerox MFPs information disclosure | CVE-2023-46327
NAME__________FUJIFILM and Xerox MFPs information disclosurePlatforms Affected:https://securitydocs.business.xerox.com/wp-content/uploads/2023/11/XRX23-015_Security-Bulletin-for-Primelink-Versalink-and-WorkCentre-CVE-023-46327.pdfRisk Level:5.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________FUJIFILM Business Innovation Corp. and Xerox Corporation multifunction printers (MFPs) could...
IBM MQ Appliance privilege escalation | CVE-2023-46176
NAME__________IBM MQ Appliance privilege escalationPlatforms Affected:IBM MQ Appliance 9.3.CDRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________IBM MQ Appliance 9.3 CD could allow a local...
Paragraphs admin module for Drupal security bypass |
NAME__________Paragraphs admin module for Drupal security bypassPlatforms Affected:Drupal Paragraphs admin module for Drupal 8.x-1.4Risk Level:5.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Paragraphs admin module for...
Insyde InsydeH2O buffer overflow | CVE-2023-39281
NAME__________Insyde InsydeH2O buffer overflowPlatforms Affected:Insyde InsydeH2O 5.0Risk Level:4.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Insyde InsydeH2O is vulnerable to a stack-based buffer overflow, caused by...
GPAC heap-based buffer overflow | CVE-2023-46931
NAME__________GPAC heap-based buffer overflowPlatforms Affected:GPAC GPAC 2.3-DEV-rev605-gfc9e29089-masterRisk Level:5.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________GPAC is vulnerable to a heap-based buffer overflow, caused...
Bitrix24 denial of service | CVE-2023-1718
NAME__________Bitrix24 denial of servicePlatforms Affected:Bitrix24 Bitrix24 22.0.300Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Bitrix24 is vulnerable to a denial of service,...
IBM Content Navigator server-side request forgery | CVE-2023-35896
NAME__________IBM Content Navigator server-side request forgeryPlatforms Affected:IBM Content Navigator 3.0.13Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IBM Content Navigator 3.0.13 is vulnerable to server-side...
Mattermost Desktop information disclosure | CVE-2023-5875
NAME__________Mattermost Desktop information disclosurePlatforms Affected:Mattermost Mattermost Desktop 5.5.0Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Mattermost Desktop could allow a remote attacker to obtain sensitive...
Online Examination System open redirect | CVE-2023-45202
NAME__________Online Examination System open redirectPlatforms Affected:Risk Level:6.1Exploitability:Proof of ConceptConsequences:Other DESCRIPTION__________Online Examination System could allow a remote attacker to conduct phishing...
Devolutions Server information disclosure | CVE-2023-5358
NAME__________Devolutions Server information disclosurePlatforms Affected:Devolutions Devolutions Server 2023.2.10.0Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Devolutions Server could allow a remote authenticated attacker to obtain...
Devolutions Remote Desktop Manager Windows security bypass | CVE-2023-5765
NAME__________Devolutions Remote Desktop Manager Windows security bypassPlatforms Affected:Devolutions Remote Desktop Manager Windows 2023.2.33Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Devolutions Remote Desktop Manager Windows...
IBM MQ Appliance denial of service | CVE-2023-45177
NAME__________IBM MQ Appliance denial of servicePlatforms Affected:IBM MQ Appliance 9.3 CD IBM MQ 9.0 LTS IBM MQ 9.1 LTS IBM...
Online Examination System open redirect | CVE-2023-45203
NAME__________Online Examination System open redirectPlatforms Affected:Risk Level:6.1Exploitability:Proof of ConceptConsequences:Other DESCRIPTION__________Online Examination System could allow a remote attacker to conduct phishing...
Online Examination System open redirect | CVE-2023-45201
NAME__________Online Examination System open redirectPlatforms Affected:Risk Level:6.1Exploitability:Proof of ConceptConsequences:Other DESCRIPTION__________Online Examination System could allow a remote attacker to conduct phishing...
Microsoft Exchange Server server-side request forgery |
NAME__________Microsoft Exchange Server server-side request forgeryPlatforms Affected:Microsoft Exchange ServerRisk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Microsoft Exchange Server is vulnerable to server-side request forgery,...
Microsoft Edge (Chromium-based) spoofing | CVE-2023-36029
NAME__________Microsoft Edge (Chromium-based) spoofingPlatforms Affected:Microsoft Edge (Chromium-based) 118.0 Microsoft Edge (Chromium-based) 119.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a...
Microsoft Exchange Server code execution |
NAME__________Microsoft Exchange Server code executionPlatforms Affected:Microsoft Exchange ServerRisk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Microsoft Exchange Server could allow a remote authenticated attacker to...
Mitsubishi Electric MELSEC iQ-F Series CPU Module denial of service | CVE-2023-4625
NAME__________Mitsubishi Electric MELSEC iQ-F Series CPU Module denial of servicePlatforms Affected:Mitsubishi Electric FX5U-xMy/z x=326480 y=TR z=ESDSESSDSS Mitsubishi Electric FX5UC-xMy/z x=326496...
Microsoft Exchange Server server-side request forgery |
NAME__________Microsoft Exchange Server server-side request forgeryPlatforms Affected:Microsoft Exchange ServerRisk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Microsoft Exchange Server is vulnerable to server-side request forgery,...
Mattermost Desktop information disclosure | CVE-2023-5920
NAME__________Mattermost Desktop information disclosurePlatforms Affected:Mattermost Mattermost Desktop 5.5.0Risk Level:2.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Mattermost Desktop could allow a local attacker to obtain sensitive...
pkp/pkp-lib cross-site scripting | CVE-2023-5890
NAME__________pkp/pkp-lib cross-site scriptingPlatforms Affected:pkp pkp-lib 3.4.0-3Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________pkp/pkp-lib is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Microsoft Edge (Chromium-based) code execution | CVE-2023-36022
NAME__________Microsoft Edge (Chromium-based) code executionPlatforms Affected:Microsoft Edge (Chromium-based) 118.0 Microsoft Edge (Chromium-based) 119.0Risk Level:6.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Microsoft Edge (Chromium-based) could allow...
