US-CERT Vulnerability Summary for the Week of April 10, 2023

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High: vulnerabilities with a CVSS base score of 7.0–10.0
Medium: vulnerabilities with a CVSS base score of 4.0–6.9
Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
dts_electronics — redline_router	Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue affects Redline Router: before 7.17.	2023-04-14	10	CVE-2023-1803 MISC
dts_electronics — redline_router	Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue affects Redline Router: before 7.17.	2023-04-14	10	CVE-2023-1833 MISC
safe-eval_project — safe-eval	All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.	2023-04-11	10	CVE-2023-26121 MISC MISC MISC
wordpress — wordpress	A vulnerability was found in HD FLV PLayer Plugin up to 1.7. It has been rated as critical. Affected by this issue is the function hd_add_media/hd_update_media of the file functions.php. The manipulation of the argument name leads to sql injection. The attack may be launched remotely. Upgrading to version 1.8 is able to address this issue. The name of the patch is 34d66b9f3231a0e2dc0e536a6fe615d736e863f7. It is recommended to upgrade the affected component. VDB-225350 is the identifier assigned to this vulnerability.	2023-04-09	9.8	CVE-2012-10011 MISC MISC MISC
wordpress — wordpress	A vulnerability, which was classified as critical, has been found in Dynamic Widgets Plugin up to 1.5.10. This issue affects some unknown processing of the file classes/dynwid_class.php. The manipulation leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.5.11 is able to address this issue. The name of the patch is d0a19c6efcdc86d7093b369bc9e29a0629e57795. It is recommended to upgrade the affected component. The identifier VDB-225353 was assigned to this vulnerability.	2023-04-10	9.8	CVE-2015-10100 MISC MISC MISC MISC
apple — iphone_os	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges	2023-04-10	9.8	CVE-2022-46709 MISC
wordpress — wordpress	The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module.	2023-04-10	9.8	CVE-2023-1478 MISC
tcpdump — tcpdump	The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.	2023-04-07	9.8	CVE-2023-1801 MISC MISC
eskom_computer — water_metering_software	Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Eskom Computer Water Metering Software allows Command Line Execution through SQL Injection.This issue affects Water Metering Software: before 23.04.06.	2023-04-14	9.8	CVE-2023-1863 MISC
sourcecodester — simple_and_beautiful_shopping_cart_system	A vulnerability, which was classified as critical, has been found in SourceCodester Simple and Beautiful Shopping Cart System 1.0. This issue affects some unknown processing of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225317 was assigned to this vulnerability.	2023-04-07	9.8	CVE-2023-1941 MISC MISC MISC
sourcecodester — online_computer_and_laptop_store	A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/?page=user of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225319.	2023-04-07	9.8	CVE-2023-1942 MISC MISC MISC
sourcecodester — online_computer_and_laptop_store	A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this issue is the function delete_brand of the file /admin/maintenance/brand.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-225338 is the identifier assigned to this vulnerability.	2023-04-08	9.8	CVE-2023-1951 MISC MISC MISC
sourcecodester — online_computer_and_laptop_store	A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as critical. This affects an unknown part of the file /?p=products of the component Product Search. The manipulation of the argument search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225339.	2023-04-08	9.8	CVE-2023-1952 MISC MISC MISC
sourcecodester — online_computer_and_laptop_store	A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is an unknown function of the file login.php of the component User Registration. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225342 is the identifier assigned to this vulnerability.	2023-04-08	9.8	CVE-2023-1955 MISC MISC MISC
sourcecodester — online_computer_and_laptop_store	A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /classes/Master.php?f=delete_sub_category. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225345 was assigned to this vulnerability.	2023-04-08	9.8	CVE-2023-1958 MISC MISC MISC
sourcecodester — — online_eyewear_shop	A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file /admin/inventory/manage_stock.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-225406 is the identifier assigned to this vulnerability.	2023-04-10	9.8	CVE-2023-1969 MISC MISC MISC
microsoft — multiple_products	Microsoft Message Queuing Remote Code Execution Vulnerability	2023-04-11	9.8	CVE-2023-21554 MISC
dlink — dir-882_a1_firmware	D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack overflow in the sub_48AC20 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-24797 MISC MISC
dlink — dir-878_firmware	D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-24798 MISC MISC
dlink — dir-878_firmware	D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-24799 MISC MISC
dlink — dir-878_firmware	D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-24800 MISC MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25210 MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25211 MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25212 MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the check_param_changed function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25213 MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25214 MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25215 MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25216 MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formWifiBasicSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25217 MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25218 MISC MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25219 MISC
tenda — ac5_firmware	Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the add_white_node function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-25220 MISC MISC
totolink — a7100ru_firmware	TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules.	2023-04-07	9.8	CVE-2023-26848 MISC
totolink — a7100ru_firmware	TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg.	2023-04-07	9.8	CVE-2023-26978 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27012 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27013 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_46AC38 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27014 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_4A75C0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27015 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27016 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45DC58 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27017 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45EC1C function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27018 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_458FBC function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27019 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27020 MISC
tenda — ac10_firmware	Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-07	9.8	CVE-2023-27021 MISC
cdesigner_project — cdesigner	Prestashop cdesigner v3.1.3 to v3.1.8 was discovered to contain a code injection vulnerability via the component CdesignerSaverotateModuleFrontController::initContent().	2023-04-07	9.8	CVE-2023-27033 MISC MISC
tenda — g103_firmware	Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter.	2023-04-10	9.8	CVE-2023-27076 MISC
gdidees — gdidees_cms	An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file.	2023-04-10	9.8	CVE-2023-27178 MISC MISC MISC MISC
apache — linkis	In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions <=1.3.1, we suggest turning on the file path check switch in linkis.properties `wds.linkis.workspace.filesystem.owner.check=true` `wds.linkis.workspace.filesystem.path.check=true`	2023-04-10	9.8	CVE-2023-27602 MISC MISC
apache — linkis	In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2.	2023-04-10	9.8	CVE-2023-27603 MISC MISC
apusapps — launcher	An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute arbitrary code via the FONT_FILE parameter.	2023-04-10	9.8	CVE-2023-27650 MISC MISC MISC
dlink — dir-878_firmware	D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-09	9.8	CVE-2023-27720 MISC MISC
microsoft — windows_server_2008	Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability	2023-04-11	9.8	CVE-2023-28250 MISC
siemens — multiple_products	A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation” is enabled. The parameter is disabled by default. The vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device.	2023-04-11	9.8	CVE-2023-28489 MISC
apache — airflow_hive_provider	Improper Control of Generation of Code (‘Code Injection’) vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0.	2023-04-07	9.8	CVE-2023-28706 MISC MISC MISC
sap — businessobjects_business_intelligence	An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) – versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user, the attacker can perform operations that can completely compromise the application.	2023-04-11	9.8	CVE-2023-28765 MISC MISC
apache — linkis	In Apache Linkis <=1.3.1, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.2.	2023-04-10	9.8	CVE-2023-29215 MISC MISC
apache — linkis	In Apache Linkis <=1.3.1, because the parameters are not effectively filtered, the attacker uses the MySQL data source and malicious parameters to configure a new data source to trigger a deserialization vulnerability, eventually leading to remote code execution. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.2.	2023-04-10	9.8	CVE-2023-29216 MISC MISC
progress — sitefinity	An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector.	2023-04-10	9.8	CVE-2023-29375 MISC MISC
bibliocraftmod — bibliocraft	BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. This includes the Minecraft mods folder, which results in code execution.	2023-04-07	9.8	CVE-2023-29478 MISC
simple_and_beautiful_shopping_cart_system_project — simple_and_beautiful_shopping_cart_system	A vulnerability classified as critical was found in SourceCodester Simple and Beautiful Shopping Cart System 1.0. This vulnerability affects unknown code of the file delete_user_query.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225316.	2023-04-07	9.1	CVE-2023-1940 MISC MISC MISC
apache — linkis	In Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values. We recommend users upgrade the version of Linkis to version 1.3.2 And modify the default token value. You can refer to Token authorization[1] https://linkis.apache.org/docs/latest/auth/token https://linkis.apache.org/docs/latest/auth/token	2023-04-10	9.1	CVE-2023-27987 MISC MISC
bestwebsoft — facebook_button	A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbk_bttn_plgn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The name of the patch is 33144ae5a45ed07efe7fceca901d91365fdbf7cb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-225355.	2023-04-10	8.8	CVE-2012-10012 MISC MISC MISC
scada-lts — scada-lts	An privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build 2948559113 allows remote attackers, authenticated in the application as a low-privileged user to change role (e.g., to administrator) by updating their user profile.	2023-04-10	8.8	CVE-2022-41976 MISC MISC MISC
joomunited — wp_meta_seo	The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code execution.	2023-04-10	8.8	CVE-2023-1381 MISC MISC
crocoblock — jetengine_for_elementor	The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files without adequately ensuring that they are not executable, leading to a remote code execution vulnerability.	2023-04-10	8.8	CVE-2023-1406 MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/sales/index.php. The manipulation of the argument date_start/date_end leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225340.	2023-04-08	8.8	CVE-2023-1953 MISC MISC MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been rated as critical. This issue affects the function save_inventory of the file /admin/product/manage.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225341 was assigned to this vulnerability.	2023-04-08	8.8	CVE-2023-1954 MISC MISC MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_img of the component Image Handler. The manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225343.	2023-04-08	8.8	CVE-2023-1956 MISC MISC MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_sub_category of the component Subcategory Handler. The manipulation of the argument sub_category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225344.	2023-04-08	8.8	CVE-2023-1957 MISC MISC MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_category. The manipulation of the argument category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-225346 is the identifier assigned to this vulnerability.	2023-04-08	8.8	CVE-2023-1959 MISC MISC MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225347.	2023-04-08	8.8	CVE-2023-1960 MISC MISC MISC
microsoft — multiple_products	Remote Procedure Call Runtime Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-21727 MISC
microsoft — windows_server_2012	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-24884 MISC
microsoft — windows_server_2012	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-24886 MISC
microsoft — windows_server_2008	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-24887 MISC
microsoft — windows_server_2012	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-24924 MISC
microsoft — windows_server_2012	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-24925 MISC
microsoft — windows_server_2012	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-24926 MISC
microsoft — windows_server_2012	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-24927 MISC
microsoft — windows_server_2012	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-24928 MISC
microsoft — windows_server_2012	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-24929 MISC
pgyer — codefever	codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a remote code execution (RCE) vulnerability via the component /controllers/api/user.php.	2023-04-07	8.8	CVE-2023-26817 MISC
save_your_carts_and_buy_later_or_send_it_project — save_your_carts_and_buy_later_or_send_it	SQL injection vulnerability found in PrestaShop Igbudget v.1.0.3 and before allow a remote attacker to gain privileges via the LgBudgetBudgetModuleFrontController::displayAjaxGenerateBudget component.	2023-04-10	8.8	CVE-2023-26860 MISC MISC
apple — safari	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.	2023-04-10	8.8	CVE-2023-28205 MISC MISC MISC MISC FULLDISC FULLDISC FULLDISC FULLDISC
microsoft — windows_server_2008	Windows Network Load Balancing Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-28240 MISC
microsoft — windows_server_2012	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-28243 MISC
microsoft — windows_server_2008	Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability	2023-04-11	8.8	CVE-2023-28275 MISC
microsoft — multiple_products	Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability	2023-04-11	8.8	CVE-2023-28297 MISC
sap — landscape_management	An information disclosure vulnerability exists in SAP Landscape Management – version 3.0, enterprise edition. It allows an authenticated SAP Landscape Management user to obtain privileged access to other systems making those other systems vulnerable to information disclosure and modification.The disclosed information is for Diagnostics Agent Connection via Java SCS Message Server of an SAP Solution Manager system and can only be accessed by authenticated SAP Landscape Management users, but they can escalate their privileges to the SAP Solution Manager system.	2023-04-11	8.7	CVE-2023-26458 MISC MISC
apple — ipados	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Big Sur 11.7.6, macOS Ventura 13.3.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.	2023-04-10	8.6	CVE-2023-28206 MISC MISC MISC MISC MISC FULLDISC FULLDISC FULLDISC FULLDISC FULLDISC
microsoft — raw_image_extension	Raw Image Extension Remote Code Execution Vulnerability	2023-04-11	8.4	CVE-2023-28291 MISC
ibm — sterling_order_management	IBM Sterling Order Management 10.0 could allow a user to bypass validation and perform unauthorized actions on behalf of other users. IBM X-Force ID: 229320.	2023-04-07	8.1	CVE-2022-33959 MISC MISC
sap — diagnostics_agent	Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP Diagnostics Agent – version 720, allows an attacker with deep knowledge of the system to execute scripts on all connected Diagnostics Agents. On successful exploitation, the attacker can completely compromise confidentiality, integrity and availability of the system.	2023-04-11	8.1	CVE-2023-27267 MISC MISC
microsoft — windows_server_2008	Layer 2 Tunneling Protocol Remote Code Execution Vulnerability	2023-04-11	8.1	CVE-2023-28219 MISC
microsoft — windows_server_2008	Layer 2 Tunneling Protocol Remote Code Execution Vulnerability	2023-04-11	8.1	CVE-2023-28220 MISC
microsoft — windows_server_2008	Windows Kerberos Elevation of Privilege Vulnerability	2023-04-11	8.1	CVE-2023-28244 MISC
microsoft — windows_server	Netlogon RPC Elevation of Privilege Vulnerability	2023-04-11	8.1	CVE-2023-28268 MISC
microsoft — windows_server_2008	DHCP Server Service Remote Code Execution Vulnerability	2023-04-11	8	CVE-2023-28231 MISC
apple — macos	A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges	2023-04-10	7.8	CVE-2022-42858 MISC
adobe — digital_editions	Adobe Digital Editions version 4.5.11.187303 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-21582 MISC
adobe — incopy	InCopy versions 18.1 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-22235 MISC
microsoft — ole_db_driver	Microsoft ODBC and OLE DB Remote Code Execution Vulnerability	2023-04-11	7.8	CVE-2023-23375 MISC
gnu — screen	socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process.	2023-04-08	7.8	CVE-2023-24626 CONFIRM MISC MISC
microsoft — visual_studio_code	Visual Studio Code Remote Code Execution Vulnerability	2023-04-11	7.8	CVE-2023-24893 MISC
microsoft — windows_server_2008	Windows Graphics Component Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-24912 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26371 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26372 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26373 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26383 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26384 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26388 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26389 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26390 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26391 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26392 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26393 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26394 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26395 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26396 MISC
adobe — substance3d-designer	Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-13	7.8	CVE-2023-26398 MISC
adobe — substance3d-stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26402 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26405 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26406 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26407 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26408 MISC
adobe — substance3d-designer	Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-13	7.8	CVE-2023-26409 MISC
adobe — substance3d-designer	Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-13	7.8	CVE-2023-26410 MISC
adobe — substance3d-designer	Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-13	7.8	CVE-2023-26411 MISC
adobe — substance3d-designer	Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-13	7.8	CVE-2023-26412 MISC
adobe — substance3d-designer	Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-13	7.8	CVE-2023-26413 MISC
adobe — substance3d-designer	Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-13	7.8	CVE-2023-26414 MISC
adobe — substance3d-designer	Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-13	7.8	CVE-2023-26415 MISC
adobe — substance3d-designer	Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-13	7.8	CVE-2023-26416 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26417 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26418 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26419 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26420 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Integer Underflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26421 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26422 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26423 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26424 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	7.8	CVE-2023-26425 MISC
pega — synchronization_engine	A user with non-Admin access can change a configuration file on the client to modify the Server URL.	2023-04-10	7.8	CVE-2023-26466 MISC
opendesign — drawings_sdk	An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code.	2023-04-10	7.8	CVE-2023-26495 MISC
chinamobileltd — oa_mailbox_pc	An issue in China Mobile OA Mailbox PC v2.9.23 allows remote attackers to execute arbitrary commands on a victim host via user interaction with a crafted EML file sent to their OA mailbox.	2023-04-10	7.8	CVE-2023-26986 MISC MISC
dell — power_manager	Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit this vulnerability to elevate privileges on the system.	2023-04-07	7.8	CVE-2023-28051 MISC
microsoft — multiple_products	Windows NTLM Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-28225 MISC
microsoft — multiple_products	Windows Kernel Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-28236 MISC
microsoft — multiple_products	Windows Kernel Remote Code Execution Vulnerability	2023-04-11	7.8	CVE-2023-28237 MISC
microsoft — multiple_ products	Windows Registry Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-28246 MISC
microsoft — multiple_products	Windows Kernel Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-28248 MISC
microsoft — multiple_products	Windows Common Log File System Driver Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-28252 MISC
microsoft — multiple_products	.NET DLL Hijacking Remote Code Execution Vulnerability	2023-04-11	7.8	CVE-2023-28260 MISC
microsoft — visual_studio	Visual Studio Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-28262 MISC
microsoft — windows_server_2008	Windows Kernel Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-28272 MISC
microsoft — multiple_products	Windows Win32k Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-28274 MISC
microsoft — multiple_products	Microsoft Office Remote Code Execution Vulnerability	2023-04-11	7.8	CVE-2023-28285 MISC
microsoft — raw_image_extendion	Raw Image Extension Remote Code Execution Vulnerability	2023-04-11	7.8	CVE-2023-28292 MISC
microsoft — multiple_products	Windows Kernel Elevation of Privilege Vulnerability	2023-04-11	7.8	CVE-2023-28293 MISC
microsoft — visual_studio	Visual Studio Remote Code Execution Vulnerability	2023-04-11	7.8	CVE-2023-28296 MISC
microsoft — multiple_products	Microsoft ODBC and OLE DB Remote Code Execution Vulnerability	2023-04-11	7.8	CVE-2023-28304 MISC
microsoft — multiple_products	Microsoft Word Remote Code Execution Vulnerability	2023-04-11	7.8	CVE-2023-28311 MISC
siemens — multiple_products	A vulnerability has been identified in JT Open (All versions < V11.3.2.0), JT Utilities (All versions < V13.3.0.0). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.	2023-04-11	7.8	CVE-2023-29053 MISC
linux — linux_kernel	An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.	2023-04-10	7.8	CVE-2023-30456 MISC MISC
microsoft — multiple_products	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	2023-04-11	7.6	CVE-2023-28309 MISC
lua — lua	In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read.	2023-04-10	7.5	CVE-2021-45985 MISC MISC MISC
ibm — sterling_order_management	IBM Sterling Order Management 10.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 229698.	2023-04-07	7.5	CVE-2022-34333 MISC MISC
siemens — multiple_products	A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.	2023-04-11	7.5	CVE-2022-43716 MISC
siemens — multiple_products	A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.	2023-04-11	7.5	CVE-2022-43767 MISC
siemens — multiple_products	A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.	2023-04-11	7.5	CVE-2022-43768 MISC
apple — ipados	A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. Private Relay functionality did not match system settings	2023-04-10	7.5	CVE-2022-46716 MISC MISC
microsoft — multiple_products	Microsoft Message Queuing Denial of Service Vulnerability	2023-04-11	7.5	CVE-2023-21769 MISC
microsoft — multiple_products	Microsoft Defender Denial of Service Vulnerability	2023-04-11	7.5	CVE-2023-24860 MISC
microsoft — multiple_products	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	2023-04-11	7.5	CVE-2023-24885 MISC
microsoft — multiple_products	Windows Secure Channel Denial of Service Vulnerability	2023-04-11	7.5	CVE-2023-24931 MISC
aten — pe8108_firmware	Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated access to Telnet and SNMP credentials.	2023-04-11	7.5	CVE-2023-25413 MISC
siteproxy_project — siteproxy	siteproxy v1.0 was discovered to contain a path traversal vulnerability via the component index.js.	2023-04-07	7.5	CVE-2023-26820 MISC
gdidees — gdidees_cms	GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php.	2023-04-07	7.5	CVE-2023-27180 MISC MISC MISC
dualspace — super_security	An issue found in DUALSPACE Super Security v.2.3.7 allows an attacker to cause a denial of service via the SharedPreference files.	2023-04-11	7.5	CVE-2023-27191 MISC MISC MISC
microsoft — windows_server_2008	Windows Network Address Translation (NAT) Denial of Service Vulnerability	2023-04-11	7.5	CVE-2023-28217 MISC
microsoft — windows_server_2008	Windows Bluetooth Driver Remote Code Execution Vulnerability	2023-04-11	7.5	CVE-2023-28227 MISC
microsoft — windows_server_2008	Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability	2023-04-11	7.5	CVE-2023-28232 MISC
microsoft — windows_server_2022	Windows Secure Channel Denial of Service Vulnerability	2023-04-11	7.5	CVE-2023-28233 MISC
microsoft — windows_server_2022	Windows Secure Channel Denial of Service Vulnerability	2023-04-11	7.5	CVE-2023-28234 MISC
microsoft — windows_server_2008	Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability	2023-04-11	7.5	CVE-2023-28238 MISC
microsoft — windows_server_2008	Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability	2023-04-11	7.5	CVE-2023-28241 MISC
microsoft — multiple_products	Windows Network File System Information Disclosure Vulnerability	2023-04-11	7.5	CVE-2023-28247 MISC
microsoft — multiple_products	Azure Service Connector Security Feature Bypass Vulnerability	2023-04-11	7.5	CVE-2023-28300 MISC
microsoft — multiple_products	Microsoft Message Queuing Denial of Service Vulnerability	2023-04-11	7.5	CVE-2023-28302 MISC
apache — airflow_drill_provider	Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2.	2023-04-07	7.5	CVE-2023-28707 MISC MISC MISC
apache — airflow_spark_provider	Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1.	2023-04-07	7.5	CVE-2023-28710 MISC MISC MISC
siemens — multiple_products	A vulnerability has been identified in SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.40), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MU85 (CP300) (All versions < V9.40), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.40), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.40), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.40), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.40), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.40), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.40), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.40), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.40), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.40), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.40), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.40), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions < V9.40), SIPROTEC 5 7SX82 (CP150) (All versions < V9.40), SIPROTEC 5 7SX85 (CP300) (All versions < V9.40), SIPROTEC 5 7UM85 (CP300) (All versions < V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.40), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.40), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.40), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.40), SIPROTEC 5 7VE85 (CP300) (All versions < V9.40), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.40), SIPROTEC 5 7VU85 (CP300) (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.40). Affected devices lack proper validation of http request parameters of the hosted web service. An unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device.	2023-04-11	7.5	CVE-2023-28766 MISC
wacom — driver	Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion vulnerability.	2023-04-11	7.3	CVE-2022-38604 MISC MISC MISC
microsoft — sql_server	Microsoft SQL Server Remote Code Execution Vulnerability	2023-04-11	7.3	CVE-2023-23384 MISC
siemens — multiple_products	A vulnerability has been identified in TIA Portal V15 (All versions), TIA Portal V16 (All versions), TIA Portal V17 (All versions), TIA Portal V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.	2023-04-11	7.3	CVE-2023-26293 MISC
groundhogg — groundhogg	The WordPress CRM, Email & Marketing Automation for WordPress \| Award Winner — Groundhogg WordPress plugin before 2.7.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins	2023-04-10	7.2	CVE-2023-1425 MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. This issue affects the function save_brand of the file /classes/Master.php?f=save_brand. The manipulation of the argument name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225533 was assigned to this vulnerability.	2023-04-11	7.2	CVE-2023-1985 MISC MISC MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function delete_order of the file /classes/master.php?f=delete_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225534 is the identifier assigned to this vulnerability.	2023-04-11	7.2	CVE-2023-1986 MISC MISC MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is the function update_order_status of the file /classes/Master.php?f=update_order_status. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225535.	2023-04-11	7.2	CVE-2023-1987 MISC MISC MISC
aten — pe8108_firmware	Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have read access to administrator credentials.	2023-04-11	7.2	CVE-2023-25407 MISC
javadelight — nashorn_sandbox	delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When allowExitFunctions is set to false, the loadWithNewGlobal function can be used to invoke the exit and quit methods to exit the Java process.	2023-04-10	7.2	CVE-2023-26919 MISC
microsoft — mulitple_products	Windows DNS Server Remote Code Execution Vulnerability	2023-04-11	7.2	CVE-2023-28254 MISC
google — android	In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.	2023-04-11	7.1	CVE-2022-47338 MISC
ibm — tririga_application_platform	IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249975.	2023-04-07	7.1	CVE-2023-27876 MISC MISC
microsoft — windows_server_2008	Windows Kernel Elevation of Privilege Vulnerability	2023-04-11	7.1	CVE-2023-28222 MISC
microsoft — multiple_products	Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability	2023-04-11	7.1	CVE-2023-28224 MISC
microsoft — windows_11_22h2	Win32k Elevation of Privilege Vulnerability	2023-04-11	7	CVE-2023-24914 MISC
microsoft — windows_server_2008	Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability	2023-04-11	7	CVE-2023-28216 MISC
microsoft — windows_server_2008	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	2023-04-11	7	CVE-2023-28218 MISC
microsoft — multiple_products	Windows Error Reporting Service Elevation of Privilege Vulnerability	2023-04-11	7	CVE-2023-28221 MISC
microsoft — multiple_products	Windows CNG Key Isolation Service Elevation of Privilege Vulnerability	2023-04-11	7	CVE-2023-28229 MISC
microsoft — multiple_products	Windows Clip Service Elevation of Privilege Vulnerability	2023-04-11	7	CVE-2023-28273 MISC

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
microsoft — windows_server_2019	Windows Lock Screen Security Feature Bypass Vulnerability	2023-04-11	6.8	CVE-2023-28235 MISC
microsoft — multiple_products	Windows Lock Screen Security Feature Bypass Vulnerability	2023-04-11	6.8	CVE-2023-28270 MISC
siemens– multiple_products	A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.	2023-04-11	6.7	CVE-2023-29054 MISC
microsoft — multiple_products	Windows Domain Name Service Remote Code Execution Vulnerability	2023-04-11	6.6	CVE-2023-28223 MISC
microsoft — multiple_products	Windows DNS Server Remote Code Execution Vulnerability	2023-04-11	6.6	CVE-2023-28255 MISC
microsoft — multiple_products	Windows DNS Server Remote Code Execution Vulnerability	2023-04-11	6.6	CVE-2023-28256 MISC
microsoft — multiple_products	Windows DNS Server Remote Code Execution Vulnerability	2023-04-11	6.6	CVE-2023-28278 MISC
microsoft — multiple_products	Windows DNS Server Remote Code Execution Vulnerability	2023-04-11	6.6	CVE-2023-28305 MISC
microsoft — multiple_products	Windows DNS Server Remote Code Execution Vulnerability	2023-04-11	6.6	CVE-2023-28306 MISC
microsoft — multiple_products	Windows DNS Server Remote Code Execution Vulnerability	2023-04-11	6.6	CVE-2023-28307 MISC
microsoft — multiple_products	Windows DNS Server Remote Code Execution Vulnerability	2023-04-11	6.6	CVE-2023-28308 MISC
ibm — db2_mirror_for_i	The IBM Toolbox for Java (Db2 Mirror for i 7.4 and 7.5) could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could be visible in memory over an indefinite amount of time. IBM has addressed this issue by reducing the amount of time the sensitive data is visible in memory. IBM X-Force ID: 241675.	2023-04-07	6.5	CVE-2022-43928 MISC MISC
keetrax — wp_tiles	The WP Tiles WordPress plugin through 1.1.2 does not ensure that posts to be displayed are not draft/private, allowing any authenticated users, such as subscriber to retrieve the titles of draft and privates posts for example. AN attacker could also retrieve the title of any other type of post.	2023-04-10	6.5	CVE-2023-1426 MISC
bp_monitoring_management_system_project — bp_monitoring_management_system	A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225318 is the identifier assigned to this vulnerability.	2023-04-07	6.5	CVE-2023-1909 MISC MISC MISC
microsoft — multiple_products	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	2023-04-11	6.5	CVE-2023-24883 MISC
microsoft — multiple_products	Remote Desktop Protocol Client Information Disclosure Vulnerability	2023-04-11	6.5	CVE-2023-28267 MISC
microsoft — multiple_products	Microsoft SharePoint Server Spoofing Vulnerability	2023-04-11	6.5	CVE-2023-28288 MISC
microsoft — azure_machine_learning_information	Azure Machine Learning Information Disclosure Vulnerability	2023-04-11	6.5	CVE-2023-28312 MISC
zohocorp — manageengine_applications_manager	Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack.	2023-04-11	6.5	CVE-2023-28340 MISC MISC
sap — netweaver_enterprise_portal	In SAP NetWeaver Enterprise Portal – version 7.50, an unauthenticated attacker can attach to an open interface and make use of an open API to access a service which will enable them to access or modify server settings and data, leading to limited impact on confidentiality and integrity.	2023-04-11	6.5	CVE-2023-28761 MISC MISC
sap — netweaver_application_server_abap	SAP NetWeaver AS for ABAP and ABAP Platform – versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server’s resources sufficiently to make it unavailable over the network without any user interaction.	2023-04-11	6.5	CVE-2023-28763 MISC MISC
sap — customer_relationship_management	In SAP CRM – versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote execution authorization can use a vulnerable interface to execute an application function to perform actions which they would not normally be permitted to perform. Depending on the function executed, the attack can can have limited impact on confidentiality and integrity of non-critical user or application data and application availability.	2023-04-11	6.3	CVE-2023-27897 MISC MISC
siemens — multiple_products	A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC647D (All versions), SIMATIC IPC647E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC847D (All versions), SIMATIC IPC847E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows). The Adaptec Maxview application on affected devices is using a non-unique TLS certificate across installations to protect the communication from the local browser to the local application. A local attacker may use this key to decrypt intercepted local traffic between the browser and the application and could perform a man-in-the-middle attack in order to modify data in transit.	2023-04-11	6.2	CVE-2023-23588 MISC
microsoft — malware_protection_engine	Microsoft Defender Security Feature Bypass Vulnerability	2023-04-14	6.2	CVE-2023-24934 MISC
microsoft — multiple_products	Windows Boot Manager Security Feature Bypass Vulnerability	2023-04-11	6.2	CVE-2023-28249 MISC
microsoft — multiple_products	Windows Boot Manager Security Feature Bypass Vulnerability	2023-04-11	6.2	CVE-2023-28269 MISC
sandbox_theme_project — sandbox_theme	A vulnerability was found in Turante Sandbox Theme up to 1.5.2. It has been classified as problematic. This affects the function sandbox_body_class of the file functions.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.6.1 is able to address this issue. The name of the patch is 8045b1e10970342f558b2c5f360e0bd135af2b10. It is recommended to upgrade the affected component. The identifier VDB-225357 was assigned to this vulnerability.	2023-04-10	6.1	CVE-2009-10004 MISC MISC MISC MISC
fancy_gallery_project — fancy_gallery	A vulnerability was found in Fancy Gallery Plugin 1.5.12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file class.options.php of the component Options Page. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.5.13 is able to address this issue. The name of the patch is fdf1f9e5a1ec738900f962e69c6fa4ec6055ed8d. It is recommended to upgrade the affected component. The identifier VDB-225349 was assigned to this vulnerability.	2023-04-10	6.1	CVE-2014-125096 MISC MISC MISC
bestwebsoft — facebook_button	A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.34 is able to address this issue. The name of the patch is b766da8fa100779409a953f0e46c2a2448cbe99c. It is recommended to upgrade the affected component. VDB-225354 is the identifier assigned to this vulnerability.	2023-04-10	6.1	CVE-2014-125097 MISC MISC MISC
dart — http_server	A vulnerability was found in Dart http_server up to 0.9.5 and classified as problematic. Affected by this issue is the function VirtualDirectory of the file lib/src/virtual_directory.dart of the component Directory Listing Handler. The manipulation of the argument request.uri.path leads to cross site scripting. The attack may be launched remotely. Upgrading to version 0.9.6 is able to address this issue. The name of the patch is 27c1cbd8125bb0369e675eb72e48218496e48ffb. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225356.	2023-04-10	6.1	CVE-2014-125098 MISC MISC MISC MISC MISC
pingidentity — self-service_account_manager	A vulnerability, which was classified as problematic, has been found in Ping Identity Self-Service Account Manager 1.1.2. Affected by this issue is some unknown functionality of the file src/main/java/com/unboundid/webapp/ssam/SSAMController.java. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.1.3 is able to address this issue. The name of the patch is f64b10d63bb19ca2228b0c2d561a1a6e5a3bf251. It is recommended to upgrade the affected component. VDB-225362 is the identifier assigned to this vulnerability.	2023-04-10	6.1	CVE-2018-25084 MISC MISC MISC MISC
servicenow — servicenow	ServiceNow Tokyo allows XSS.	2023-04-10	6.1	CVE-2022-39048 MISC MISC
stylishcostcalculator — stylish_cost_calculator	The stylish-cost-calculator-premium WordPress plugin before 7.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Stored Cross-Site Scripting which could be used against admins when viewing submissions submitted through the Email Quote Form.	2023-04-10	6.1	CVE-2023-0983 MISC
microsoft — edge_chromium	Microsoft Edge (Chromium-based) Spoofing Vulnerability	2023-04-11	6.1	CVE-2023-24935 MISC
kibokolabs — arigato_autoresponder_and_newsletter	Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.	2023-04-07	6.1	CVE-2023-25020 MISC
cththemes — monolit	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Monolit theme <= 2.0.6 versions.	2023-04-07	6.1	CVE-2023-25041 MISC
wpglobus — wpglobus_translate_options	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPGlobus WPGlobus Translate Options plugin <= 2.1.0 versions.	2023-04-07	6.1	CVE-2023-25711 MISC
fullworksplugins — quick_paypal_payments	Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.	2023-04-07	6.1	CVE-2023-25713 MISC
sales_tracker_management_system_project — sales_tracker_management_system	Cross Site Scripting vulnerability found in Sales Tracker Management System v.1.0 allows a remote attacker to gain privileges via the product list function in the Master.php file.	2023-04-10	6.1	CVE-2023-26773 MISC MISC MISC MISC
veritas — netbackup_appliance_firmware	Veritas Appliance v4.1.0.1 is affected by Host Header Injection attacks. HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address.	2023-04-10	6.1	CVE-2023-26788 MISC MISC
microsoft — multiple_products	Microsoft Dynamics 365 Customer Voice Cross-Site Scripting Vulnerability	2023-04-11	6.1	CVE-2023-28313 MISC
microsoft — multiple_products	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	2023-04-11	6.1	CVE-2023-28314 MISC
zohocorp — manageengine_applications_manager	Stored Cross site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager through 16340 allows an unauthenticated user to inject malicious javascript on the incorrect login details page.	2023-04-11	6.1	CVE-2023-28341 MISC MISC
cimatti — wordpress_contact_forms	Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.5.4 versions.	2023-04-07	6.1	CVE-2023-28781 MISC
cimatti — wordpress_contact_forms	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.5.4 versions.	2023-04-07	6.1	CVE-2023-28789 MISC
i13websolution — continuous_image_carosel_with_lightbox	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin <= 1.0.15 versions.	2023-04-07	6.1	CVE-2023-28792 MISC
magic-post-thumbnail — magic_post_thumbnail	Unauth. Reflected Cross-site Scripting (XSS) vulnerability in Magic Post Thumbnail plugin <= 4.1.10 versions.	2023-04-07	6.1	CVE-2023-29171 MISC
wp-property-hive — propertyhive	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.46 versions.	2023-04-07	6.1	CVE-2023-29172 MISC
cththemes — outdoor	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Outdoor theme <= 3.9.6 versions.	2023-04-07	6.1	CVE-2023-29236 MISC
implecode — product_catalog_simple	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in impleCode Product Catalog Simple plugin <= 1.6.17 versions.	2023-04-07	6.1	CVE-2023-29388 MISC
wacom — driver	Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe.	2023-04-11	5.9	CVE-2022-43293 MISC MISC MISC
allegro — bigflow	Allegro Tech BigFlow <1.6 is vulnerable to Missing SSL Certificate Validation.	2023-04-10	5.9	CVE-2023-25392 MISC MISC
canonical — ubuntu_linux	It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.	2023-04-07	5.5	CVE-2020-11935 UBUNTU UBUNTU
apple — ipados	A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2. An app may be able to read sensitive location information	2023-04-10	5.5	CVE-2022-46703 MISC MISC MISC
google — android	In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.	2023-04-11	5.5	CVE-2022-47335 MISC
google — android	In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.	2023-04-11	5.5	CVE-2022-47336 MISC
google — android	In media service, there is a missing permission check. This could lead to local denial of service in media service.	2023-04-11	5.5	CVE-2022-47337 MISC
google — android	In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.	2023-04-11	5.5	CVE-2022-47362 MISC
google — android	In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.	2023-04-11	5.5	CVE-2022-47463 MISC
google — android	In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.	2023-04-11	5.5	CVE-2022-47464 MISC
google — android	In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service.	2023-04-11	5.5	CVE-2022-47465 MISC
google — android	In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.	2023-04-11	5.5	CVE-2022-47466 MISC
google — android	In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.	2023-04-11	5.5	CVE-2022-47467 MISC
google — android	In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.	2023-04-11	5.5	CVE-2022-47468 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26374 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26375 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26376 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26377 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26378 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26379 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26380 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26381 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26382 MISC
adobe — substance_3d_stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26385 MISC
adobe — substance_3d_stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26386 MISC
adobe — substance_3d_stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26387 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26397 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26400 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26401 MISC
adobe — substance_3d_stager	Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26403 MISC
adobe — dimension	Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2023-04-12	5.5	CVE-2023-26404 MISC
microsoft — windows_server_2008	Windows Spoofing Vulnerability	2023-04-11	5.5	CVE-2023-28228 MISC
microsoft — windows_server_2008	Windows Kernel Information Disclosure Vulnerability	2023-04-11	5.5	CVE-2023-28253 MISC
microsoft — visual_studio	Visual Studio Information Disclosure Vulnerability	2023-04-11	5.5	CVE-2023-28263 MISC
microsoft — windows_server_2008	Windows Common Log File System Driver Information Disclosure Vulnerability	2023-04-11	5.5	CVE-2023-28266 MISC
microsoft — windows_server_2008	Windows Kernel Memory Information Disclosure Vulnerability	2023-04-11	5.5	CVE-2023-28271 MISC
microsoft — multiple_products	Windows Kernel Denial of Service Vulnerability	2023-04-11	5.5	CVE-2023-28298 MISC
microsoft — visual_studio	Visual Studio Spoofing Vulnerability	2023-04-11	5.5	CVE-2023-28299 MISC
ibm — tririga_application_platform	IBM TRIRIGA Application Platform 4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 241036.	2023-04-07	5.4	CVE-2022-43914 MISC MISC
keetrax — wp_tiles	The WP Tiles WordPress plugin through 1.1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks	2023-04-10	5.4	CVE-2022-4827 MISC
nlb-creations — scheduled_announcements_widget	The Scheduled Announcements Widget WordPress plugin before 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.	2023-04-10	5.4	CVE-2023-0363 MISC
fluentforms — contact_form	The Contact Form Plugin WordPress plugin before 4.3.25 does not properly sanitize and escape the srcdoc attribute in iframes in it’s custom HTML field type, allowing a logged in user with roles as low as contributor to inject arbitrary javascript into a form which will trigger for any visitor to the form or admins previewing or editing the form.	2023-04-10	5.4	CVE-2023-0546 MISC
prolizyazilim — student_affairs_information_system	Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Proliz OBS allows Stored XSS for an authenticated user.This issue affects OBS: before 23.04.01.	2023-04-07	5.4	CVE-2023-1726 MISC
fullworksplugins — quick_contact_form	Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Contact Form plugin <= 8.0.3.1 versions.	2023-04-07	5.4	CVE-2023-23885 MISC
openwrt — luci	LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /openvpn/pageswitch.htm.	2023-04-10	5.4	CVE-2023-24181 MISC MISC MISC
liveaction — livesp	A cross-site scripting (XSS) vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary web scripts or HTML.	2023-04-10	5.4	CVE-2023-24721 MISC MISC
kibokolabs — arigato_autoresponder_and_newsletter	Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.	2023-04-07	5.4	CVE-2023-25061 MISC
opencats — opencats	A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the city parameter at opencats/index.php?m=candidates.	2023-04-11	5.4	CVE-2023-26846 MISC MISC
opencats — opencats	A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates.	2023-04-11	5.4	CVE-2023-26847 MISC MISC
robogallery — robo_gallery	Auth. (contributor+) Stored Cross-site Scripting (XSS) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.12 versions.	2023-04-07	5.4	CVE-2023-27620 MISC
progress — sitefinity	An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries.	2023-04-10	5.4	CVE-2023-29376 MISC MISC
github — enterprise_server	An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to modify other users’ secret gists by authenticating through an SSH certificate authority. To do so, a user had to know the secret gist’s URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.9 and was fixed in versions 3.4.18, 3.5.15, 3.6.11, 3.7.8, and 3.8.1. This vulnerability was reported via the GitHub Bug Bounty program.	2023-04-07	5.3	CVE-2023-23761 MISC MISC MISC MISC MISC
github — enterprise_server	An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff. To do so, an attacker would need write access to the repository and be able to correctly guess the target branch before it’s created by the code maintainer. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.9 and was fixed in versions 3.4.18, 3.5.15, 3.6.11, 3.7.8, and 3.8.1. This vulnerability was reported via the GitHub Bug Bounty program.	2023-04-07	5.3	CVE-2023-23762 MISC MISC MISC MISC MISC
sap — netweaver_as_java_for_deploy_service	SAP NetWeaver AS Java for Deploy Service – version 7.5, does not perform any access control checks for functionalities that require user identity enabling an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access a service which will enable them to access but not modify server settings and data with no effect on availability and integrity.	2023-04-11	5.3	CVE-2023-24527 MISC MISC
aten — pe8108_firmware	Aten PE8108 2.4.232 is vulnerable to denial of service (DOS).	2023-04-11	5.3	CVE-2023-25414 MISC
aten — pe8108_firmware	Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated access to Event Notification configuration.	2023-04-11	5.3	CVE-2023-25415 MISC
siemens — mendix_forgot_password	A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions < V3.7.1), Mendix Forgot Password (Mendix 8 compatible) (All versions < V4.1.1), Mendix Forgot Password (Mendix 9 compatible) (All versions < V5.1.1). The affected versions of the module contain an observable response discrepancy issue that could allow an attacker to retrieve sensitive information.	2023-04-11	5.3	CVE-2023-27464 MISC
microsoft — multiple_products	Windows Enroll Engine Security Feature Bypass Vulnerability	2023-04-11	5.3	CVE-2023-28226 MISC
siemens — polarion_alm	A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.	2023-04-11	5.3	CVE-2023-28828 MISC
updraftplus — all-in-one_security	The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not limit what log files to display in it’s settings pages, allowing an authorized user (admin+) to view the contents of arbitrary files and list directories anywhere on the server (to which the web server has access). The plugin only displays the last 50 lines of the file.	2023-04-10	4.9	CVE-2023-0156 MISC
h3c — magic_r100_firmware	H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2023-04-07	4.9	CVE-2023-27801 MISC
h3c — magic_r100_firmware	H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditvsList parameter at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2023-04-07	4.9	CVE-2023-27802 MISC
h3c — magic_r100_firmware	H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2023-04-07	4.9	CVE-2023-27803 MISC
h3c — magic_r100_firmware	H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2023-04-07	4.9	CVE-2023-27804 MISC
h3c — magic_r100_firmware	H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2023-04-07	4.9	CVE-2023-27805 MISC
h3c — magic_r100_firmware	H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2023-04-07	4.9	CVE-2023-27806 MISC
h3c — magic_r100_firmware	H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2023-04-07	4.9	CVE-2023-27807 MISC
h3c — magic_r100_firmware	H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2023-04-07	4.9	CVE-2023-27808 MISC
h3c — magic_r100_firmware	H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2023-04-07	4.9	CVE-2023-27810 MISC
microsoft — multiple_products	Windows DNS Server Information Disclosure Vulnerability	2023-04-11	4.9	CVE-2023-28277 MISC
updraftplus — all-in-one_security	The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not escape the content of log files before outputting it to the plugin admin page, allowing an authorized user (admin+) to plant bogus log files containing malicious JavaScript code that will be executed in the context of any administrator visiting this page.	2023-04-10	4.8	CVE-2023-0157 MISC
article_directory_project — article_directory	The Article Directory WordPress plugin through 1.3 does not properly sanitize the `publish_terms_text` setting before displaying it in the administration panel, which may enable administrators to conduct Stored XSS attacks in multisite contexts.	2023-04-10	4.8	CVE-2023-0422 MISC
wordpress_amazon_s3_project — wordpress_amazon_s3	The WordPress Amazon S3 Plugin WordPress plugin before 1.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin	2023-04-10	4.8	CVE-2023-0423 MISC
auto_rename_media_on_upload_project — auto_rename_media_on_upload	The Auto Rename Media On Upload WordPress plugin before 1.1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2023-04-10	4.8	CVE-2023-0605 MISC
klaviyo — klavio	The Klaviyo WordPress plugin before 3.0.10 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2023-04-10	4.8	CVE-2023-0874 MISC
dcac — time_sheets	The Time Sheets WordPress plugin before 1.29.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)	2023-04-10	4.8	CVE-2023-0893 MISC
ibenic — simple_giveaways	The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)	2023-04-10	4.8	CVE-2023-1120 MISC
ibenic — simple_giveaways	The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)	2023-04-10	4.8	CVE-2023-1121 MISC
ibenic — simple_giveaways	The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its Giveaways options, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)	2023-04-10	4.8	CVE-2023-1122 MISC
online_computer_and_laptop_store_project — online_computer_and_laptop_store	A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/?page=maintenance/brand. The manipulation of the argument Brand Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225536.	2023-04-11	4.8	CVE-2023-1988 MISC MISC MISC
easy_panorama_project — easy_panorama	Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Leonardo Giacone Easy Panorama plugin <= 1.1.4 versions.	2023-04-07	4.8	CVE-2023-23799 MISC
auto_hide_admin_bar_project — auto_hide_admin_bar	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin <= 1.6.1 versions.	2023-04-07	4.8	CVE-2023-23994 MISC
snapcreek — ezp_coming_soon_page	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap Creek Software EZP Coming Soon Page plugin <= 1.0.7.3 versions.	2023-04-07	4.8	CVE-2023-24398 MISC
wpbookingsystem — wp_booking_system	Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin <= 2.0.18 versions.	2023-04-07	4.8	CVE-2023-24402 MISC
kibokolabs — watu_quiz	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.8 versions.	2023-04-07	4.8	CVE-2023-25022 MISC
kibokolabs — chained_quiz	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Chained Quiz plugin <= 1.3.2.5 versions.	2023-04-07	4.8	CVE-2023-25027 MISC
kibokolabs — arigato_autoresponder_and_newsletter	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1 versions.	2023-04-07	4.8	CVE-2023-25031 MISC
podlove — podlove_podcast_publisher	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.2 versions.	2023-04-07	4.8	CVE-2023-25046 MISC
implecode — ecommerce_product_catalog	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.4 versions.	2023-04-07	4.8	CVE-2023-25049 MISC
avalex — avalex	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in avalex GmbH avalex – Automatically secure legal texts plugin <= 3.0.3 versions.	2023-04-07	4.8	CVE-2023-25059 MISC
zeno_font_resizer_project — zeno_font_resizer	Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Marcel Pol Zeno Font Resizer plugin <= 1.7.9 versions.	2023-04-07	4.8	CVE-2023-25442 MISC
streamweasels — twitch_player	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in StreamWeasels Twitch Player plugin <= 2.1.0 versions.	2023-04-07	4.8	CVE-2023-25464 MISC
fullworksplugins — quick_paypal_payments	Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.	2023-04-07	4.8	CVE-2023-25702 MISC
goprayer — wp_prayer	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Go Prayer WP Prayer plugin <= 1.9.6 versions.	2023-04-07	4.8	CVE-2023-25705 MISC
wp-buddy — google_analytics_opt-out	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP-Buddy Google Analytics Opt-Out plugin <= 2.3.4 versions.	2023-04-07	4.8	CVE-2023-25712 MISC
announce_from_the_dashboard_project — announce_from_the_dashboard	Auth (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gqevu6bsiz Announce from the Dashboard plugin <= 1.5.1 versions.	2023-04-07	4.8	CVE-2023-25716 MISC
piwebsolution — product_page_shipping_calculator_for_woocommerce	Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <= 1.3.20 versions.	2023-04-07	4.8	CVE-2023-29094 MISC
piwebsolution — product_enquiry_for_woocommerce	Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product Enquiry for WooCommerce, WooCommerce product catalog plugin <= 2.2.12 versions.	2023-04-07	4.8	CVE-2023-29170 MISC
microsoft — windows_server_2008	Windows Group Policy Security Feature Bypass Vulnerability	2023-04-11	4.4	CVE-2023-28276 MISC
sap — hcm_fiori_app_my_forms	SAP HCM Fiori App My Forms (Fiori 2.0) – version 605, does not perform necessary authorization checks for an authenticated user exposing the restricted header data.	2023-04-11	4.3	CVE-2023-1903 MISC MISC
my-blog_project — my-blog	A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-225264.	2023-04-07	4.3	CVE-2023-1937 MISC MISC MISC
microsoft — multiple_products	Remote Procedure Call Runtime Information Disclosure Vulnerability	2023-04-11	4.3	CVE-2023-21729 MISC
aten — pe8108_firmware	Aten PE8108 2.4.232 is vulnerable to Cross Site Request Forgery (CSRF).	2023-04-11	4.3	CVE-2023-25411 MISC
opencats — opencats	A Cross-Site Request Forgery (CSRF) in OpenCATS 0.9.7 allows attackers to force users into submitting web requests via unspecified vectors.	2023-04-11	4.3	CVE-2023-26845 MISC MISC
microsoft — edge_chromium	Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability	2023-04-11	4.3	CVE-2023-28284 MISC
silverwaregames — silverwaregames	SilverwareGames.io versions before 1.2.19 allow users with access to the game upload panel to edit download links for games uploaded by other developers. This has been fixed in version 1.2.19.	2023-04-10	4.3	CVE-2023-29192 MISC
microsoft — edge_chromium	Microsoft Edge (Chromium-based) Tampering Vulnerability	2023-04-11	4.2	CVE-2023-28301 MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
apple — iphone_os	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16. A person with physical access to a device may be able to use Siri to access private calendar information	2023-04-10	2.4	CVE-2022-32871 MISC
apple — ipados	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2. A user with physical access to a locked Apple Watch may be able to view user photos via accessibility features	2023-04-10	2.4	CVE-2022-46717 MISC

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
bestwebsoft — contact_form	A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrm_settings_page of the file contact_form.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 3.22 is able to address this issue. The name of the patch is 8398d96ff0fe45ec9267d7259961c2ef89ed8005. It is recommended to upgrade the affected component. The identifier VDB-225321 was assigned to this vulnerability.	2023-04-09	not yet calculated	CVE-2012-10010 MISC MISC MISC
wordpress — wordpress	A vulnerability was found in Editorial Calendar Plugin up to 2.6. It has been declared as critical. Affected by this vulnerability is the function edcal_filter_where of the file edcal.php. The manipulation of the argument edcal_startDate/edcal_endDate leads to sql injection. The attack can be launched remotely. Upgrading to version 2.7 is able to address this issue. The name of the patch is a9277f13781187daee760b4dfd052b1b68e101cc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-225151.	2023-04-08	not yet calculated	CVE-2013-10023 MISC MISC MISC MISC
wordpress — wordpress	A vulnerability has been found in Exit Strategy Plugin 1.55 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file exitpage.php. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 1.59 is able to address this issue. The name of the patch is d964b8e961b2634158719f3328f16eda16ce93ac. It is recommended to upgrade the affected component. The identifier VDB-225265 was assigned to this vulnerability.	2023-04-08	not yet calculated	CVE-2013-10024 MISC MISC MISC
wordpress — wordpress	A vulnerability was found in Exit Strategy Plugin 1.55 and classified as problematic. Affected by this issue is the function exitpageadmin of the file exitpage.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 1.59 is able to address this issue. The name of the patch is d964b8e961b2634158719f3328f16eda16ce93ac. It is recommended to upgrade the affected component. VDB-225266 is the identifier assigned to this vulnerability.	2023-04-08	not yet calculated	CVE-2013-10025 MISC MISC MISC
bestwebsoft — contact_form	A vulnerability was found in BestWebSoft Contact Form Plugin 1.3.4 and classified as problematic. Affected by this issue is the function bws_add_menu_render of the file bws_menu/bws_menu.php. The manipulation of the argument bwsmn_form_email leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.3.7 is able to address this issue. The name of the patch is 4d531f74b4a801c805dc80360d4ea1312e9a278f. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225320.	2023-04-09	not yet calculated	CVE-2014-125095 MISC MISC MISC
wordpress — wordpress	A vulnerability was found in Broken Link Checker Plugin up to 1.10.5. It has been rated as problematic. Affected by this issue is the function print_module_list/show_warnings_section_notice/status_text/ui_get_action_links. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.10.6 is able to address this issue. The name of the patch is f30638869e281461b87548e40b517738b4350e47. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225152.	2023-04-08	not yet calculated	CVE-2015-10098 MISC MISC MISC MISC
wordpress — wordpress	A vulnerability classified as critical has been found in CP Appointment Calendar Plugin up to 1.1.5. This affects the function dex_process_ready_to_go_appointment of the file dex_appointments.php. The manipulation of the argument itemnumber leads to sql injection. It is possible to initiate the attack remotely. The name of the patch is e29a9cdbcb0f37d887dd302a05b9e8bf213da01d. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-225351.	2023-04-10	not yet calculated	CVE-2015-10099 MISC MISC MISC
wordpress — wordpress	A vulnerability classified as problematic was found in Google Analytics Top Content Widget Plugin up to 1.5.6 on WordPress. Affected by this vulnerability is an unknown functionality of the file class-tgm-plugin-activation.php. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.5.7 is able to address this issue. The name of the patch is 25bb1dea113716200a6f0f3135801d84a7a65540. It is recommended to upgrade the affected component. The identifier VDB-226117 was assigned to this vulnerability.	2023-04-15	not yet calculated	CVE-2015-10101 MISC MISC MISC
gitlab — community/enterprise_edition	An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. The diff formatter using rouge can block for a long time in Sidekiq jobs without any timeout.	2023-04-15	not yet calculated	CVE-2018-15472 MISC CONFIRM
gitlab — community/enterprise_edition	An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Remote attackers could obtain sensitive information about issues, comments, and project titles via events API insecure direct object reference.	2023-04-15	not yet calculated	CVE-2018-17449 MISC CONFIRM
gitlab — community/enterprise_edition	An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via the Kubernetes integration, leading (for example) to disclosure of a GCP service token.	2023-04-15	not yet calculated	CVE-2018-17450 MISC CONFIRM
gitlab — community/enterprise_edition	An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Cross Site Request Forgery (CSRF) in the Slack integration for issuing slash commands.	2023-04-15	not yet calculated	CVE-2018-17451 MISC CONFIRM
gitlab — community/enterprise_edition	An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via a loopback address to the validate_localhost function in url_blocker.rb.	2023-04-15	not yet calculated	CVE-2018-17452 MISC CONFIRM
gitlab — community/enterprise_edition	An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers may have been able to obtain sensitive access-token data from Sentry logs via the GRPC::Unknown exception.	2023-04-15	not yet calculated	CVE-2018-17453 MISC CONFIRM
gitlab — community/enterprise_edition	An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is stored XSS on the issue details screen.	2023-04-15	not yet calculated	CVE-2018-17454 MISC CONFIRM
gitlab — community/enterprise_edition	An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers could obtain sensitive information about group names, avatars, LDAP settings, and descriptions via an insecure direct object reference to the “merge request approvals” feature.	2023-04-15	not yet calculated	CVE-2018-17455 MISC CONFIRM
gitlab — community/enterprise_edition	An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is stored XSS on the merge request page via project import.	2023-04-15	not yet calculated	CVE-2018-17536 MISC CONFIRM
lilypond — lilypond	LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used.	2023-04-15	not yet calculated	CVE-2020-17354 MISC MISC MISC CONFIRM MISC MISC
milken — doyocms	File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type parameter.	2023-04-11	not yet calculated	CVE-2020-19802 MISC
milken — doyocms	Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the background system settings.	2023-04-11	not yet calculated	CVE-2020-19803 MISC MISC
sqlite3 — sqlite3	Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.	2023-04-11	not yet calculated	CVE-2020-24736 MISC
score — score	The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles (potentially including unauthenticated anonymous users) to execute arbitrary Scheme or shell code by using crafted {{Image data to generate musical scores containing malicious code.	2023-04-15	not yet calculated	CVE-2020-29007 MISC MISC MISC MISC MISC
tailor_mangement_system — tailor_mangement_system	SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the customer parameter of the orderadd.php file	2023-04-10	not yet calculated	CVE-2020-36077 MISC MISC
cs-cart — shipstation	The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database (via action=shipnotify) because access to this endpoint is completely unchecked. The attacker must guess an order number.	2023-04-11	not yet calculated	CVE-2020-9009 MISC MISC
visualeditor — visualeditor	An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2. . When using VisualEditor to edit a MediaWiki user page belonging to an existing, but hidden, user, VisualEditor will disclose that the user exists. (It shouldn’t because they are hidden.) This is related to ApiVisualEditor.	2023-04-15	not yet calculated	CVE-2021-30153 CONFIRM CONFIRM MISC
mailman_core — mailman_core	An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces.	2023-04-15	not yet calculated	CVE-2021-34337 MISC MISC MISC
openbmc — openbmc	In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface.	2023-04-15	not yet calculated	CVE-2021-39295 MISC MISC CONFIRM MISC MISC MISC
lldpd — lldpd	In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it’s possible to trigger an out-of-bounds heap read via short SONMP packets.	2023-04-15	not yet calculated	CVE-2021-43612 MISC CONFIRM CONFIRM
kvmtool — kvmtool	kvmtool through 39181fc allows an out-of-bounds write, related to virtio/balloon.c and virtio/pci.c. This allows a guest OS user to execute arbitrary code on the host machine.	2023-04-15	not yet calculated	CVE-2021-45464 MISC MISC MISC MISC
fluent — treasure_data_fluent_bit	An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in flb_pack_msgpack_to_json_format leads to type confusion bug that interprets whatever is on the stack as msgpack maps and arrays, leading to use-after-free. This can be used by an attacker to craft a specially craft file and trick the victim opening it using the affect software, triggering use-after-free and execute arbitrary code on the target system.	2023-04-11	not yet calculated	CVE-2021-46878 MISC MISC
fluent — treasure_data_fluent_bit	An issue was discovered in Treasure Data Fluent Bit 1.7.1, a wrong variable is used to get the msgpack data resulting in a heap overflow in flb_msgpack_gelf_value_ext. An attacker can craft a malicious file and tick the victim to open the file with the software, triggering a heap overflow and execute arbitrary code on the target system.	2023-04-11	not yet calculated	CVE-2021-46879 MISC MISC
libressl/openbsd — libressl/openbsd	x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.	2023-04-15	not yet calculated	CVE-2021-46880 MISC MISC MISC
insyde — kernel	An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. Specially formatted buffer contents used for software SMI could cause SMRAM corruption, leading to escalation of privilege.	2023-04-12	not yet calculated	CVE-2022-24350 MISC MISC
calibre-web — calibre-web	Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.	2023-04-15	not yet calculated	CVE-2022-2525 CONFIRM MISC
qualcomm — snapdragon	Memory correction in modem due to buffer overwrite during coap connection	2023-04-13	not yet calculated	CVE-2022-25678 MISC
qualcomm — snapdragon	Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet	2023-04-13	not yet calculated	CVE-2022-25726 MISC
qualcomm — snapdragon	Information disclosure in modem due to improper check of IP type while processing DNS server query	2023-04-13	not yet calculated	CVE-2022-25730 MISC
qualcomm — snapdragon	Information disclosure in modem due to buffer over-read while processing packets from DNS server	2023-04-13	not yet calculated	CVE-2022-25731 MISC
qualcomm — snapdragon	Information disclosure in modem due to missing NULL check while reading packets received from local network	2023-04-13	not yet calculated	CVE-2022-25737 MISC
qualcomm — snapdragon	Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call	2023-04-13	not yet calculated	CVE-2022-25739 MISC
qualcomm — snapdragon	Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface	2023-04-13	not yet calculated	CVE-2022-25740 MISC
qualcomm — snapdragon	Memory corruption in modem due to improper input validation while handling the incoming CoAP message	2023-04-13	not yet calculated	CVE-2022-25745 MISC
qualcomm — snapdragon	Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message	2023-04-13	not yet calculated	CVE-2022-25747 MISC
fortinet — fortisandbox	A improper neutralization of special elements used in an sql command (‘sql injection’) vulnerability [CWE-89] in Fortinet FortiSandbox version 4.2.0, 4.0.0 through 4.0.2, 3.2.0 through 3.2.3, 3.1.x and 3.0.x allows a remote and authenticated attacker with read permission to retrieve arbitrary files from the underlying Linux system via a crafted HTTP request.	2023-04-11	not yet calculated	CVE-2022-27485 MISC
fortinet — fortisandbox	A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS requests.	2023-04-11	not yet calculated	CVE-2022-27487 MISC
qualcomm — snapdragon	memory corruption in modem due to improper check while calculating size of serialized CoAP message	2023-04-13	not yet calculated	CVE-2022-33211 MISC
qualcomm — snapdragon	Information disclosure due to buffer over-read while parsing DNS response packets in Modem.	2023-04-13	not yet calculated	CVE-2022-33222 MISC
qualcomm — snapdragon	Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding.	2023-04-13	not yet calculated	CVE-2022-33223 MISC
qualcomm — snapdragon	Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header.	2023-04-13	not yet calculated	CVE-2022-33228 MISC
qualcomm — snapdragon	Memory corruption due to double free in core while initializing the encryption key.	2023-04-13	not yet calculated	CVE-2022-33231 MISC
qualcomm — snapdragon	Information disclosure due to buffer over-read in modem while reading configuration parameters.	2023-04-13	not yet calculated	CVE-2022-33258 MISC
qualcomm — snapdragon	Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.	2023-04-13	not yet calculated	CVE-2022-33259 MISC
qualcomm — snapdragon	Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.	2023-04-13	not yet calculated	CVE-2022-33269 MISC
qualcomm — snapdragon	Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.	2023-04-13	not yet calculated	CVE-2022-33270 MISC
qualcomm — snapdragon	Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.	2023-04-13	not yet calculated	CVE-2022-33282 MISC
qualcomm — snapdragon	Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.	2023-04-13	not yet calculated	CVE-2022-33287 MISC
qualcomm — snapdragon	Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.	2023-04-13	not yet calculated	CVE-2022-33288 MISC
qualcomm — snapdragon	Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.	2023-04-13	not yet calculated	CVE-2022-33289 MISC
qualcomm — snapdragon	Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.	2023-04-13	not yet calculated	CVE-2022-33291 MISC
qualcomm — snapdragon	Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.	2023-04-13	not yet calculated	CVE-2022-33294 MISC
qualcomm — snapdragon	Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.	2023-04-13	not yet calculated	CVE-2022-33295 MISC
qualcomm — snapdragon	Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.	2023-04-13	not yet calculated	CVE-2022-33296 MISC
qualcomm — snapdragon	Information disclosure due to buffer overread in Linux sensors	2023-04-13	not yet calculated	CVE-2022-33297 MISC
qualcomm — snapdragon	Memory corruption due to use after free in Modem while modem initialization.	2023-04-13	not yet calculated	CVE-2022-33298 MISC
qualcomm — snapdragon	Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM.	2023-04-13	not yet calculated	CVE-2022-33301 MISC
qualcomm — snapdragon	Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.	2023-04-13	not yet calculated	CVE-2022-33302 MISC
fortinet — fortiauthenticator	An improper neutralization of script-related HTML tags in a web page vulnerability [CWE-80] in FortiAuthenticator versions 6.4.0 through 6.4.4, 6.3.0 through 6.3.3, all versions of 6.2 and 6.1 may allow a remote unauthenticated attacker to trigger a reflected cross site scripting (XSS) attack via the “reset-password” page.	2023-04-11	not yet calculated	CVE-2022-35850 MISC
hitachi_vantara — pentaho_business_analytics_server	Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.3.0.0, 9.2.0.4 and 8.3.0.27 allow a malicious URL to inject content into a dashboard when the CDE plugin is present.	2023-04-11	not yet calculated	CVE-2022-3695 MISC
upstream_works — agent_desktop_for_cisco_finesse	A stored Cross-Site Scripting (XSS) vulnerability in the Chat gadget in Upstream Works Agent Desktop for Cisco Finesse through 4.2.12 and 5.0 allows remote attackers to inject arbitrary web script or HTML via AttachmentId in the file-upload details.	2023-04-10	not yet calculated	CVE-2022-37462 MISC MISC
forgerock_inc — access_management	Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication Bypass.This issue affects Access Management: from 6.5.0 through 7.2.0.	2023-04-14	not yet calculated	CVE-2022-3748 MISC MISC MISC
qualcomm — snapdragon	Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.	2023-04-13	not yet calculated	CVE-2022-40503 MISC
qualcomm — snapdragon	Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.	2023-04-13	not yet calculated	CVE-2022-40532 MISC
fortinet — fortiadc/fortiddos	An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 5.x all versions, 6.0 all versions, 6.1 all versions, 6.2.0 through 6.2.4, 7.0.0 through 7.0.3, 7.1.0; FortiDDoS 4.x all versions, 5.0 all versions, 5.1 all versions, 5.2 all versions, 5.3 all versions, 5.4 all versions, 5.5 all versions, 5.6 all versions and FortiDDoS-F 6.4.0, 6.3.0 through 6.3.3, 6.2.0 through 6.2.2, 6.1.0 through 6.1.4 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.	2023-04-11	not yet calculated	CVE-2022-40679 MISC
fortinet — forticlient_for_windows	A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 – 7.0.7, 6.4.0 – 6.4.9, 6.2.0 – 6.2.9 and 6.0.0 – 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.	2023-04-11	not yet calculated	CVE-2022-40682 MISC
fortinet — fortios/fortiproxy	An improper neutralization of input during web page generation vulnerability (‘Cross-site Scripting’) [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.	2023-04-11	not yet calculated	CVE-2022-41330 MISC
fortinet — fortipresence	A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.	2023-04-11	not yet calculated	CVE-2022-41331 MISC
fortinet — fortigate	A permissive list of allowed inputs vulnerability [CWE-183] in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal.	2023-04-11	not yet calculated	CVE-2022-42469 MISC
fortinet — forticlient_for_windows	A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 – 7.0.7, 6.4.0 – 6.4.9, 6.2.0 – 6.2.9 and 6.0.0 – 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.	2023-04-11	not yet calculated	CVE-2022-42470 MISC
fortinet — fortianalyzer	An improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries.	2023-04-11	not yet calculated	CVE-2022-42477 MISC
supermicro — x11sl-cf_hw	Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.	2023-04-07	not yet calculated	CVE-2022-43309 MISC MISC MISC
open-xchange — ox_app_suite	OX App Suite before 7.10.6-rev20 allows XSS via upsell ads.	2023-04-15	not yet calculated	CVE-2022-43696 MISC MISC
open-xchange — ox_app_suite	OX App Suite before 7.10.6-rev30 allows XSS via an activity tracking adapter defined by jslob.	2023-04-15	not yet calculated	CVE-2022-43697 MISC MISC
open-xchange — ox_app_suite	OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list.	2023-04-15	not yet calculated	CVE-2022-43698 MISC MISC
open-xchange — ox_app_suite	OX App Suite before 7.10.6-rev30 allows SSRF because e-mail account discovery disregards the deny-list and thus can be attacked by an adversary who controls the DNS records of an external domain (found in the host part of an e-mail address).	2023-04-15	not yet calculated	CVE-2022-43699 MISC MISC
hitachi_vantara — pentaho_business_analytics_server	Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.4 and 8.3.0.27 does not correctly perform an authorization check in the dashboard editor plugin API.	2023-04-11	not yet calculated	CVE-2022-43770 MISC
fortinet — forticlient_for_windows	Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute commands via writing data into a windows pipe.	2023-04-11	not yet calculated	CVE-2022-43946 MISC
fortinet — fortios/fortiproxy	An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions.	2023-04-11	not yet calculated	CVE-2022-43947 MISC
fortinet — fortiadc/fortiweb	A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiWeb version 7.0.0 through 7.0.3, FortiADC version 7.1.0 through 7.1.1, FortiADC version 7.0.0 through 7.0.3, FortiADC 6.2 all versions, FortiADC 6.1 all versions, FortiADC 6.0 all versions, FortiADC 5.4 all versions, FortiADC 5.3 all versions, FortiADC 5.2 all versions, FortiADC 5.1 all versions allows attacker to execute unauthorized code or commands via specifically crafted arguments to existing commands.	2023-04-11	not yet calculated	CVE-2022-43948 MISC
fortinet — fortinac	An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below may allow an unauthenticated attacker to access sensitive information via crafted HTTP requests.	2023-04-11	not yet calculated	CVE-2022-43951 MISC
fortinet — fortiadc	An improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.	2023-04-11	not yet calculated	CVE-2022-43952 MISC
fortinet — fortiweb	An improper neutralization of input during web page generation [CWE-79] in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross site scripting attack (XSS) via injecting malicious payload in log entries used to build report.	2023-04-11	not yet calculated	CVE-2022-43955 MISC
wordpress — wordpress	Auth. (admin+) Stored Cross-Site Scripting’) vulnerability in Zephilou Cyklodev WP Notify plugin <= 1.2.1 versions.	2023-04-13	not yet calculated	CVE-2022-44625 MISC
rconfig — rconfig	A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (this may interact with secure-file-priv).	2023-04-15	not yet calculated	CVE-2022-45030 MISC MISC
oracle — apache_sling_engine	The SlingRequestDispatcher doesn’t correctly implement the RequestDispatcher API resulting in a generic type of include-based cross-site scripting issues on the Apache Sling level. The vulnerability is exploitable by an attacker that is able to include a resource with specific content-type and control the include path (i.e. writing content). The impact of a successful attack is privilege escalation to administrative power. Please update to Apache Sling Engine >= 2.14.0 and enable the “Check Content-Type overrides” configuration option.	2023-04-13	not yet calculated	CVE-2022-45064 MISC
livebox — collaboration_vdesk	An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malicious user, logged into a victim’s account, is able to decipher a file without knowing the key set by the user.	2023-04-14	not yet calculated	CVE-2022-45170 MISC
livebox — collaboration_vdesk	An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /api/v1/vdeskintegration/challenge endpoint. Because only the client-side verifies whether a check was successful, an attacker can modify the response, and fool the application into concluding that the TOTP was correct.	2023-04-14	not yet calculated	CVE-2022-45173 MISC
livebox — collaboration_vdesk	An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication for SAML Users can occur under the /login/backup_code endpoint and the /api/v1/vdeskintegration/challenge endpoint. The correctness of the TOTP is not checked properly, and can be bypassed by passing any string as the backup code.	2023-04-14	not yet calculated	CVE-2022-45174 MISC
livebox — collaboration_vdesk	An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/{ID-FILE]/c/{N]/{C]/websocket endpoint. A malicious unauthenticated user can access cached files in the OnlyOffice backend of other users by guessing the file ID of a target file.	2023-04-14	not yet calculated	CVE-2022-45175 MISC
livebox — collaboration_vdesk	An issue was discovered in LIVEBOX Collaboration vDesk through v018. Broken Access Control exists under the /api/v1/vdeskintegration/saml/user/createorupdate endpoint, the /settings/guest-settings endpoint, the /settings/samlusers-settings endpoint, and the /settings/users-settings endpoint. A malicious user (already logged in as a SAML User) is able to achieve privilege escalation from a low-privilege user (FGM user) to an administrative user (GGU user), including the administrator, or create new users even without an admin role.	2023-04-14	not yet calculated	CVE-2022-45178 MISC
livebox — collaboration_vdesk	An issue was discovered in LIVEBOX Collaboration vDesk through v018. Broken Access Control exists under the /api/v1/vdesk_{DOMAIN]/export endpoint. A malicious user, authenticated to the product without any specific privilege, can use the API for exporting information about all users of the system (an operation intended to only be available to the system administrator).	2023-04-14	not yet calculated	CVE-2022-45180 MISC
wordpress — wordpress	Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Silkalns Activello theme <= 1.4.4 versions.	2023-04-13	not yet calculated	CVE-2022-45358 MISC
arm — mali_kernel	An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0.	2023-04-11	not yet calculated	CVE-2022-46396 MISC
servicenow — servicenow	There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.	2023-04-14	not yet calculated	CVE-2022-46886 MISC
timmystudios — fast_typing_keyboard	Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary files in its internal storage via a dictionary traversal vulnerability and achieve arbitrary code execution.	2023-04-14	not yet calculated	CVE-2022-47027 MISC MISC MISC
dnn_corp — dotnetnuke	An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file.	2023-04-12	not yet calculated	CVE-2022-47053 MISC MISC
oracle — apache_ofbiz	Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a pre-authentication attack. This issue affects Apache OFBiz: before 18.12.07.	2023-04-14	not yet calculated	CVE-2022-47501 MISC MISC MISC
ieee_802.11 — ieee_802.11	The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target’s MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target’s original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client’s pairwise encryption key.	2023-04-15	not yet calculated	CVE-2022-47522 MISC MISC MISC
wordpress — wordpress	Auth. SQL Injection’) vulnerability in Kunal Nagar Custom 404 Pro plugin <= 3.7.0 versions.	2023-04-12	not yet calculated	CVE-2022-47605 MISC
x2crm_open_source_sales_crm — x2crm_open_source_sales_crm	X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the adin/importModels Import Records Model field (model parameter). This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user’s browser.	2023-04-15	not yet calculated	CVE-2022-48177 MISC MISC
x2crm_open_source_sales_crm — x2crm_open_source_sales_crm	X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Create Action function, aka an index.php/actions/update URI.	2023-04-15	not yet calculated	CVE-2022-48178 MISC MISC
libressl/openbsd — libressl/openbsd	An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed verification callback that instructs the verifier to continue upon detecting an invalid certificate.	2023-04-12	not yet calculated	CVE-2022-48437 MISC MISC MISC
protobuf-c — protobuf-c	protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.	2023-04-13	not yet calculated	CVE-2022-48468 MISC MISC MISC MISC
palo_alto_networks — pan-os	A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software.	2023-04-12	not yet calculated	CVE-2023-0004 MISC
palo_alto_networks — pan-os	A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.	2023-04-12	not yet calculated	CVE-2023-0005 MISC
palo_alto_networks — globalprotect	A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.	2023-04-12	not yet calculated	CVE-2023-0006 MISC
libjxl — libjxl	An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159	2023-04-11	not yet calculated	CVE-2023-0645 MISC MISC
mitsubishi_electric_india — gc-enet-com	Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are “16” allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in Ethernet communication by sending a large number of specially crafted packets to any UDP port when GC-ENET-COM is configured as a Modbus TCP Server. The communication resumes only when the power of the main unit is turned off and on or when the GC-ENET-COM is hot-swapped from the main unit.	2023-04-14	not yet calculated	CVE-2023-1285 MISC MISC
canonical_ltd — apport_for_linux	A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.	2023-04-13	not yet calculated	CVE-2023-1326 MISC
ge_gas_power — toolboxst	ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user’s context through the deserialization of an untrusted configuration file. Two CVSS scores have been provided to capture the differences between the two aforementioned attack vectors. Customers are advised to update to ToolboxST 7.10 which can be found in ControlST 7.10. If unable to update at this time customers should ensure they are following the guidance laid out in GE Gas Power’s Secure Deployment Guide (GEH-6839). Customers should ensure they are not running ToolboxST as an Administrative user.	2023-04-11	not yet calculated	CVE-2023-1552 MISC
b&r_ industrial_automation — b&r_vc4	Improper Authentication vulnerability in B&R Industrial Automation B&R VC4 (VNC-Server modules). This vulnerability may allow an unauthenticated network-based attacker to bypass the authentication mechanism of the VC4 visualization on affected devices. The impact of this vulnerability depends on the functionality provided in the visualization. This issue affects B&R VC4: from 3.* through 3.96.7, from 4.0* through 4.06.7, from 4.1* through 4.16.3, from 4.2* through 4.26.8, from 4.3* through 4.34.6, from 4.4* through 4.45.1, from 4.5* through 4.45.3, from 4.7* through 4.72.9.	2023-04-14	not yet calculated	CVE-2023-1617 MISC
openvswitch — openvswitch	A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.	2023-04-10	not yet calculated	CVE-2023-1668 MISC MISC DEBIAN
linux — kernel	A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.	2023-04-12	not yet calculated	CVE-2023-1829 MISC MISC
linux — kernel	A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.	2023-04-12	not yet calculated	CVE-2023-1872 MISC MISC
wordpress — wordpress	The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiple_roles_update function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the ‘wpda_role[]’ parameter during a profile update. This requires the ‘Enable role management’ setting to be enabled for the site.	2023-04-12	not yet calculated	CVE-2023-1874 MISC MISC MISC MISC MISC
imagemagick — magickcore	A heap-based buffer overflow issue was discovered in ImageMagick’s ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.	2023-04-12	not yet calculated	CVE-2023-1906 MISC MISC MISC MISC MISC
tiffcrop — libtiff	A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.	2023-04-10	not yet calculated	CVE-2023-1916 MISC MISC
devolutions — remote_desktop_manager	No access control for the OTP key on OTP entries in Devolutions Remote Desktop Manager Windows 2022.3.33.0 and prior versions and Remote Desktop Manager Linux 2022.3.2.0 and prior versions allows non admin users to see OTP keys via the user interface.	2023-04-11	not yet calculated	CVE-2023-1939 MISC
sourcecodester — survey_application_system	A vulnerability was found in SourceCodester Survey Application System 1.0 and classified as problematic. This issue affects some unknown processing of the component Add New Handler. The manipulation of the argument Title with the input <script>prompt(document.domain)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225329 was assigned to this vulnerability.	2023-04-07	not yet calculated	CVE-2023-1946 MISC MISC
tao_interactive– taocms	A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225330 is the identifier assigned to this vulnerability.	2023-04-07	not yet calculated	CVE-2023-1947 MISC MISC MISC
phpgurukul — bp_monitoring_management_system	A vulnerability, which was classified as problematic, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file add-family-member.php of the component Add New Family Member Handler. The manipulation of the argument Member Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225335.	2023-04-08	not yet calculated	CVE-2023-1948 MISC MISC MISC
phpgurukul — bp_monitoring_management_system	A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file change-password.php of the component Change Password Handler. The manipulation of the argument password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225336.	2023-04-08	not yet calculated	CVE-2023-1949 MISC MISC MISC
phpgurukul — bp_monitoring_management_system	A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file password-recovery.php of the component Password Recovery. The manipulation of the argument emailid/contactno leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225337 was assigned to this vulnerability.	2023-04-08	not yet calculated	CVE-2023-1950 MISC MISC MISC
sourcecodester — online_computer_and_laptop_store	A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/?page=system_info. The manipulation of the argument System Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225348.	2023-04-08	not yet calculated	CVE-2023-1961 MISC MISC MISC
sourcecodester — best_online_news_portal	A vulnerability classified as critical was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225361 was assigned to this vulnerability.	2023-04-09	not yet calculated	CVE-2023-1962 MISC MISC MISC
phpgurukul — bp_monitoring_management_system	A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php of the component Search. The manipulation of the argument searchinput leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225359.	2023-04-09	not yet calculated	CVE-2023-1963 MISC MISC MISC
phpgurukul — bp_monitoring_management_system	A vulnerability classified as critical has been found in PHPGurukul Bank Locker Management System 1.0. Affected is an unknown function of the file recovery.php of the component Password Reset. The manipulation of the argument uname/mobile leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225360.	2023-04-09	not yet calculated	CVE-2023-1964 MISC MISC MISC
answerdev — answer	Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8.	2023-04-11	not yet calculated	CVE-2023-1974 MISC CONFIRM
answerdev — answer	Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8.	2023-04-11	not yet calculated	CVE-2023-1975 MISC CONFIRM
answerdev — answer	Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6.	2023-04-11	not yet calculated	CVE-2023-1976 MISC CONFIRM
devolutions — remote_desktop_manager	Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries.	2023-04-11	not yet calculated	CVE-2023-1980 MISC
sourcecodester — sales_tracker_management_system	A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/products/manage_product.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-225530 is the identifier assigned to this vulnerability.	2023-04-11	not yet calculated	CVE-2023-1983 MISC MISC MISC
sourcecodester — complaint_management_system	A vulnerability classified as critical was found in SourceCodester Complaint Management System 1.0. This vulnerability affects unknown code of the file /users/check_availability.php of the component POST Parameter Handler. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225532.	2023-04-11	not yet calculated	CVE-2023-1984 MISC MISC MISC
linux — kernel	A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.	2023-04-11	not yet calculated	CVE-2023-1989 MISC
linux — kernel	A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.	2023-04-12	not yet calculated	CVE-2023-1990 MISC
wireshark_foundation — wireshark	RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file	2023-04-12	not yet calculated	CVE-2023-1992 MISC CONFIRM MISC
wireshark_foundation — wireshark	LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file	2023-04-12	not yet calculated	CVE-2023-1993 MISC CONFIRM MISC
wireshark_foundation — wireshark	GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file	2023-04-12	not yet calculated	CVE-2023-1994 CONFIRM MISC MISC
freetype — freetype	An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c.	2023-04-14	not yet calculated	CVE-2023-2004 MISC MISC MISC MISC FEDORA
linux — kernel	A flaw was found in the Linux kernel’s udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.	2023-04-14	not yet calculated	CVE-2023-2008 MISC MISC MISC
cisco — small_business_routers	A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not and will not release software updates that address this vulnerability.	2023-04-13	not yet calculated	CVE-2023-20118 MISC
microweber — microweber	Cross-site Scripting (XSS) – Generic in GitHub repository microweber/microweber prior to 1.3.3.	2023-04-13	not yet calculated	CVE-2023-2014 CONFIRM MISC
nilsteampassnet — teampass	Cross-site Scripting (XSS) – Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3.	2023-04-13	not yet calculated	CVE-2023-2021 MISC CONFIRM
wordpress — wordpress	The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.2. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.	2023-04-15	not yet calculated	CVE-2023-2027 MISC MISC
google — chrome	Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2023-04-14	not yet calculated	CVE-2023-2033 MISC MISC MISC
froxlor — froxlor	Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14.	2023-04-14	not yet calculated	CVE-2023-2034 MISC CONFIRM
campcodes — video_sharing_website	A vulnerability has been found in Campcodes Video Sharing Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file signup.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225913 was assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2035 MISC MISC MISC
campcodes — video_sharing_website	A vulnerability was found in Campcodes Video Sharing Website 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file upload.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-225914 is the identifier assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2036 MISC MISC MISC
campcodes — video_sharing_website	A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been classified as critical. This affects an unknown part of the file watch.php. The manipulation of the argument code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225915.	2023-04-14	not yet calculated	CVE-2023-2037 MISC MISC MISC
campcodes — video_sharing_website	A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin_class.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225916.	2023-04-14	not yet calculated	CVE-2023-2038 MISC MISC MISC
novel-plus — novel-plus	A vulnerability was found in novel-plus 3.6.2. It has been rated as critical. This issue affects some unknown processing of the file /author/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225917 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-04-14	not yet calculated	CVE-2023-2039 MISC MISC MISC
novel-plus — novel-plus	A vulnerability classified as critical has been found in novel-plus 3.6.2. Affected is an unknown function of the file /news/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225918 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-04-14	not yet calculated	CVE-2023-2040 MISC MISC MISC
novel-plus — novel-plus	A vulnerability classified as critical was found in novel-plus 3.6.2. Affected by this vulnerability is an unknown functionality of the file /category/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-04-14	not yet calculated	CVE-2023-2041 MISC MISC MISC
datagear — datagear	A vulnerability, which was classified as problematic, has been found in DataGear up to 4.5.1. Affected by this issue is some unknown functionality of the component JDBC Server Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225920. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-04-14	not yet calculated	CVE-2023-2042 MISC MISC MISC
control_id — control_id	A vulnerability, which was classified as problematic, was found in Control iD 23.3.19.0. This affects an unknown part of the file /v2/customerdb/operator.svc/a of the component Edit Handler. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-225921 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-04-14	not yet calculated	CVE-2023-2043 MISC MISC
control_id – id_secure	A vulnerability has been found in Control iD iDSecure 4.7.29.1 and classified as problematic. This vulnerability affects unknown code of the component Dispositivos Page. The manipulation of the argument IP-DNS leads to cross site scripting. The attack can be initiated remotely. VDB-225922 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-04-14	not yet calculated	CVE-2023-2044 MISC MISC
campcodes — advanced_online_voting_system	A vulnerability was found in Campcodes Advanced Online Voting System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument voter leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225932.	2023-04-14	not yet calculated	CVE-2023-2047 MISC MISC MISC
campcodes — advanced_online_voting_system	A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/voters_row.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225933 was assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2048 MISC MISC MISC
campcodes — advanced_online_voting_system	A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ballot_up.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-225934 is the identifier assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2049 MISC MISC MISC
campcodes — advanced_online_voting_system	A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/positions_add.php. The manipulation of the argument description leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225935.	2023-04-14	not yet calculated	CVE-2023-2050 MISC MISC MISC
campcodes — advanced_online_voting_system	A vulnerability classified as critical has been found in Campcodes Advanced Online Voting System 1.0. Affected is an unknown function of the file /admin/positions_row.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225936.	2023-04-14	not yet calculated	CVE-2023-2051 MISC MISC MISC
campcodes — advanced_online_voting_system	A vulnerability classified as critical was found in Campcodes Advanced Online Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ballot_down.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225937 was assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2052 MISC MISC MISC
campcodes — advanced_online_voting_system	A vulnerability, which was classified as critical, has been found in Campcodes Advanced Online Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/candidates_row.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-225938 is the identifier assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2053 MISC MISC MISC
campcodes — advanced_online_voting_system	A vulnerability, which was classified as critical, was found in Campcodes Advanced Online Voting System 1.0. This affects an unknown part of the file /admin/positions_delete.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225939.	2023-04-14	not yet calculated	CVE-2023-2054 MISC MISC MISC
campcodes — advanced_online_voting_system	A vulnerability has been found in Campcodes Advanced Online Voting System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/config_save.php. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225940.	2023-04-14	not yet calculated	CVE-2023-2055 MISC MISC MISC
dedecms — dedecms	A vulnerability was found in DedeCMS up to 5.7.87 and classified as critical. This issue affects the function GetSystemFile of the file module_main.php. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225941 was assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2056 MISC MISC MISC
eyoucms — eyoucms	A vulnerability was found in EyouCms 1.5.4. It has been classified as problematic. Affected is an unknown function of the file login.php?m=admin&c=Arctype&a=edit of the component New Picture Handler. The manipulation of the argument litpic_loca leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225942 is the identifier assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2057 MISC MISC MISC
eyoucms — eyoucms	A vulnerability was found in EyouCms up to 1.6.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /yxcms/index.php?r=admin/extendfield/mesedit&tabid=12&id=4 of the component HTTP POST Request Handler. The manipulation of the argument web_ico leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225943.	2023-04-14	not yet calculated	CVE-2023-2058 MISC MISC MISC
dedecms — dedecms	A vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/select_templets.php. The manipulation leads to path traversal: ‘..\filedir’. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225944.	2023-04-14	not yet calculated	CVE-2023-2059 MISC MISC MISC
campcodes — online_traffic_offense_management_system	A vulnerability was found in Campcodes Online Traffic Offense Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Login.php. The manipulation of the argument password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-226051.	2023-04-14	not yet calculated	CVE-2023-2073 MISC MISC MISC
campcodes — online_traffic_offense_management_system	A vulnerability was found in Campcodes Online Traffic Offense Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226052.	2023-04-14	not yet calculated	CVE-2023-2074 MISC MISC MISC
campcodes — online_traffic_offense_management_system	A vulnerability classified as critical has been found in Campcodes Online Traffic Offense Management System 1.0. This affects an unknown part of the file /admin/offenses/view_details.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226053 was assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2075 MISC MISC MISC
campcodes — online_traffic_offense_management_system	A vulnerability classified as problematic was found in Campcodes Online Traffic Offense Management System 1.0. This vulnerability affects unknown code of the file /classes/Users.phpp. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-226054 is the identifier assigned to this vulnerability.	2023-04-14	not yet calculated	CVE-2023-2076 MISC MISC MISC
campcodes — online_traffic_offense_management_system	A vulnerability, which was classified as problematic, has been found in Campcodes Online Traffic Offense Management System 1.0. This issue affects some unknown processing of the file /admin/offenses/view_details.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-226055.	2023-04-14	not yet calculated	CVE-2023-2077 MISC MISC MISC
spring — framework	In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.	2023-04-13	not yet calculated	CVE-2023-20863 MISC
spring — session	In Spring Session version 3.0.0, the session id can be logged to the standard output stream. This vulnerability exposes sensitive information to those who have access to the application logs and can be used for session hijacking. Specifically, an application is vulnerable if it is using HeaderHttpSessionIdResolver.	2023-04-13	not yet calculated	CVE-2023-20866 MISC
sourcecodester — complaint_management_system	A vulnerability was found in SourceCodester Complaint Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/userprofile.php of the component GET Parameter Handler. The manipulation of the argument uid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226097 was assigned to this vulnerability.	2023-04-15	not yet calculated	CVE-2023-2089 MISC MISC MISC
sourcecodester — employee_and_visitor_gate_pass_logging_system	A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is an unknown function of the file /admin/maintenance/view_designation.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-226098 is the identifier assigned to this vulnerability.	2023-04-15	not yet calculated	CVE-2023-2090 MISC MISC MISC
kylinsoft — youker-assistant	A vulnerability classified as critical was found in KylinSoft youker-assistant. Affected by this vulnerability is the function adjust_cpufreq_scaling_governer. The manipulation leads to os command injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.4.13 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-226099.	2023-04-15	not yet calculated	CVE-2023-2091 MISC MISC MISC
sourcecodester — vehicle_service_management_system	A vulnerability, which was classified as critical, has been found in SourceCodester Vehicle Service Management System 1.0. Affected by this issue is some unknown functionality of the file view_service.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226100.	2023-04-15	not yet calculated	CVE-2023-2092 MISC MISC MISC
sourcecodester — vehicle_service_management_system	A vulnerability, which was classified as critical, was found in SourceCodester Vehicle Service Management System 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226101 was assigned to this vulnerability.	2023-04-15	not yet calculated	CVE-2023-2093 MISC MISC MISC
sourcecodester — vehicle_service_management_system	A vulnerability has been found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/mechanics/manage_mechanic.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-226102 is the identifier assigned to this vulnerability.	2023-04-15	not yet calculated	CVE-2023-2094 MISC MISC MISC
sourcecodester — vehicle_service_management_system	A vulnerability was found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/maintenance/manage_category.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-226103.	2023-04-15	not yet calculated	CVE-2023-2095 MISC MISC MISC
sourcecodester — vehicle_service_management_system	A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/service_requests/manage_inventory.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226104.	2023-04-15	not yet calculated	CVE-2023-2096 MISC MISC MISC
sourcecodester — vehicle_service_management_system	A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226105 was assigned to this vulnerability.	2023-04-15	not yet calculated	CVE-2023-2097 MISC MISC MISC
sourcecodester — vehicle_service_management_system	A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /inc/topBarNav.php. The manipulation of the argument search leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-226106 is the identifier assigned to this vulnerability.	2023-04-15	not yet calculated	CVE-2023-2098 MISC MISC MISC
sourcecodester — vehicle_service_management_system	A vulnerability classified as problematic has been found in SourceCodester Vehicle Service Management System 1.0. This affects an unknown part of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-226107.	2023-04-15	not yet calculated	CVE-2023-2099 MISC MISC MISC
sourcecodester — vehicle_service_management_system	A vulnerability classified as problematic was found in SourceCodester Vehicle Service Management System 1.0. This vulnerability affects unknown code of the file /admin/report/index.php. The manipulation of the argument date_end leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226108.	2023-04-15	not yet calculated	CVE-2023-2100 MISC MISC MISC
mogu_blog — mogu_blog	A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226109 was assigned to this vulnerability.	2023-04-15	not yet calculated	CVE-2023-2101 MISC MISC MISC MISC
easyappointments — easyappointments	Cross-site Scripting (XSS) – Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0.	2023-04-15	not yet calculated	CVE-2023-2102 CONFIRM MISC
easyappointments — easyappointments	Cross-site Scripting (XSS) – Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0.	2023-04-15	not yet calculated	CVE-2023-2103 MISC CONFIRM
easyappointments — easyappointments	Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0.	2023-04-15	not yet calculated	CVE-2023-2104 CONFIRM MISC
easyappointments — easyappointments	Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0.	2023-04-15	not yet calculated	CVE-2023-2105 MISC CONFIRM
calibre-web — calibre-web	Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20.	2023-04-15	not yet calculated	CVE-2023-2106 CONFIRM MISC
ibos — ibos	A vulnerability, which was classified as critical, was found in IBOS 4.5.5. Affected is an unknown function of the file file/personal/del&op=recycle. The manipulation of the argument fids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-226110 is the identifier assigned to this vulnerability.	2023-04-15	not yet calculated	CVE-2023-2107 MISC MISC MISC
qualcom — snapdragon	Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.	2023-04-13	not yet calculated	CVE-2023-21630 MISC
elecom — wab-mat	WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service.	2023-04-11	not yet calculated	CVE-2023-22282 MISC MISC
wolt — wolt_delivery	Android App ‘Wolt Delivery: Food and more’ version 4.27.2 and earlier uses hard-coded credentials (API key for an external service), which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary.	2023-04-11	not yet calculated	CVE-2023-22429 MISC MISC
insyde — insydeh2o	An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM.	2023-04-11	not yet calculated	CVE-2023-22612 MISC MISC MISC
insyde — insydeh2o	An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption.	2023-04-11	not yet calculated	CVE-2023-22613 MISC MISC MISC
insyde — insydeh2o	An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler.	2023-04-11	not yet calculated	CVE-2023-22614 MISC MISC MISC
insyde — insydeh2o	An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM.	2023-04-11	not yet calculated	CVE-2023-22615 MISC MISC
insyde — insydeh2o	An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM.	2023-04-12	not yet calculated	CVE-2023-22616 MISC MISC MISC
securepoint — utm	An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall’s endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device’s authentication and get access to the administrative interface.	2023-04-12	not yet calculated	CVE-2023-22620 MISC MISC
fortinet — forticlientmac	A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade.	2023-04-11	not yet calculated	CVE-2023-22635 MISC
fortinet — fortios/fortiproxy	A url redirection to untrusted site (‘open redirect’) in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests.	2023-04-11	not yet calculated	CVE-2023-22641 MISC
fortinet — fortianalyzer/fortimanager	An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4.8 through 6.4.10 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and the remote FortiGuard server hosting outbreakalert ressources.	2023-04-11	not yet calculated	CVE-2023-22642 MISC
open_design_alliance — drawings_sdk	Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.	2023-04-15	not yet calculated	CVE-2023-22669 MISC
open_design_alliance — drawings_sdk	A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK before 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.	2023-04-15	not yet calculated	CVE-2023-22670 MISC
arm — mali_gpu_kernel	An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.	2023-04-11	not yet calculated	CVE-2023-22808 MISC
securepoint — utm	An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall’s endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used.	2023-04-12	not yet calculated	CVE-2023-22897 MISC MISC
tigergraph — enterprise_free_edition	An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access to an SSH private key. Any code that runs as the tigergraph user is able to read the SSH private key. With this, an attacker is granted password-less SSH access to all machines in the TigerGraph cluster.	2023-04-13	not yet calculated	CVE-2023-22948 MISC MISC
tigergraph — enterprise_free_edition	An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is logging of user credentials. All authenticated GSQL access requests are logged by TigerGraph in multiple places. Each request includes both the username and password of the user in an easily decodable base64 form. That could allow a TigerGraph administrator to effectively harvest usernames/passwords.	2023-04-14	not yet calculated	CVE-2023-22949 MISC MISC
tigergraph — enterprise_free_edition	An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.	2023-04-13	not yet calculated	CVE-2023-22950 MISC MISC
tigergraph — enterprise_free_edition	An issue was discovered in TigerGraph Enterprise Free Edition 3.x. It creates an authentication token for internal systems use. This token can be read from the configuration file. Using this token on the REST API provides an attacker with anonymous admin-level privileges on all REST API endpoints.	2023-04-13	not yet calculated	CVE-2023-22951 MISC MISC
snippet_box — snippet_box	Snippet-box 1.0.0 is vulnerable to Cross Site Scripting (XSS). Remote attackers can render arbitrary web script or HTML from the “Snippet code” form field.	2023-04-11	not yet calculated	CVE-2023-23277 MISC MISC MISC
seiko_espon — multiple_products	Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers/network interface via a web browser. According to SEIKO EPSON CORPORATION, it is also called as Remote Manager in some products. Web Config is pre-installed in some printers/network interface provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor.	2023-04-11	not yet calculated	CVE-2023-23572 MISC MISC
contec –conprosys_iot_gateway_products	Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131).	2023-04-11	not yet calculated	CVE-2023-23575 MISC MISC MISC MISC MISC
terminalfour — terminalfour	The Logback component in Terminalfour before 8.3.14.1 allows OS administrators to obtain sensitive information from application server logs when debug logging is enabled. The fixed versions are 8.2.18.7, 8.2.18.2.2, 8.3.11.1, and 8.3.14.1.	2023-04-12	not yet calculated	CVE-2023-23591 MISC MISC
lucl — lucl	LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js.	2023-04-11	not yet calculated	CVE-2023-24182 MISC MISC MISC MISC
buffalo — bs_gs_series	Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user’s web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier	2023-04-11	not yet calculated	CVE-2023-24464 MISC MISC
arista — eos	On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability.	2023-04-13	not yet calculated	CVE-2023-24509 MISC
arista — eos	On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system.	2023-04-12	not yet calculated	CVE-2023-24511 MISC
arista — cloudeos	On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.	2023-04-12	not yet calculated	CVE-2023-24513 MISC
buffalo — bs_gs_series	Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier	2023-04-11	not yet calculated	CVE-2023-24544 MISC MISC
arista — cloudeos	On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.	2023-04-12	not yet calculated	CVE-2023-24545 MISC
qt — qt	Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.	2023-04-15	not yet calculated	CVE-2023-24607 MISC MISC MISC MISC MISC MISC MISC
aten — pe8108	Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have access to other users’ outlets.	2023-04-11	not yet calculated	CVE-2023-25409 MISC
mitel — micollab	A vulnerability in the web conferencing component of Mitel MiCollab through 9.6.2.9 could allow an unauthenticated attacker to download a shared file via a crafted request – including the exact path and filename – due to improper authentication control. A successful exploit could allow access to sensitive information.	2023-04-14	not yet calculated	CVE-2023-25597 CONFIRM
jtekt_electronics_corporation — screen_creator_advance_2	Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer (CWE-119) due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project file, information may be disclosed and/or arbitrary code may be executed.	2023-04-11	not yet calculated	CVE-2023-25755 MISC MISC
haproxy — haproxy	HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user’s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.	2023-04-11	not yet calculated	CVE-2023-25950 MISC MISC MISC
kyocera — mobile_print	KYOCERA Mobile Print’ v3.2.0.230119 and earlier, ‘UTAX/TA MobilePrint’ v3.2.0.230119 and earlier, and ‘Olivetti Mobile Print’ v3.2.0.230119 and earlier are vulnerable to improper intent handling. When a malicious app is installed on the victim user’s Android device, the app may send an intent and direct the affected app to download malicious files or apps to the device without notification.	2023-04-13	not yet calculated	CVE-2023-25954 MISC MISC MISC MISC MISC
ministry_of land_infrastructure_transport_and_tourism_japan — national_land_numerical _information_data_conversion	National land numerical information data conversion tool all versions improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker.	2023-04-11	not yet calculated	CVE-2023-25955 MISC MISC
lexmark — multiple_products	Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type.	2023-04-10	not yet calculated	CVE-2023-26063 MISC MISC
lexmark — multiple_products	Certain Lexmark devices through 2023-02-19 have an Out-of-bounds Write.	2023-04-10	not yet calculated	CVE-2023-26064 MISC MISC
lexmark — multiple_products	Certain Lexmark devices through 2023-02-19 have an Integer Overflow.	2023-04-10	not yet calculated	CVE-2023-26065 MISC MISC
lexmark — multiple_products	Certain Lexmark devices through 2023-02-19 have Improper Validation of an Array Index.	2023-04-10	not yet calculated	CVE-2023-26066 MISC MISC
lexmark — multiple_products	Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).	2023-04-10	not yet calculated	CVE-2023-26067 MISC MISC
lexmark — multiple_products	Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).	2023-04-10	not yet calculated	CVE-2023-26068 MISC MISC
lexmark — multiple_products	Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4).	2023-04-10	not yet calculated	CVE-2023-26069 MISC MISC
lexmark — multiple_products	Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4).	2023-04-10	not yet calculated	CVE-2023-26070 MISC MISC
xxl-job-admin — xxl-job-admin	This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update.	2023-04-10	not yet calculated	CVE-2023-26120 MISC
safe-eval — safe-eval	All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution (“RCE”). Vulnerable functions: __defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().	2023-04-11	not yet calculated	CVE-2023-26122 MISC MISC MISC MISC MISC MISC MISC MISC
raylib_for_web_platform — raylib_for_web_platform	Versions of the package raysan5/raylib before 4.5.0 are vulnerable to Cross-site Scripting (XSS) such that the SetClipboardText API does not properly escape the ‘ character, allowing attacker-controlled input to break out of the string and execute arbitrary JavaScript via emscripten_run_script function. Note: This vulnerability is present only when compiling raylib for PLATFORM_WEB. All the other Desktop/Mobile/Embedded platforms are not affected.	2023-04-14	not yet calculated	CVE-2023-26123 MISC MISC MISC MISC
oxid_esales — eshop	OXID eShop 6.2.x before 6.4.4 and 6.5.x before 6.5.2 allows session hijacking, leading to partial access of a customer’s account by an attacker, due to an improper check of the user agent.	2023-04-11	not yet calculated	CVE-2023-26260 MISC
talend — data_catalog	All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML External Entity (XXE) attacks in the /MIMBWebServices/license endpoint of the remote harvesting server.	2023-04-13	not yet calculated	CVE-2023-26263 MISC MISC
talend — data_catalog	All versions of Talend Data Catalog before 8.0-20220907 are potentially vulnerable to XML External Entity (XXE) attacks in the license parsing code.	2023-04-13	not yet calculated	CVE-2023-26264 MISC MISC
strongswan — strongswan	strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named “public” for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrusted client certificate during EAP-TLS. A server is affected only if it loads plugins that implement TLS-based EAP methods (EAP-TLS, EAP-TTLS, EAP-PEAP, or EAP-TNC). This is fixed in 5.9.10.	2023-04-15	not yet calculated	CVE-2023-26463 MISC MISC
pegasystems — rpa_synchronization_engine	A man in the middle can redirect traffic to a malicious server in a compromised configuration.	2023-04-10	not yet calculated	CVE-2023-26467 MISC
libntp/mstolfp.c — libntp/mstolfp.c	mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.	2023-04-11	not yet calculated	CVE-2023-26551 MISC MISC
libntp/mstolfp.c — libntp/mstolfp.c	mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.	2023-04-11	not yet calculated	CVE-2023-26552 MISC MISC
libntp/mstolfp.c — libntp/mstolfp.c	mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.	2023-04-11	not yet calculated	CVE-2023-26553 MISC MISC
libntp/mstolfp.c — libntp/mstolfp.c	mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a ‘\0’ character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.	2023-04-11	not yet calculated	CVE-2023-26554 MISC MISC
ntpd/refclock_palisade.c — ntpd/refclock_palisade.c	praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.	2023-04-11	not yet calculated	CVE-2023-26555 MISC MISC
oxygen — xml_web_author	A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. (XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build 2023021715 are also fixed versions.)	2023-04-14	not yet calculated	CVE-2023-26559 MISC MISC
buffalo — bs_gsl_and _bs_gs_series	Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier	2023-04-11	not yet calculated	CVE-2023-26588 MISC MISC
yokogawa_electric_corporation — centun_series	CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. If an attacker who can login or access the computer where the affected product is installed tampers the password file stored in the computer, the user privilege which CENTUM managed may be escalated. As a result, the control system may be operated with the escalated user privilege. To exploit this vulnerability, the following prerequisites must be met: (1)An attacker has obtained user credentials where the affected product is installed, (2)CENTUM Authentication Mode is used for user authentication when CENTUM VP is used. The affected products and versions are as follows: CENTUM CS 1000, CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class) R2.01.00 to R3.09.50, CENTUM VP (Including CENTUM VP Entry Class) R4.01.00 to R4.03.00, R5.01.00 to R5.04.20, and R6.01.00 and later, B/M9000 CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R7.04.51 and R8.01.01 and later	2023-04-11	not yet calculated	CVE-2023-26593 MISC MISC
revive — adserver	The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks.	2023-04-14	not yet calculated	CVE-2023-26756 MISC MISC
sourcecodester — sales_tracker_management_system	An issue found in Sales Tracker Management System v.1.0 allows a remote attacker to access sensitive information via sales.php component of the admin/reports endpoint.	2023-04-10	not yet calculated	CVE-2023-26774 MISC MISC MISC MISC
textpattern — textpattern	An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows attackers to execute arbitrary code by uploading a crafted PHP file.	2023-04-12	not yet calculated	CVE-2023-26852 MISC MISC MISC
libyang — libyang	libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.	2023-04-11	not yet calculated	CVE-2023-26917 MISC
diasoft — file_replication_pro	Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.	2023-04-14	not yet calculated	CVE-2023-26918 MISC MISC
hyper_http2_rst_stream_frames — hyper_http2_rst_stream_frames	An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS).	2023-04-11	not yet calculated	CVE-2023-26964 MISC
atropim — atropim	Atropim 1.5.26 is vulnerable to Directory Traversal.	2023-04-14	not yet calculated	CVE-2023-26969 MISC
pax_technology –pax_a920_prodroid	PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process.	2023-04-14	not yet calculated	CVE-2023-26980 MISC MISC MISC
pretashop — advancedpopupcreator	Prestashop advancedpopupcreator v1.1.21 to v1.1.24 was discovered to contain a SQL injection vulnerability via the component AdvancedPopup::getPopups().	2023-04-12	not yet calculated	CVE-2023-27032 MISC MISC
gdidees — cms	GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php.	2023-04-11	not yet calculated	CVE-2023-27179 MISC MISC MISC
dualspace — super_security	An issue found in DUALSPACE Super Security v.2.3.7 allows an attacker to cause a denial of service via the key_wifi_safe_net_check_url, KEY_Cirus_scan_whitelist and KEY_AD_NEW_USER_AVOID_TIME parameters.	2023-04-11	not yet calculated	CVE-2023-27192 MISC MISC MISC
dualspace — dualspace	An issue found in DUALSPACE v.1.1.3 allows a local attacker to gain privileges via the key_ad_new_user_avoid_time field.	2023-04-14	not yet calculated	CVE-2023-27193 MISC MISC MISC
d-link — dsl-3782	An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page.	2023-04-12	not yet calculated	CVE-2023-27216 MISC MISC MISC
contec –conprosys_iot_gateway_products	Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131).	2023-04-11	not yet calculated	CVE-2023-27389 MISC MISC MISC MISC MISC
sap — solution_manager_diagnostics_agent	Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent – version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows. On successful exploitation, the attacker can completely compromise confidentiality, integrity and availability of the system.	2023-04-11	not yet calculated	CVE-2023-27497 MISC MISC
sap — gui_for_html	SAP GUI for HTML – versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user’s browser. The information from the victim’s web browser can either be modified or read and sent to the attacker.	2023-04-11	not yet calculated	CVE-2023-27499 MISC MISC
seiko_epson — multiple_products	Cross-site request forgery (CSRF) vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers/network interface via a web browser. According to SEIKO EPSON CORPORATION, it is also called as Remote Manager in some products. Web Config is pre-installed in some printers/network interface provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor.	2023-04-11	not yet calculated	CVE-2023-27520 MISC MISC
commscope_arris — dg3450	An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The troubleshooting_logs_download.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files.	2023-04-15	not yet calculated	CVE-2023-27571 MISC MISC MISC
commscope_arris — dg3450	An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability was discovered in the https_redirect.php web page via the page parameter.	2023-04-15	not yet calculated	CVE-2023-27572 MISC MISC MISC
poweramp — audioplayer	An issue found in POWERAMP 925-bundle-play and Poweramp 954-uni allows a remote attacker to cause a denial of service via the Rescan button in Queue and Select Folders button in Library	2023-04-14	not yet calculated	CVE-2023-27643 MISC MISC MISC
poweramp — audioplayer	An issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQ preset parameters.	2023-04-11	not yet calculated	CVE-2023-27645 MISC MISC MISC
dualspace — lock_master	An issue found in DUALSPACE Lock Master v.2.2.4 allows a local attacker to cause a denial of service or gain sensitive information via the com.ludashi.superlock.util.pref.SharedPrefProviderEntryMethod: insert of the android.net.Uri.insert method.	2023-04-14	not yet calculated	CVE-2023-27647 MISC MISC MISC
t-me studios — change_color_of_keypad	Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage.	2023-04-14	not yet calculated	CVE-2023-27648 MISC MISC MISC
trusted_tools — free_music	SQL injection vulnerability found in Trusted Tools Free Music v.2.1.0.47, v.2.0.0.46, v.1.9.1.45, v.1.8.2.43 allows a remote attacker to cause a denial of service via the search history table	2023-04-14	not yet calculated	CVE-2023-27649 MISC MISC MISC
ego_studio — superclean	An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges via the update_info field of the _default_.xml file.	2023-04-14	not yet calculated	CVE-2023-27651 MISC MISC MISC
who_app — who_app	An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a denial of service via the SharedPreference files.	2023-04-14	not yet calculated	CVE-2023-27653 MISC MISC MISC
who_app — who_app	An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a escalation of privileges via the TTMultiProvider component.	2023-04-14	not yet calculated	CVE-2023-27654 MISC MISC MISC
sourcecodester — auto_dealer_management_system	Auto Dealer Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the name parameter at /classes/SystemSettings.php?f=update_settings.	2023-04-14	not yet calculated	CVE-2023-27666 MISC MISC MISC
sourcecodester — auto_dealer_management_system	Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability.	2023-04-13	not yet calculated	CVE-2023-27667 MISC MISC MISC
pikpak_for_android — pikpak_for_android	The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug interface.	2023-04-12	not yet calculated	CVE-2023-27703 MISC MISC
void_tools — void_tools	Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service (ReDoS).	2023-04-12	not yet calculated	CVE-2023-27704 MISC MISC MISC
d-link — dir878	D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-09	not yet calculated	CVE-2023-27718 MISC MISC
d-link — dir878	D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.	2023-04-09	not yet calculated	CVE-2023-27719 MISC MISC
nginx — njs	Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h.	2023-04-09	not yet calculated	CVE-2023-27727 MISC
nginx — njs	Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c.	2023-04-09	not yet calculated	CVE-2023-27728 MISC
nginx — njs	Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njs_vmcode_return at src/njs_vmcode.c.	2023-04-09	not yet calculated	CVE-2023-27729 MISC
nginx — njs	Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c.	2023-04-09	not yet calculated	CVE-2023-27730 MISC
blackvue — dr750-2ch	BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted.	2023-04-13	not yet calculated	CVE-2023-27746 MISC MISC MISC MISC
blackvue — dr750-2ch	BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authentication in its web server. This vulnerability allows attackers to access sensitive information such as configurations and recordings.	2023-04-13	not yet calculated	CVE-2023-27747 MISC MISC MISC MISC
blackvue — dr750-2ch	BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded firmware. This can allow attackers to upload crafted firmware which contains backdoors and enables arbitrary code execution.	2023-04-13	not yet calculated	CVE-2023-27748 MISC MISC MISC MISC
libiec61850 — libiec61850	libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c.	2023-04-13	not yet calculated	CVE-2023-27772 MISC MISC
liveaction — livesp	A stored HTML injection vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary code via a crafted payload.	2023-04-12	not yet calculated	CVE-2023-27775 MISC MISC MISC
alo — am_presencia	AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user parameter in the login form.	2023-04-13	not yet calculated	CVE-2023-27779 MISC MISC MISC MISC
bloofox — bloofox	bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the delete_file() function.	2023-04-13	not yet calculated	CVE-2023-27812 MISC MISC MISC MISC
seowonintech — multiple_products	SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem() function.	2023-04-12	not yet calculated	CVE-2023-27826 MISC MISC MISC
tightvnc — tightvnc	TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the backend as a high-privileges account.	2023-04-12	not yet calculated	CVE-2023-27830 MISC MISC MISC
autodesk — autocad	A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.	2023-04-14	not yet calculated	CVE-2023-27912 MISC
autodesk — autocad	A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process.	2023-04-14	not yet calculated	CVE-2023-27913 MISC
autodesk — autocad	A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.	2023-04-14	not yet calculated	CVE-2023-27914 MISC
autodesk — autocad	A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.	2023-04-14	not yet calculated	CVE-2023-27915 MISC
contec –conprosys_iot_gateway_products	OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131).	2023-04-11	not yet calculated	CVE-2023-27917 MISC MISC MISC MISC MISC
fortinet — fortisoar	A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via a crafted payload.	2023-04-11	not yet calculated	CVE-2023-27995 MISC
dell — ppdm	Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.	2023-04-11	not yet calculated	CVE-2023-28062 MISC
hewlett_packard_enterprise — oneview_global_dashboard	An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials	2023-04-14	not yet calculated	CVE-2023-28085 MISC
hewlett_packard_enterprise — oneview_virtual_appliance	HPE OneView virtual appliance “Migrate server hardware” option may expose sensitive information in an HPE OneView support dump	2023-04-14	not yet calculated	CVE-2023-28091 MISC
pegasystems — rpa:_synchronization_engine	A user with a compromised configuration can start an unsigned binary as a service.	2023-04-10	not yet calculated	CVE-2023-28093 MISC
wordpress — wordpress	An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated.	2023-04-12	not yet calculated	CVE-2023-28121 MISC
tp-link_corporation_limited — t2600g-28sq	TP-Link L2 switch T2600G-28SQ firmware versions prior to ‘T2600G-28SQ(UN)_V1_1.0.6 Build 20230227’ uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential information for the affected device may be obtained.	2023-04-11	not yet calculated	CVE-2023-28368 MISC MISC
connman — connman	client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.	2023-04-12	not yet calculated	CVE-2023-28488 MISC MISC
hikvision — hybrid_san/cluster_storage_products	Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.	2023-04-11	not yet calculated	CVE-2023-28808 MISC
flask-appbuilder — flask-appbuilder	Flask-AppBuilder versions before 4.3.0 lack rate limiting which can allow an attacker to brute-force user credentials. Version 4.3.0 includes the ability to enable rate limiting using `AUTH_RATE_LIMITED = True`, `RATELIMIT_ENABLED = True`, and setting an `AUTH_RATE_LIMIT`.	2023-04-10	not yet calculated	CVE-2023-29005 MISC MISC
go — go	Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of service. This issue has been patched in versions 2.9.10 and 2.10.0-rc2.	2023-04-14	not yet calculated	CVE-2023-29013 MISC MISC MISC MISC
open-feature — open-feature-operator	The OpenFeature Operator allows users to expose feature flags to applications. Assuming the pre-existence of a vulnerability that allows for arbitrary code execution, an attacker could leverage the lax permissions configured on `open-feature-operator-controller-manager` to escalate the privileges of any SA in the cluster. The increased privileges could be used to modify cluster state, leading to DoS, or read sensitive data, including secrets. Version 0.2.32 mitigates this issue by restricting the resources the `open-feature-operator-controller-manager` can modify.	2023-04-14	not yet calculated	CVE-2023-29018 MISC MISC
autodesk — autocad	A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.	2023-04-14	not yet calculated	CVE-2023-29067 MISC
zoho — manageengine_admanager_plus	Zoho ManageEngine ADManager Plus through 7180 allows for authenticated users to exploit command injection via Proxy settings.	2023-04-13	not yet calculated	CVE-2023-29084 MISC MISC
exynos — multiple_products	An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line.	2023-04-14	not yet calculated	CVE-2023-29085 MISC
exynos — multiple_products	An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header.	2023-04-14	not yet calculated	CVE-2023-29086 MISC
exynos — multiple_products	An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After header.	2023-04-14	not yet calculated	CVE-2023-29087 MISC
exynos — multiple_products	An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Session-Expires header.	2023-04-14	not yet calculated	CVE-2023-29088 MISC
exynos — multiple_products	An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages.	2023-04-14	not yet calculated	CVE-2023-29089 MISC
exynos — multiple_products	An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Via header.	2023-04-14	not yet calculated	CVE-2023-29090 MISC
exynos — multiple_products	An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI.	2023-04-14	not yet calculated	CVE-2023-29091 MISC
sap — abap_platform/sap_web_dispatcher	The IP filter in ABAP Platform and SAP Web Dispatcher – versions WEBDISP 7.85, 7.89, KERNEL 7.85, 7.89, 7.91, may be vulnerable by erroneous IP netmask handling. This may enable access to backend applications from unwanted sources.	2023-04-11	not yet calculated	CVE-2023-29108 MISC MISC
sap — application_interface_framework	The SAP Application Interface Framework (Message Dashboard) – versions AIF 703, AIFX 702, S4CORE 101, SAP_BASIS 755, 756, SAP_ABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints List. Once the victim opens the downloaded Excel document, the formula will be executed. As a result, an attacker can cause limited impact on the confidentiality and integrity of the application.	2023-04-11	not yet calculated	CVE-2023-29109 MISC MISC
sap — application_interface_framework	The SAP Application Interface (Message Dashboard) – versions AIF 703, AIFX 702, S4CORE 100, 101, SAP_BASIS 755, 756, SAP_ABA 75C, 75D, 75E, application allows the usage HTML tags. An authorized attacker can use some of the basic HTML codes such as heading, basic formatting and lists, then an attacker can inject images from the foreign domains. After successful exploitations, an attacker can cause limited impact on the confidentiality and integrity of the application.	2023-04-11	not yet calculated	CVE-2023-29110 MISC MISC
sap — application_interface_framework	The SAP AIF (ODATA service) – versions 755, 756, discloses more detailed information than is required. An authorized attacker can use the collected information possibly to exploit the component. As a result, an attacker can cause a low impact on the confidentiality of the application.	2023-04-11	not yet calculated	CVE-2023-29111 MISC MISC
sap — application_interface_framework	The SAP Application Interface (Message Monitoring) – versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limited impact on the confidentiality and integrity of the application.	2023-04-11	not yet calculated	CVE-2023-29112 MISC MISC
irssi — irssi	Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line.	2023-04-14	not yet calculated	CVE-2023-29132 MISC MISC
sap — netweaver_as_for_abap	SAP NetWeaver AS for ABAP (Business Server Pages) – versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters in certain circumstances which can consume the server’s resources sufficiently to make it unavailable over the network without any user interaction.	2023-04-11	not yet calculated	CVE-2023-29185 MISC MISC
sap — netweaver	In SAP NetWeaver (BI CONT ADDON) – versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files can be overwritten making the system unavailable.	2023-04-11	not yet calculated	CVE-2023-29186 MISC MISC
sap — sapsetup	A Windows user with basic user authorization can exploit a DLL hijacking attack in SapSetup (Software Installation Program) – version 9.0, resulting in a privilege escalation running code as administrator of the very same Windows PC. A successful attack depends on various preconditions beyond the attacker’s control.	2023-04-11	not yet calculated	CVE-2023-29187 MISC MISC
sap — crm	SAP CRM (WebClient UI) – versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This application is exposed over the network and successful exploitation can lead to exposure of form fields	2023-04-11	not yet calculated	CVE-2023-29189 MISC MISC
spicedb — spicedb	SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. The `spicedb serve` command contains a flag named `–grpc-preshared-key` which is used to protect the gRPC API from being accessed by unauthorized requests. The values of this flag are to be considered sensitive, secret data. The `/debug/pprof/cmdline` endpoint served by the metrics service (defaulting running on port `9090`) reveals the command-line flags provided for debugging purposes. If a password is set via the `–grpc-preshared-key` then the key is revealed by this endpoint along with any other flags provided to the SpiceDB binary. This issue has been fixed in version 1.19.1. ### Impact All deployments abiding by the recommended best practices for production usage are NOT affected: – Authzed’s SpiceDB Serverless – Authzed’s SpiceDB Dedicated – SpiceDB Operator Users configuring SpiceDB via environment variables are NOT affected. Users MAY be affected if they expose their metrics port to an untrusted network and are configuring `–grpc-preshared-key` via command-line flag. ### Patches TODO ### Workarounds To workaround this issue you can do one of the following: – Configure the preshared key via an environment variable (e.g. `SPICEDB_GRPC_PRESHARED_KEY=yoursecret spicedb serve`) – Reconfigure the `–metrics-addr` flag to bind to a trusted network (e.g. `–metrics-addr=localhost:9090`) – Disable the metrics service via the flag (e.g. `–metrics-enabled=false`) – Adopt one of the recommended deployment models: [Authzed’s managed services](https://authzed.com/pricing) or the [SpiceDB Operator](https://github.com/authzed/spicedb-operator) ### References – [GitHub Security Advisory issued for SpiceDB](https://github.com/authzed/spicedb/security/advisories/GHSA-cjr9-mr35-7xh6) – [Go issue #22085](https://github.com/golang/go/issues/22085) for documenting the risks of exposing pprof to the internet – [Go issue #42834](https://github.com/golang/go/issues/42834) discusses preventing pprof registration to the default serve mux – [semgrep rule go.lang.security.audit.net.pprof.pprof-debug-exposure](https://semgrep.dev/r?q=go.lang.security.audit.net.pprof) checks for a variation of this issue ### Credit We’d like to thank Amit Laish, a security researcher at GE Vernova for responsibly disclosing this vulnerability.	2023-04-14	not yet calculated	CVE-2023-29193 MISC MISC MISC
vitessio — vitess	Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing `/` characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces using `vtctldclient GetKeyspaces` will also return an error. Note that all other keyspaces can still be administered using the CLI (vtctldclient). This issue is fixed in version 16.0.1. As a workaround, delete the offending keyspace using a CLI client (vtctldclient).	2023-04-14	not yet calculated	CVE-2023-29194 MISC MISC MISC
vm2_project — vm2	There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass `handleException()` and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.16` of `vm2`.	2023-04-14	not yet calculated	CVE-2023-29199 MISC MISC MISC MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. The “restricted” mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1, only escaped `<script>` and `<style>`-tags but neither attributes that can be used to inject scripts nor other dangerous HTML tags like `<iframe>`. As a consequence, any code relying on this “restricted” mode for security is vulnerable to JavaScript injection (“cross-site scripting”/XSS). When a privileged user with programming rights visits such a comment in XWiki, the malicious JavaScript code is executed in the context of the user session. This allows server-side code execution with programming rights, impacting the confidentiality, integrity and availability of the XWiki instance. This problem has been patched in XWiki 14.6 RC1 with the introduction of a filter with allowed HTML elements and attributes that is enabled in restricted mode. There are no known workarounds apart from upgrading to a version including the fix.	2023-04-15	not yet calculated	CVE-2023-29201 MISC MISC MISC MISC MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. The RSS macro that is bundled in XWiki included the content of the feed items without any cleaning in the HTML output when the parameter `content` was set to `true`. This allowed arbitrary HTML and in particular also JavaScript injection and thus cross-site scripting (XSS) by specifying an RSS feed with malicious content. With the interaction of a user with programming rights, this could be used to execute arbitrary actions in the wiki, including privilege escalation, remote code execution, information disclosure, modifying or deleting content and sabotaging the wiki. The issue has been patched in XWiki 14.6 RC1, the content of the feed is now properly cleaned before being displayed. As a workaround, if the RSS macro isn’t used in the wiki, the macro can be uninstalled by deleting `WEB-INF/lib/xwiki-platform-rendering-macro-rss-XX.jar`, where `XX` is XWiki’s version, in the web application’s directory.	2023-04-15	not yet calculated	CVE-2023-29202 MISC MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. It’s possible to list some users who are normally not viewable from subwiki by requesting users on a subwiki which allows only global users with `uorgsuggest.vm`. This issue only concerns hidden users from main wiki. Note that the disclosed information are the username and the first and last name of users, no other information is leaked. The problem has been patched on XWiki 13.10.8, 14.4.3 and 14.7RC1.	2023-04-15	not yet calculated	CVE-2023-29203 MISC MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. It is possible to bypass the existing security measures put in place to avoid open redirect by using a redirect such as `//mydomain.com` (i.e. omitting the `http:`). It was also possible to bypass it when using URL such as `http:/mydomain.com`. The problem has been patched on XWiki 13.10.10, 14.4.4 and 14.8RC1.	2023-04-15	not yet calculated	CVE-2023-29204 MISC MISC MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be particularly dangerous since in a standard wiki, any user is able to use the html macro directly in their own user profile page. The problem has been patched in XWiki 14.8RC1. The patch involves the HTML macros and are systematically cleaned up whenever the user does not have the script correct.	2023-04-15	not yet calculated	CVE-2023-29205 MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. There was no check in the author of a JavaScript xobject or StyleSheet xobject added in a XWiki document, so until now it was possible for a user having only Edit Right to create such object and to craft a script allowing to perform some operations when executing by a user with appropriate rights. This has been patched in XWiki 14.9-rc-1 by only executing the script if the author of it has Script rights.	2023-04-15	not yet calculated	CVE-2023-29206 MISC MISC MISC MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. The Livetable Macro wasn’t properly sanitizing column names, thus allowing the insertion of raw HTML code including JavaScript. This vulnerability was also exploitable via the Documents Macro that is included since XWiki 3.5M1 and doesn’t require script rights, this can be demonstrated with the syntax `{{documents id=”example” count=”5″ actions=”false” columns=”doc.title, before<script>alert(1)</script>after”/}}`. Therefore, this can also be exploited by users without script right and in comments. With the interaction of a user with more rights, this could be used to execute arbitrary actions in the wiki, including privilege escalation, remote code execution, information disclosure, modifying or deleting content. This has been patched in XWiki 14.9, 14.4.6, and 13.10.10.	2023-04-15	not yet calculated	CVE-2023-29207 MISC MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. Rights added to a document are not taken into account for viewing it once it’s deleted. Note that this vulnerability only impact deleted documents that where containing view rights: the view rights provided on a space of a deleted document are properly checked. The problem has been patched in XWiki 14.10 by checking the rights of current user: only admin and deleter of the document are allowed to view it.	2023-04-15	not yet calculated	CVE-2023-29208 MISC MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents including the legacy notification activity macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the macro parameters of the legacy notification activity macro. This macro is installed by default in XWiki. The vulnerability can be exploited via every wiki page that is editable including the user’s profile, but also with just view rights using the HTMLConverter that is part of the CKEditor integration which is bundled with XWiki. The vulnerability has been patched in XWiki 13.10.11, 14.4.7 and 14.10.	2023-04-15	not yet calculated	CVE-2023-29209 MISC MISC MISC
xwiki — xwiki_platform	XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents including the notification preferences macros can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the user parameter of the macro that provide the notification filters. These macros are used in the user profiles and thus installed by default in XWiki. The vulnerability has been patched in XWiki 13.10.11, 14.4.7 and 14.10.	2023-04-15	not yet calculated	CVE-2023-29210 MISC MISC MISC
shadow — shadow	In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that “cat /etc/passwd” shows a rogue user account.	2023-04-14	not yet calculated	CVE-2023-29383 MISC MISC MISC MISC
ncurses — ncurses	ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.	2023-04-14	not yet calculated	CVE-2023-29491 MISC MISC MISC
novi_survey — novi_survey	Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data.	2023-04-11	not yet calculated	CVE-2023-29492 CONFIRM
matrix_org — matrix_js_sdk	matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker will not appear to be participating in the call. This attack is possible because matrix-js-sdk’s group call implementation accepts incoming direct calls from other users, even if they have not yet declared intent to participate in the group call, as a means of resolving a race condition in call setup. Affected versions do not restrict access to the user’s outbound media in this case. Legacy 1:1 calls are unaffected. This is fixed in matrix-js-sdk 24.1.0. As a workaround, users may hold group calls in private rooms where only the exact users who are expected to participate in the call are present.	2023-04-14	not yet calculated	CVE-2023-29529 MISC MISC MISC
cesanta_mjs — cesanta_mjs	Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).	2023-04-14	not yet calculated	CVE-2023-29569 MISC MISC
cesanta_mjs — cesanta_mjs	Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS).	2023-04-12	not yet calculated	CVE-2023-29571 MISC MISC
bento — bento	Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component.	2023-04-13	not yet calculated	CVE-2023-29573 MISC MISC
bento — bento	Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component.	2023-04-12	not yet calculated	CVE-2023-29574 MISC MISC
bento — bento	Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h.	2023-04-11	not yet calculated	CVE-2023-29576 MISC MISC
yasm — yasm	yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.	2023-04-12	not yet calculated	CVE-2023-29580 MISC MISC
yasm — yasm	yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function delete_Token at /nasm/nasm-pp.c.	2023-04-12	not yet calculated	CVE-2023-29581 MISC MISC
mp4v2 — mp4v2	mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp.	2023-04-14	not yet calculated	CVE-2023-29584 MISC MISC
bloofox — bloofox	bloofox v0.5.2 was discovered to contain a SQL injection vulnerability via the component /index.php?mode=content&page=pages&action=edit&eid=1.	2023-04-13	not yet calculated	CVE-2023-29597 MISC
lmxcms — lmxcms	lmxcms v1.4.1 was discovered to contain a SQL injection vulnerability via the setbook parameter at index.php.	2023-04-13	not yet calculated	CVE-2023-29598 MISC
purchase_order_management — purchase_order_management	Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.	2023-04-14	not yet calculated	CVE-2023-29621 MISC MISC
purchase_order_management — purchase_order_management	Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php.	2023-04-14	not yet calculated	CVE-2023-29622 MISC MISC
purchase_order_management — purchase_order_management	Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php.	2023-04-14	not yet calculated	CVE-2023-29623 MISC MISC
employee_performance_evaluation_system — employee_performance_evaluation_system	Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.	2023-04-14	not yet calculated	CVE-2023-29625 MISC
sourcecodester — yoga_class_registration_system	Yoga Class Registration System 1.0 was discovered to contain a SQL injection vulnerability via the cid parameter at /admin/login.php.	2023-04-14	not yet calculated	CVE-2023-29626 MISC
sourcecodester — online_pizza_ordering	Online Pizza Ordering v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.	2023-04-14	not yet calculated	CVE-2023-29627 MISC MISC
totolink — x18	TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function.	2023-04-14	not yet calculated	CVE-2023-29798 MISC
totolink — x18	TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function.	2023-04-14	not yet calculated	CVE-2023-29799 MISC
totolink — x18	TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function.	2023-04-14	not yet calculated	CVE-2023-29800 MISC
totolink — x18	TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain multiple command injection vulnerabilities via the rtLogEnabled and rtLogServer parameters in the setSyslogCfg function.	2023-04-14	not yet calculated	CVE-2023-29801 MISC
totolink — x18	TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function.	2023-04-14	not yet calculated	CVE-2023-29802 MISC
totolink — x18	TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the pid parameter in the disconnectVPN function.	2023-04-14	not yet calculated	CVE-2023-29803 MISC
iodata — wfs-sr03	WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the sys_smb_pwdmod function.	2023-04-14	not yet calculated	CVE-2023-29804 MISC
iodata — wfs-sr03	WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the pro_stor_canceltrans_handler_part_19 function.	2023-04-14	not yet calculated	CVE-2023-29805 MISC
aerocms — aerocms	AeroCMS v0.0.1 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the comment_author and comment_content parameters at /post.php. These vulnerabilities allow attackers to execute arbitrary web scripts or HTML via a crafted payload.	2023-04-14	not yet calculated	CVE-2023-29847 MISC
slims — bulian	SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user’s geolocation and device information.	2023-04-14	not yet calculated	CVE-2023-29850 MISC
redpanda — rpk	rpk in Redpanda before 23.1.2 mishandles the redpanda.rpc_server_tls field, leading to (for example) situations in which there is a data type mismatch that cannot be automatically fixed by rpk, and instead a user must reconfigure (while a cluster is turned off) in order to have TLS on broker RPC ports. NOTE: the fix was also backported to the 22.2 and 22.3 branches.	2023-04-08	not yet calculated	CVE-2023-30450 MISC MISC MISC MISC MISC
smartptt — scada	SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default).	2023-04-14	not yet calculated	CVE-2023-30459 MISC MISC
apache — inlong	Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the “orderType” parameter and the ordering of the returned content using an SQL injection attack, an attacker can extract the username of the user with ID 1 from the “user” table, one character at a time. Users are advised to upgrade to Apache InLong’s 1.6.0 or cherry-pick [1] to solve it. https://programmer.help/blogs/jdbc-deserialization-vulnerability-learning.html [1] https://github.com/apache/inlong/issues/7529 https://github.com/apache/inlong/issues/7529	2023-04-11	not yet calculated	CVE-2023-30465 MISC MISC
cubefs — cubefs	CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret.	2023-04-12	not yet calculated	CVE-2023-30512 MISC
jenkins — kubernetes_plugin	Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.	2023-04-12	not yet calculated	CVE-2023-30513 MISC MISC
jenkins — azure_key_vault_plugin	Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.	2023-04-12	not yet calculated	CVE-2023-30514 MISC MISC
jenkins — thycotic_devops_secrets_vault_plugin	Jenkins Thycotic DevOps Secrets Vault Plugin 1.0.0 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.	2023-04-12	not yet calculated	CVE-2023-30515 MISC MISC
jenkins — image_tag_parameter_plugin	Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image Tag Parameters that were created before 2.0 having SSL/TLS certificate validation disabled by default.	2023-04-12	not yet calculated	CVE-2023-30516 MISC MISC
jenkins — neuvector_vulnerability_scanner_plugin	Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner server.	2023-04-12	not yet calculated	CVE-2023-30517 MISC MISC
jenkins — thycotic_secret_server_plugin	A missing permission check in Jenkins Thycotic Secret Server Plugin 1.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.	2023-04-12	not yet calculated	CVE-2023-30518 MISC MISC
jenkins — quay.io_trigger_plugin	A missing permission check in Jenkins Quay.io trigger Plugin 0.1 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository.	2023-04-12	not yet calculated	CVE-2023-30519 MISC MISC
jenkins — quay.io_trigger_plugin	Jenkins Quay.io trigger Plugin 0.1 and earlier does not limit URL schemes for repository homepage URLs submitted via Quay.io trigger webhooks, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted Quay.io trigger webhook payloads.	2023-04-12	not yet calculated	CVE-2023-30520 MISC MISC
jenkins — assembla_merge_request_builder_plugin	A missing permission check in Jenkins Assembla merge request builder Plugin 1.1.13 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository.	2023-04-12	not yet calculated	CVE-2023-30521 MISC MISC
jenkins — fogbugz_plugin	A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a ‘jobname’ request parameter.	2023-04-12	not yet calculated	CVE-2023-30522 MISC MISC
jenkins — report_portal_plugin	Jenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.	2023-04-12	not yet calculated	CVE-2023-30523 MISC MISC
jenkins — report_portal_plugin	Jenkins Report Portal Plugin 0.5 and earlier does not mask ReportPortal access tokens displayed on the configuration form, increasing the potential for attackers to observe and capture them.	2023-04-12	not yet calculated	CVE-2023-30524 MISC MISC
jenkins — report_portal_plugin	A cross-site request forgery (CSRF) vulnerability in Jenkins Report Portal Plugin 0.5 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified bearer token authentication.	2023-04-12	not yet calculated	CVE-2023-30525 MISC MISC
jenkins — report_portal_plugin	A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication.	2023-04-12	not yet calculated	CVE-2023-30526 MISC MISC
jenkins — wso2_oauth_plugin	Jenkins WSO2 Oauth Plugin 1.0 and earlier stores the WSO2 Oauth client secret unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.	2023-04-12	not yet calculated	CVE-2023-30527 MISC MISC
jenkins — wso2_oauth_plugin	Jenkins WSO2 Oauth Plugin 1.0 and earlier does not mask the WSO2 Oauth client secret on the global configuration form, increasing the potential for attackers to observe and capture it.	2023-04-12	not yet calculated	CVE-2023-30528 MISC MISC
jenkins — lucene_serach_plugin	Jenkins Lucene-Search Plugin 387.v938a_ecb_f7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database.	2023-04-12	not yet calculated	CVE-2023-30529 MISC MISC
jenkins — consul_kv_builder_plugin	Jenkins Consul KV Builder Plugin 2.0.13 and earlier stores the HashiCorp Consul ACL Token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.	2023-04-12	not yet calculated	CVE-2023-30530 MISC MISC
jenkins — consul_kv_builder_plugin	Jenkins Consul KV Builder Plugin 2.0.13 and earlier does not mask the HashiCorp Consul ACL Token on the global configuration form, increasing the potential for attackers to observe and capture it.	2023-04-12	not yet calculated	CVE-2023-30531 MISC MISC
jenkins — turboscript_plugin	A missing permission check in Jenkins TurboScript Plugin 1.3 and earlier allows attackers with Item/Read permission to trigger builds of jobs corresponding to the attacker-specified repository.	2023-04-12	not yet calculated	CVE-2023-30532 MISC MISC
snowflake_jdbc — snowflake_jdbc	Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. The vulnerability was patched on March 17, 2023 as part of Snowflake JDBC driver Version 3.13.29. All users should immediately upgrade the Snowflake JDBC driver to the latest version: 3.13.29.	2023-04-14	not yet calculated	CVE-2023-30535 MISC MISC
dmidecode — dmidecode	Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.	2023-04-13	not yet calculated	CVE-2023-30630 MISC MISC MISC MISC
tikv — tikv	TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error) upon an attempt to get a timestamp from the Placement Driver.	2023-04-13	not yet calculated	CVE-2023-30635 MISC
tikv — tikv	TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error, with RpcStatus UNAVAILABLE for “not leader”) upon an attempt to start a node in a situation where the context deadline is exceeded	2023-04-13	not yet calculated	CVE-2023-30636 MISC
baidu — braft	Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. NOTE: installations with brpc-0.14.0 and later are unaffected.	2023-04-13	not yet calculated	CVE-2023-30637 MISC
atos — unify_openscape_sbc	Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands.	2023-04-14	not yet calculated	CVE-2023-30638 MISC MISC

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

To keep up to date follow us on the below channels.

US-CERT Vulnerability Summary for the Week of April 10, 2023

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

[INCRANSOM] – Ransomware Victim: United Bakery Equipment

[ARCUSMEDIA] – Ransomware Victim: Symantric IT

[ARCUSMEDIA] – Ransomware Victim: MGEMAL

HackerOne Bug Bounty Disclosure: dom-based-cookie-bomb-in-acronis-com-via-x-clickref-get-parameter-mr-medi

HackerOne Bug Bounty Disclosure: external-storage-global-credentials-returned-to-the-client-side-in-plaintext-tuyenee

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

You may have missed

[INCRANSOM] – Ransomware Victim: United Bakery Equipment

[ARCUSMEDIA] – Ransomware Victim: Symantric IT

[ARCUSMEDIA] – Ransomware Victim: MGEMAL

HackerOne Bug Bounty Disclosure: dom-based-cookie-bomb-in-acronis-com-via-x-clickref-get-parameter-mr-medi

HackerOne Bug Bounty Disclosure: external-storage-global-credentials-returned-to-the-client-side-in-plaintext-tuyenee