Uncategorized

Google Chrome Web Payments API security bypass | CVE-2023-1224

March 10, 2023

NAME__________Google Chrome Web Payments API security bypassPlatforms Affected:Google Chrome 111.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to...

CMP plugin for WordPress information disclosure | CVE-2023-1263

March 10, 2023

NAME__________CMP plugin for WordPress information disclosurePlatforms Affected:WordPress GMP Plugin for WordPress 4.1.6Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________CMP plugin for WordPress could allow...

Fortinet FortiWeb and Fortinet FortiRecorder information disclosure | CVE-2022-22297

March 10, 2023

NAME__________Fortinet FortiWeb and Fortinet FortiRecorder information disclosurePlatforms Affected:Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Fortinet FortiWeb and Fortinet FortiRecorder could allow a local authenticated...

Google Chrome Navigation security bypass | CVE-2023-1225

March 10, 2023

NAME__________Google Chrome Navigation security bypassPlatforms Affected:Google Chrome 111.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security...

Fortinet FortiProxy and Fortinet FortiOS information disclosure | CVE-2022-41329

March 10, 2023

NAME__________Fortinet FortiProxy and Fortinet FortiOS information disclosurePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Fortinet FortiProxy and Fortinet FortiOS could allow a remote attacker...

Directus information disclosure | CVE-2023-27481

March 10, 2023

NAME__________Directus information disclosurePlatforms Affected:Directus Directus 9.15.1Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Directus could allow a remote authenticated attacker to obtain sensitive information, caused...

Parallels Desktop privilege escalation | CVE-2023-27324

March 10, 2023

NAME__________Parallels Desktop privilege escalationPlatforms Affected:Parallels Desktop 18.1Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Parallels Desktop could allow a local authenticated attacker to gain elevated...

Apache HTTP Server request splitting | CVE-2023-25690

March 10, 2023

NAME__________Apache HTTP Server request splittingPlatforms Affected:Apache HTTP Server 2.4.17 Apache HTTP Server 2.4.48 Apache HTTP Server 2.4.50 Apache HTTP Server...

Parallels Desktop privilege escalation | CVE-2023-27325

March 10, 2023

SourceCodester Health Center Patient Record Management System SQL injection | CVE-2023-1253

March 10, 2023

NAME__________SourceCodester Health Center Patient Record Management System SQL injectionPlatforms Affected:Sourcecodester Health Center Patient Record Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SourceCodester...

Fortinet FortiRecorder denial of service | CVE-2022-41333

March 10, 2023

NAME__________Fortinet FortiRecorder denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Fortinet FortiRecorder is vulnerable to a denial of service, caused by...

Multiple Buffalo products cross-site scripting | CVE-2023-24464

March 10, 2023

NAME__________Multiple Buffalo products cross-site scriptingPlatforms Affected:Buffalo BS-GS2008 firmware 1.10-0.03 Buffalo BS-GS2016 firmware 1.10-0.03 Buffalo BS-GS2024 firmware 1.10-0.03 Buffalo BS-GS2048 firmware...

Google Chrome Intents security bypass | CVE-2023-1228

March 10, 2023

NAME__________Google Chrome Intents security bypassPlatforms Affected:Google Chrome 111.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security...

Bytecode Alliance Wasmtime security bypass | CVE-2023-27477

March 10, 2023

NAME__________Bytecode Alliance Wasmtime security bypassPlatforms Affected:Bytecode Alliance Wasmtime 4.0.0 Bytecode Alliance Wasmtime 5.0.0 Bytecode Alliance Wasmtime 6.0.0Risk Level:3.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Bytecode...

Fortinet FortiAnalyzer code execution | CVE-2023-25611

March 10, 2023

NAME__________Fortinet FortiAnalyzer code executionPlatforms Affected:Risk Level:4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fortinet FortiAnalyzer could allow a remote authenticated attacker to execute arbitrary code on...

UBIT Information Technologies Student Information Management System cross-site scripting | CVE-2021-44197

March 10, 2023

NAME__________UBIT Information Technologies Student Information Management System cross-site scriptingPlatforms Affected:UBIT Information Technologies Student Information Management SystemRisk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________UBIT Information...

Fortinet FortiNAC cross-site scripting | CVE-2022-40676

March 10, 2023

NAME__________Fortinet FortiNAC cross-site scriptingPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Fortinet FortiNAC is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Cisco IOS XR Software information disclosure | CVE-2023-20064

March 10, 2023

NAME__________Cisco IOS XR Software information disclosurePlatforms Affected:Cisco ASR 9000 Series Aggregation Services Routers Cisco IOS XRv 9000 Router Cisco Network...

Foxit Reader code execution | CVE-2023-27331

March 10, 2023

NAME__________Foxit Reader code executionPlatforms Affected:Foxit PDF ReaderRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Foxit Reader could allow a remote attacker to execute arbitrary code...

XWiki Platform information disclosure | CVE-2023-27480

March 10, 2023

NAME__________XWiki Platform information disclosurePlatforms Affected:XWiki XWiki Platform 13.10.10 XWiki XWiki Platform 14.4.6 XWiki XWiki Platform 14.9Risk Level:7.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________XWiki Platform...

Apache Dubbo code execution | CVE-2023-23638

March 10, 2023

NAME__________Apache Dubbo code executionPlatforms Affected:Apache Dubbo 2.7.0 Apache Dubbo 3.0.0 Apache Dubbo 3.1.0 Apache Dubbo 2.7.21 Apache Dubbo 3.0.13 Apache...

Parallels Desktop privilege escalation | CVE-2023-27327

March 10, 2023

NAME__________Parallels Desktop privilege escalationPlatforms Affected:Parallels Desktop 18.1Risk Level:7.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Parallels Desktop could allow a local authenticated attacker to gain elevated...

Jenkins weekly and LTS information disclosure | CVE-2023-27902

March 10, 2023

NAME__________Jenkins weekly and LTS information disclosurePlatforms Affected:Jenkins weekly 2.393 Jenkins LTS 2.375.3Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins weekly and LTS could allow...

Fortinet FortiNAC privilege escalation | CVE-2022-39953

March 10, 2023

NAME__________Fortinet FortiNAC privilege escalationPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Fortinet FortiNAC could allow a local authenticated attacker to gain elevated privileges on...

Uncategorized

Google Chrome Web Payments API security bypass | CVE-2023-1224

CMP plugin for WordPress information disclosure | CVE-2023-1263

Fortinet FortiWeb and Fortinet FortiRecorder information disclosure | CVE-2022-22297

Google Chrome Navigation security bypass | CVE-2023-1225

Fortinet FortiProxy and Fortinet FortiOS information disclosure | CVE-2022-41329

Directus information disclosure | CVE-2023-27481

Parallels Desktop privilege escalation | CVE-2023-27324

Apache HTTP Server request splitting | CVE-2023-25690

Parallels Desktop privilege escalation | CVE-2023-27325

SourceCodester Health Center Patient Record Management System SQL injection | CVE-2023-1253

Fortinet FortiRecorder denial of service | CVE-2022-41333

Multiple Buffalo products cross-site scripting | CVE-2023-24464

Google Chrome Intents security bypass | CVE-2023-1228

Bytecode Alliance Wasmtime security bypass | CVE-2023-27477

Fortinet FortiAnalyzer code execution | CVE-2023-25611

UBIT Information Technologies Student Information Management System cross-site scripting | CVE-2021-44197

Fortinet FortiNAC cross-site scripting | CVE-2022-40676

Cisco IOS XR Software information disclosure | CVE-2023-20064

Foxit Reader code execution | CVE-2023-27331

XWiki Platform information disclosure | CVE-2023-27480

Apache Dubbo code execution | CVE-2023-23638

Parallels Desktop privilege escalation | CVE-2023-27327

Jenkins weekly and LTS information disclosure | CVE-2023-27902

Fortinet FortiNAC privilege escalation | CVE-2022-39953

CVE Alert: CVE-2025-2955

CVE Alert: CVE-2025-2957

CVE Alert: CVE-2025-2956

CVE Alert: CVE-2025-2959

CVE Alert: CVE-2025-2958

You may have missed