GitLab security bypass | CVE-2023-0120
NAME__________GitLab security bypassPlatforms Affected:GitLab Community Edition 16.2.4 GitLab Community Edition 16.3.0 GitLab Enterprise Edition 16.3.0 GitLab Enterprise Edition 16.2.4 GitLab...
Vulnerabilities
?GE Digital CIMPLICITY privilege escalation | CVE-2023-4487
NAME__________?GE Digital CIMPLICITY privilege escalationPlatforms Affected:GE Digital CIMPLICITY 2023Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________?GE Digital CIMPLICITY could allow a local authenticated attacker...
VMware Tools security bypass | CVE-2023-20900
NAME__________VMware Tools security bypassPlatforms Affected:VMware Tools 11 VMware Tools 12 VMware Tools 10.3Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________VMware Tools could allow a...
GitLab security bypass | CVE-2023-1555
NAME__________GitLab security bypassPlatforms Affected:GitLab Community Edition 16.2.4 GitLab Community Edition 16.3.0 GitLab Enterprise Edition 16.3.0 GitLab Enterprise Edition 16.2.4 GitLab...
GitLab open redirect | CVE-2023-1279
NAME__________GitLab open redirectPlatforms Affected:GitLab Community Edition 16.2.4 GitLab Community Edition 16.3.0 GitLab Enterprise Edition 16.3.0 GitLab Enterprise Edition 16.2.4 GitLab...
GitLab security bypass | CVE-2023-4638
NAME__________GitLab security bypassPlatforms Affected:GitLab Community Edition 16.2.4 GitLab Community Edition 16.3.0 GitLab Enterprise Edition 16.3.0 GitLab Enterprise Edition 16.2.4 GitLab...
TP-Link Tapo C210 devices buffer overflow | CVE-2023-41184
NAME__________TP-Link Tapo C210 devices buffer overflowPlatforms Affected:TP-Link Tapo C210Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________TP-Link Tapo C210 devices are vulnerable to a stack-based...
GitLab privilege escalation | CVE-2023-3915
NAME__________GitLab privilege escalationPlatforms Affected:GitLab Community Edition 16.2.4 GitLab Community Edition 16.3.0 GitLab Enterprise Edition 16.3.0 GitLab Enterprise Edition 16.2.4 GitLab...
iframe popup plugin for WordPress cross-site scripting | CVE-2023-24394
NAME__________iframe popup plugin for WordPress cross-site scriptingPlatforms Affected:WordPress iframe popup Plugin for WordPress 3.3Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________iframe popup Login Plugin...
Spipu HTML2PDF cross-site scripting | CVE-2023-39062
NAME__________Spipu HTML2PDF cross-site scriptingPlatforms Affected:Spipu HTML2PDF 5.2.3 Spipu HTML2PDF 5.2.4 Spipu HTML2PDF 5.2.5 Spipu HTML2PDF 5.2.6 Spipu HTML2PDF 5.2.7Risk Level:6.1Exploitability:HighConsequences:Cross-Site...
NeoMind Fusion Platform cross-site scripting | CVE-2023-4534
NAME__________NeoMind Fusion Platform cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________NeoMind Fusion Platform is vulnerable to cross-site scripting, caused by improper validation...
Free and Open Source Inventory Management System cross-site scripting | CVE-2023-39707
NAME__________Free and Open Source Inventory Management System cross-site scriptingPlatforms Affected:Sourcecodester Free and Open Source Inventory Management System 1.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting...
jupyter-server information disclosure | CVE-2023-40170
NAME__________jupyter-server information disclosurePlatforms Affected:jupyter-server jupyter-server 2.7.1Risk Level:4.6Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________jupyter-server could allow a remote authetnicated attacker to obtain sensitive information, caused...
Metal3 ironic-image security bypass | CVE-2023-40585
NAME__________Metal3 ironic-image security bypassPlatforms Affected:Metal3 ironic-image capm3-v1.4.2Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Metal3 ironic-image could allow a remote attacker to bypass security restrictions,...
Webiny cross-site scripting | CVE-2023-41167
NAME__________Webiny cross-site scriptingPlatforms Affected:webiny webiny 5.37.1Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Webiny is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
giflib buffer overflow | CVE-2023-39742
NAME__________giflib buffer overflowPlatforms Affected:GIFLIB GIFLIB 5.2.1Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________giflib is vulnerable to a heap-based buffer overflow, caused by a segmentation...
Free and Open Source Inventory Management System cross-site scripting | CVE-2023-39708
NAME__________Free and Open Source Inventory Management System cross-site scriptingPlatforms Affected:Sourcecodester Free and Open Source Inventory Management System 1.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting...
Free and Open Source Inventory Management System cross-site scripting | CVE-2023-39709
NAME__________Free and Open Source Inventory Management System cross-site scriptingPlatforms Affected:Sourcecodester Free and Open Source Inventory Management System 1.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting...
OpenFGA information disclosure | CVE-2023-40579
NAME__________OpenFGA information disclosurePlatforms Affected:OpenFGA OpenFGA 1.3.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenFGA could allow a remote authenticated attacker to obtain sensitive information, caused...
FRRouting FRR and Pica8 PICOS denial of service | CVE-2023-38802
NAME__________FRRouting FRR and Pica8 PICOS denial of servicePlatforms Affected:FRRouting FRRouting 9.0 Pica8 PICOS 4.3.3.2Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________FRRouting FRR and...
Samsung Exynos Mobile Processor and Wearable Processor denial of service | CVE-2023-36481
NAME__________Samsung Exynos Mobile Processor and Wearable Processor denial of servicePlatforms Affected:Samsung Exynos Mobile Processor Samsung Exynos Wearable ProcessorRisk Level:7.5Exploitability:UnprovenConsequences:Denial of...
Spinnaker weak security | CVE-2023-39348
NAME__________Spinnaker weak securityPlatforms Affected:Spinnaker Spinnaker 1.31.0 Spinnaker Spinnaker 1.30.2 Spinnaker Spinnaker 1.29.5 Spinnaker Spinnaker 1.28.7Risk Level:4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Spinnaker could provide...
Busybox directory traversal | CVE-2023-39810
NAME__________Busybox directory traversalPlatforms Affected:Busybox BusyboxRisk Level:6.1Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Busybox could allow a local attacker to traverse directories on the system, caused...
Badaso cross-site scripting | CVE-2023-38969
NAME__________Badaso cross-site scriptingPlatforms Affected:Badaso Badaso 2.9.7Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Badaso is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
