Siemens SIMATIC products and SINAUT Software weak security | CVE-2023-28829
NAME__________Siemens SIMATIC products and SINAUT Software weak securityPlatforms Affected:Siemens SIMATIC PCS 7 8.2 Siemens SIMATIC PCS 7 9.0 Siemens SIMATIC...
Year: 2023
HotelDruid cross-site scripting | CVE-2023-34537
NAME__________HotelDruid cross-site scriptingPlatforms Affected:HotelDruid HotelDruid 3.0.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________HotelDruid is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Schneider Electric IGSS Dashboard code execution | CVE-2023-3001
NAME__________Schneider Electric IGSS Dashboard code executionPlatforms Affected:Schneider Electric IGSS Dashboard 16.0.0.23130Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Schneider Electric IGSS Dashboard could allow a...
Siemens POWER METER SICAM Q200 family cross-site request forgery | CVE-2023-30901
NAME__________Siemens POWER METER SICAM Q200 family cross-site request forgeryPlatforms Affected:Siemens POWER METER SICAM Q200 familyRisk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens POWER METER...
Discourse information disclosure | CVE-2023-31142
NAME__________Discourse information disclosurePlatforms Affected:Discourse Discourse stable 3.0.3 Discourse Discourse beta 3.1.0.beta4 Discourse Discourse tests-passed 3.1.0.beta4Risk Level:2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Discourse could allow...
Apache Traffic Server information disclosure | CVE-2022-47184
NAME__________Apache Traffic Server information disclosurePlatforms Affected:Apache Traffic Server 8.0.0 Apache Traffic Server 9.0.0 Apache Traffic Server 8.1.4 Apache Traffic Server...
Chat Bee plugin for WordPress cross-site scripting | CVE-2023-26538
NAME__________Chat Bee plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Chat Bee Plugin for WordPress 1.1.0Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Chat Bee plugin for...
Protected Posts Logout Button plugin for WordPress cross-site scripting | CVE-2023-25978
NAME__________Protected Posts Logout Button plugin for WordPress cross-site scriptingPlatforms Affected:WordPress UTM Tracker Plugin for WordPress 1.3.1 WordPress Protected Posts Logout...
Microsoft Windows Server iSCSI Target WMI Provider code execution | CVE-2023-29367
NAME__________Microsoft Windows Server iSCSI Target WMI Provider code executionPlatforms Affected:Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows...
Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients privilege escalation | CVE-2023-34121
NAME__________Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients privilege escalationPlatforms Affected:Zoom Zoom for Windows clients 5.13.2 Zoom Zoom...
Siemens TIA Portal information disclosure | CVE-2023-30757
NAME__________Siemens TIA Portal information disclosurePlatforms Affected:Siemens TIA Portal 14 Siemens TIA Portal 15 Siemens TIA Portal 15.1 Siemens TIA Portal...
WooCommerce Stripe Payment Gateway plugin for WordPress information disclosure | CVE-2023-34000
NAME__________WooCommerce Stripe Payment Gateway plugin for WordPress information disclosurePlatforms Affected:WordPress WooCommerce Stripe Payment Gateway plugin for WordPress 7.4.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information...
Microsoft Windows GDI Elevation privilege escalation | CVE-2023-29371
NAME__________Microsoft Windows GDI Elevation privilege escalationPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft...
Microsoft Edge (Chromium-based) information disclosure | CVE-2023-33145
NAME__________Microsoft Edge (Chromium-based) information disclosurePlatforms Affected:Microsoft Edge (Chromium-based)Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to obtain...
Zoom for Linux clients denial of service | CVE-2023-28598
NAME__________Zoom for Linux clients denial of servicePlatforms Affected:Zoom Zoom for Linux clients 5.13.9Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Zoom for Linux clients...
Siemens SIMATIC WinCC code execution | CVE-2023-30897
NAME__________Siemens SIMATIC WinCC code executionPlatforms Affected:Siemens SIMATIC WinCCRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens SIMATIC WinCC could allow a local authenticated attacker to...
Discourse security bypass | CVE-2023-32301
NAME__________Discourse security bypassPlatforms Affected:Discourse DiscourseRisk Level:3.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Discourse could allow a remote authenticated attacker to bypass security restrictions, caused by...
Discourse information disclosure | CVE-2023-34250
NAME__________Discourse information disclosurePlatforms Affected:Discourse Discourse stable 3.0.3 Discourse Discourse beta 3.1.0.beta4 Discourse Discourse tests-passed 3.1.0.beta4Risk Level:4.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Discourse could allow...
IBM Security Guardium privilege escalation | CVE-2022-22307
NAME__________IBM Security Guardium privilege escalationPlatforms Affected:IBM Security Guardium 11.3 IBM Security Guardium 11.4 IBM Security Guardium 11.5Risk Level:4.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________IBM...
Schneider Electric EcoStruxure Foxboro DCS Control Core Services execution | CVE-2023-2570
NAME__________Schneider Electric EcoStruxure Foxboro DCS Control Core Services executionPlatforms Affected:Schneider Electric EcoStruxure Foxboro DCS Control Core ServicesRisk Level:7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Schneider...
Discourse security bypass | CVE-2023-32061
NAME__________Discourse security bypassPlatforms Affected:Discourse Discourse stable 3.0.3 Discourse Discourse beta 3.1.0.beta4 Discourse Discourse tests-passed 3.1.0.beta4Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Discourse could allow...
Cyberus Key plugin for WordPress cross-site scripting | CVE-2023-28620
NAME__________Cyberus Key plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Cyberus Key Plugin for WordPress 1.0Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Cyberus Key plugin for...
Siemens SIMOTION products information disclosure | CVE-2023-27465
NAME__________Siemens SIMOTION products information disclosurePlatforms Affected:Siemens SIMOTION C240 5.4 Siemens SIMOTION C240 PN 5.4 Siemens SIMOTION D410-2 DP 5.4 Siemens...
Apache Traffic Server information disclosure | CVE-2023-33933
NAME__________Apache Traffic Server information disclosurePlatforms Affected:Apache Traffic Server 8.0.0 Apache Traffic Server 9.0.0 Apache Traffic Server 8.1.4 Apache Traffic Server...
