US-CERT Vulnerability Summary for the Week of August 14, 2023
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
High Vulnerabilities
Primary Vendor — Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
foldingathome — client_advanced_control | An issue was discovered in FoldingAtHome Client Advanced Control GUI before commit 9b619ae64443997948a36dda01b420578de1af77, allows remote attackers to execute arbitrary code via crafted payload to function parse_message in file Connection.py. | 2023-08-11 | 9.8 | CVE-2020-27544 MISC |
sourcecodester — school_faculty_scheduling_system | SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php. | 2023-08-11 | 9.8 | CVE-2020-36034 MISC MISC MISC |
bloofox — bloofoxcms | File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module. | 2023-08-11 | 9.8 | CVE-2020-36082 MISC |
hello.js_project — hello.js | Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function. | 2023-08-11 | 9.8 | CVE-2021-26505 MISC |
open-falcon — dashboard | An issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface. | 2023-08-11 | 9.8 | CVE-2021-27523 MISC |
ruoyi — ruoyi | An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges. | 2023-08-11 | 9.8 | CVE-2021-28411 MISC |
intel(r) — ethernet_controller_rdma_driver_for_linux | Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 2023-08-11 | 9.8 | CVE-2023-25775 MISC |
wordpress — wordpress | The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the ‘wp_abspath’ parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server. | 2023-08-12 | 9.8 | CVE-2023-3452 MISC MISC MISC |
novel-plus — novel-plus | novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability. | 2023-08-14 | 9.8 | CVE-2023-37847 MISC MISC MISC |
huawei — emui | Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges. | 2023-08-13 | 9.8 | CVE-2023-39405 MISC MISC |
schoolmate — schoolmate | Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php. | 2023-08-15 | 9.8 | CVE-2023-39850 MISC MISC |
veritas — netbackup_snapshot_manager | A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers. | 2023-08-11 | 9.8 | CVE-2023-40256 MISC |
gitpython — gitpython | GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439. | 2023-08-11 | 9.8 | CVE-2023-40267 MISC MISC |
intel(r) — manageability_commander | Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 2023-08-11 | 9.6 | CVE-2022-29887 MISC |
intel(r) — driver_support_assistant | Cross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may allow unauthenticated user to potentially enable escalation of privilege via network access. | 2023-08-11 | 9.6 | CVE-2023-27515 MISC |
zrlog — zrlog | Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service (DoS). | 2023-08-11 | 9.1 | CVE-2020-27514 MISC |
huawei — emui | Vulnerability of defects introduced in the design process in the Multi-Device Task Center. Successful exploitation of this vulnerability will cause the hopped app to bypass the app lock and reset the device that initiates the hop. | 2023-08-13 | 9.1 | CVE-2021-46895 MISC MISC |
huawei — emui | Vulnerability of configuration defects in the media module of certain products. Successful exploitation of this vulnerability may cause unauthorized access. | 2023-08-13 | 9.1 | CVE-2023-39385 MISC MISC |
huawei — emui | Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. | 2023-08-13 | 9.1 | CVE-2023-39398 MISC MISC |
huawei — emui | Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. | 2023-08-13 | 9.1 | CVE-2023-39399 MISC MISC |
huawei — emui | Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. | 2023-08-13 | 9.1 | CVE-2023-39400 MISC MISC |
huawei — emui | Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. | 2023-08-13 | 9.1 | CVE-2023-39401 MISC MISC |
huawei — emui | Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. | 2023-08-13 | 9.1 | CVE-2023-39402 MISC MISC |
huawei — emui | Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. | 2023-08-13 | 9.1 | CVE-2023-39403 MISC MISC |
yzmcms — yzmcms | Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint. | 2023-08-11 | 8.8 | CVE-2020-23595 MISC |
xuxueli — xxl-job | Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file. | 2023-08-11 | 8.8 | CVE-2020-24922 MISC |
thedaylightstudio — fuel_cms | SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items. | 2023-08-11 | 8.8 | CVE-2020-24950 MISC |
churchcrm — churchcrm | CSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file. | 2023-08-11 | 8.8 | CVE-2020-28848 MISC |
wuzhicms — wuzhicms | An issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php. | 2023-08-11 | 8.8 | CVE-2020-36037 MISC |
qpdf_project — qpdf | An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf. | 2023-08-11 | 8.8 | CVE-2021-25786 MISC |
pearadmin — pear_admin_think | SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php. | 2023-08-11 | 8.8 | CVE-2021-29378 MISC |
apple — iphone_os | The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution. | 2023-08-14 | 8.8 | CVE-2022-48503 MISC MISC MISC MISC MISC |
google — android | In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | 8.8 | CVE-2023-21273 MISC MISC |
apple — macos | A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution. | 2023-08-14 | 8.8 | CVE-2023-28198 MISC MISC |
intel(r) — ai_hackathon | Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 2023-08-11 | 8.8 | CVE-2023-28380 MISC |
tigergraph — tigergraph_enterprise | An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform installs a full development toolchain within every TigerGraph deployment. An attacker is able to compile new executables on each Tigergraph system and modify system and Tigergraph binaries. | 2023-08-15 | 8.8 | CVE-2023-28479 MISC |
apple — macos | A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution. | 2023-08-14 | 8.8 | CVE-2023-32358 MISC MISC |
zyxel — nbg6604 | A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request. | 2023-08-14 | 8.8 | CVE-2023-33013 MISC |
postgresql — postgresql | IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:…@ inside a quoting construct (dollar quoting, ”, or “”). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. | 2023-08-11 | 8.8 | CVE-2023-39417 MISC MISC MISC |
jenkins — jenkins | A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job. | 2023-08-16 | 8.8 | CVE-2023-40341 MISC MISC |
wordpress — wordpress | The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the ‘wpdmpp_update_profile’ function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the ‘profile[role]’ parameter during a profile update. | 2023-08-12 | 8.8 | CVE-2023-4293 MISC MISC MISC |
wordpress — wordpress | The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the ‘notify_ping_remote’ AJAX function in versions up to, and including, 1.2.12. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. This was partially patched in version 1.2.12 and fully patched in version 1.2.13. | 2023-08-16 | 8.5 | CVE-2023-3958 MISC MISC MISC MISC |
red_lion_europe — mbnet | A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker to store an arbitrary JavaScript payload on the diagnosis page of the device. That page is loaded immediately after login into the device and runs the stored payload, allowing the attacker to read and write browser data and reduce system performance. | 2023-08-17 | 8.3 | CVE-2023-34412 MISC MISC |
intel(r) — celeron_j6413_firmware | Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. | 2023-08-11 | 8 | CVE-2022-44611 MISC |
rockcarry — ffjpeg | Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN. | 2023-08-11 | 7.8 | CVE-2020-24222 MISC |
apple — macos | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution. | 2023-08-14 | 7.8 | CVE-2020-36615 MISC |
xnview — xnview | Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file. | 2023-08-11 | 7.8 | CVE-2021-28427 MISC |
xnview — xnview | Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file. | 2023-08-11 | 7.8 | CVE-2021-28835 MISC CONFIRM |
intel(r) — oneapi_math_kernel_library | Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2022-25864 MISC |
intel(r) — dynamic_tuning_technology | Improper access control in the Intel DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2022-29470 MISC |
intel(r)– multiple_products | Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2022-38076 MISC |
intel(r) — rapid_storage_technology | Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2022-43456 MISC |
apple — mac_os_x | A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges. | 2023-08-14 | 7.8 | CVE-2022-46706 MISC MISC MISC |
google — android | In registerServiceLocked of ManagedServices.java, there is a possible bypass of background activity launch restrictions due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | 7.8 | CVE-2023-21229 MISC |
google — android | In getIntentForButton of ButtonManager.java, there is a possible way for an unprivileged application to start a non-exported or permission-protected activity due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | 7.8 | CVE-2023-21231 MISC |
google — android | In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | 7.8 | CVE-2023-21272 MISC MISC |
intel(r) — unite | Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-25182 MISC |
intel(r) — unite | Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-25773 MISC |
intel(r) — vcust_tool | Uncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-25944 MISC |
intel(r) — easy_streaming_wizard | Improper input validation for the Intel(R) Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-26587 MISC |
intel(r) — advanced_link_analyzer | Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-27505 MISC |
intel(r) — optimization_for_tensorflow | Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-27506 MISC |
intel(r) — ispc_software_installer | Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access. | 2023-08-11 | 7.8 | CVE-2023-27509 MISC |
intel(r) — openvino | Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-28405 MISC |
intel(r) — oneapi_math_kernel_library | Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-28658 MISC |
onlyoffice — document_server | A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | 2023-08-14 | 7.8 | CVE-2023-30186 MISC MISC MISC MISC MISC MISC |
onlyoffice — document_server | An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | 2023-08-14 | 7.8 | CVE-2023-30187 MISC MISC MISC MISC MISC MISC |
intel(r) — intelligent_test_system | Incorrect default permissions in the Intel(R) ITS sofware before version 3.1 may allow authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-32543 MISC |
intel(r) — realsense_450_fa_firmware | Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-32656 MISC |
intel(r) — realsense_software_development_kit | Incorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-32663 MISC |
intel(r) — realsense_450_fa_firmware | Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-33867 MISC |
intel(r) — realsense_450_fa_firmware | Out-of-bounds write in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-33877 MISC |
intel(r) — realsense_450_fa_firmware | Protection mechanism failure in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-34427 MISC |
intel(r) — nuc_bios | Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.8 | CVE-2023-34438 MISC |
faucet_sdn — ryu | An issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | 2023-08-11 | 7.5 | CVE-2020-35139 MISC |
faucet_sdn — ryu | An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | 2023-08-11 | 7.5 | CVE-2020-35141 MISC |
cszcms– cszcms | SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pm_sendmail parameter in csz_model.php. | 2023-08-11 | 7.5 | CVE-2020-36136 MISC |
ffmpeg — ffmpeg | An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS). | 2023-08-11 | 7.5 | CVE-2020-36138 MISC MISC MISC |
dgtl — huemagic | Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js. | 2023-08-11 | 7.5 | CVE-2021-26504 MISC |
google — android | In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | 7.5 | CVE-2023-21233 MISC |
wordpress — wordpress | The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the ‘admin_notice’ function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges. | 2023-08-15 | 7.5 | CVE-2023-2916 MISC MISC MISC |
faad2 — faad2 | Buffer Overflow vulnerability in faad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c. | 2023-08-15 | 7.5 | CVE-2023-38857 MISC |
huawei — harmonyos | Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnormally. | 2023-08-13 | 7.5 | CVE-2023-39380 MISC MISC |
huawei — emui | Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart. | 2023-08-13 | 7.5 | CVE-2023-39381 MISC MISC |
huawei — emui | Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart. | 2023-08-13 | 7.5 | CVE-2023-39382 MISC MISC |
huawei — emui | Vulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps’ data security. | 2023-08-13 | 7.5 | CVE-2023-39383 MISC MISC |
huawei — harmonyos | Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally. | 2023-08-13 | 7.5 | CVE-2023-39384 MISC MISC |
huawei — emui | Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart. | 2023-08-13 | 7.5 | CVE-2023-39386 MISC MISC |
huawei — emui | Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability. | 2023-08-13 | 7.5 | CVE-2023-39388 MISC MISC |
huawei — emui | Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability. | 2023-08-13 | 7.5 | CVE-2023-39389 MISC MISC |
huawei — harmonyos | Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart. | 2023-08-13 | 7.5 | CVE-2023-39390 MISC MISC |
huawei — emui | Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality. | 2023-08-13 | 7.5 | CVE-2023-39391 MISC MISC |
huawei — harmonyos | Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten. | 2023-08-13 | 7.5 | CVE-2023-39392 MISC MISC |
huawei — harmonyos | Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation of this vulnerability may cause ServiceWifiResources to be maliciously modified and overwritten. | 2023-08-13 | 7.5 | CVE-2023-39393 MISC MISC |
huawei — emui | Vulnerability of API privilege escalation in the wifienhance module. Successful exploitation of this vulnerability may cause the arp list to be modified. | 2023-08-13 | 7.5 | CVE-2023-39394 MISC MISC |
huawei — emui | Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability. | 2023-08-13 | 7.5 | CVE-2023-39395 MISC MISC |
huawei — harmonyos | Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability. | 2023-08-13 | 7.5 | CVE-2023-39396 MISC MISC |
huawei — emui | Input parameter verification vulnerability in the communication system. Successful exploitation of this vulnerability may affect availability. | 2023-08-13 | 7.5 | CVE-2023-39397 MISC MISC |
huawei — emui | Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart. | 2023-08-13 | 7.5 | CVE-2023-39404 MISC MISC |
huawei — emui | Permission control vulnerability in the XLayout component. Successful exploitation of this vulnerability may cause apps to forcibly restart. | 2023-08-13 | 7.5 | CVE-2023-39406 MISC MISC |
tenda — a18 | Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function. | 2023-08-14 | 7.5 | CVE-2023-39827 MISC |
tenda — a18 | Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function. | 2023-08-14 | 7.5 | CVE-2023-39828 MISC |
tenda — a18 | Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function. | 2023-08-14 | 7.5 | CVE-2023-39829 MISC |
mattermost — mattermost | Mattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged | 2023-08-11 | 7.5 | CVE-2023-4108 MISC |
intel(r) — quartus_prime | Uncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.3 | CVE-2023-24016 MISC |
intel(r) — open_image_denoise | Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | 7.3 | CVE-2023-28823 MISC |
supermicro-cms_project — supermicro-cms | An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the font_type parameter to setup.php. | 2023-08-11 | 7.2 | CVE-2021-25857 MISC |
intel(r) — unison | Improper access control in some Intel(R) Unison(TM) software before version 10.12 may allow a privileged user to potentially enable escalation of privilege via network access. | 2023-08-11 | 7.2 | CVE-2023-25757 MISC |
online_travel_agency_system_project — online_travel_agency_system | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php. | 2023-08-17 | 7.2 | CVE-2023-31938 MISC |
online_travel_agency_system_project — online_travel_agency_system | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php. | 2023-08-17 | 7.2 | CVE-2023-31939 MISC |
online_travel_agency_system_project — online_travel_agency_system | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the page_id parameter at article_edit.php. | 2023-08-17 | 7.2 | CVE-2023-31940 MISC |
online_travel_agency_system_project — online_travel_agency_system | File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the employee_insert.php. | 2023-08-17 | 7.2 | CVE-2023-31941 MISC |
online_travel_agency_system_project — online_travel_agency_system | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the ticket_id parameter at ticket_detail.php. | 2023-08-17 | 7.2 | CVE-2023-31943 MISC |
online_travel_agency_system_project — online_travel_agency_system | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_edit.php. | 2023-08-17 | 7.2 | CVE-2023-31944 MISC |
online_travel_agency_system_project — online_travel_agency_system | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php. | 2023-08-17 | 7.2 | CVE-2023-31945 MISC |
online_travel_agency_system_project — online_travel_agency_system | File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php. | 2023-08-17 | 7.2 | CVE-2023-31946 MISC |
solarwinds — serv-u | A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. | 2023-08-11 | 7.2 | CVE-2023-35179 MISC MISC |
snowsoftware — snow_license_manager | Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands via the web portal. | 2023-08-11 | 7.2 | CVE-2023-3864 MISC |
wordpress — wordpress | The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-08-15 | 7.2 | CVE-2023-4308 MISC MISC |
apple — macos | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted AppleScript binary may result in unexpected app termination or disclosure of process memory. | 2023-08-14 | 7.1 | CVE-2023-28179 MISC |
Medium Vulnerabilities
Primary Vendor — Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
intel(r)– multiple_products | Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2022-27635 MISC |
intel(r)– nuc_bios | Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2022-36372 MISC |
intel(r) — nuc | Improper input validation in BIOS firmware for some Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2022-37336 MISC |
intel(r)– atom_c3338r_firmware | Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2022-37343 MISC |
intel(r) — multiple_products | Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2022-40964 MISC |
intel(r) — xeon(r)_processors | Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2022-41804 MISC MISC MISC MISC |
intel(r) — proset/wireless_wifi | Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2022-46329 MISC |
intel(r) — nuc_bios | Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2023-22449 MISC |
intel(r)– open_image_denoise | Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2023-27391 MISC |
intel(r) — next_unit_of_computing_firmware | Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access. | 2023-08-11 | 6.7 | CVE-2023-28385 MISC |
intel(r) — nuc_bios | Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2023-29494 MISC |
intel(r) — multiple_products | Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2023-32617 MISC |
intel(r) — nuc_bios | Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.7 | CVE-2023-34086 MISC |
cms-dev — cms | Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs. | 2023-08-11 | 6.5 | CVE-2020-24804 MISC |
gnome-gmail — gnome-gmail | An issue was discovered in attach parameter in GNOME Gmail version 2.5.4, allows remote attackers to gain sensitive information via crafted “mailto” link. | 2023-08-11 | 6.5 | CVE-2020-24904 MISC |
freedesktop — poppler | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. | 2023-08-11 | 6.5 | CVE-2020-36023 MISC MLIST |
intel(r)– multiple_products | Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access. | 2023-08-11 | 6.5 | CVE-2022-36351 MISC |
intel(r) — processors | Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 2023-08-11 | 6.5 | CVE-2022-40982 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
tigergraph — tigergraph_enterprise | An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions (UDFs) from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An attacker who has filesystem access on a remote TigerGraph system can alter the behavior of the database against the will of the database administrator; thus, effectively bypassing the built in RBAC controls. | 2023-08-14 | 6.5 | CVE-2023-28480 MISC |
zyxel — multiple_products | Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch. | 2023-08-14 | 6.5 | CVE-2023-28768 MISC |
libxls– libxls | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018. | 2023-08-15 | 6.5 | CVE-2023-38851 MISC |
libxls– libxls | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266. | 2023-08-15 | 6.5 | CVE-2023-38852 MISC |
libxls– libxls | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015. | 2023-08-15 | 6.5 | CVE-2023-38853 MISC |
libxls– libxls | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296. | 2023-08-15 | 6.5 | CVE-2023-38854 MISC |
libxls– libxls | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395. | 2023-08-15 | 6.5 | CVE-2023-38855 MISC |
libxls– libxls | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411. | 2023-08-15 | 6.5 | CVE-2023-38856 MISC |
faad2 — faad2 | Buffer Overflow vulnerability in faad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039. | 2023-08-15 | 6.5 | CVE-2023-38858 MISC |
jenkins — jenkins | Jenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to. | 2023-08-16 | 6.5 | CVE-2023-40345 MISC MISC |
jenkins — jenkins | Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to. | 2023-08-16 | 6.5 | CVE-2023-40347 MISC MISC |
mattermost — mattermost | Mattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able to view, join, edit, export and archive public playbooks. | 2023-08-11 | 6.5 | CVE-2023-4106 MISC |
mattermost — mattermost | Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin’s details such as email, first name and last name. | 2023-08-11 | 6.5 | CVE-2023-4107 MISC |
intel(r) — nuc_bios | Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | 6.4 | CVE-2023-34349 MISC |
jbt — markdown_editor | Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file. | 2023-08-11 | 6.1 | CVE-2020-19952 MISC CONFIRM MISC |
gilacms — gila_cms | Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation. | 2023-08-11 | 6.1 | CVE-2020-20523 MISC |
laborator — kalium | Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code. | 2023-08-11 | 6.1 | CVE-2020-24075 MISC |
lepton-cms — epton-cms | Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code. | 2023-08-11 | 6.1 | CVE-2020-24872 MISC |
zoho_corporation — manageengine_password_manager_pro | Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload. | 2023-08-11 | 6.1 | CVE-2020-27449 MISC MISC |
kindsoft — kindeditor | Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code. | 2023-08-11 | 6.1 | CVE-2020-28717 MISC |
braft-editor — braft-editor | Cross Site Scripting (XSS) vulnerability in margox braft-editor version 2.3.8, allows remote attackers to execute arbitrary code via the embed media feature. | 2023-08-11 | 6.1 | CVE-2021-27524 MISC |
opennms — horizon | XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to XML external entity (XXE) injection, which can be used for instance to force Horizon to make arbitrary HTTP requests to internal and external services. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization’s private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter and Moshe Apelbaum for reporting this issue. | 2023-08-11 | 6.1 | CVE-2023-0871 MISC MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <= 2.2.0 versions. | 2023-08-14 | 6.1 | CVE-2023-28535 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin <= 5.4.5 versions. | 2023-08-14 | 6.1 | CVE-2023-30475 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions. | 2023-08-14 | 6.1 | CVE-2023-30483 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <= 1.2.16 versions. | 2023-08-14 | 6.1 | CVE-2023-30489 MISC |
jenkins — jenkins | Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token. | 2023-08-16 | 5.9 | CVE-2023-40343 MISC MISC |
jerryscript — jerryscript | An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference). | 2023-08-11 | 5.5 | CVE-2020-24187 MISC MISC |
ngiflib — ngiflib | An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop). | 2023-08-11 | 5.5 | CVE-2020-24221 MISC |
foxit_software — pdf_reader | Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file. | 2023-08-11 | 5.5 | CVE-2020-35990 MISC MISC |
freedesktop — poppler | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. | 2023-08-11 | 5.5 | CVE-2020-36024 MISC MLIST |
ffmpeg — ffmpeg | Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file. | 2023-08-11 | 5.5 | CVE-2021-28429 MISC |
vim — vim | vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method. | 2023-08-11 | 5.5 | CVE-2021-3236 MISC |
apple — macos | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to modify protected parts of the file system. | 2023-08-14 | 5.5 | CVE-2022-22646 MISC |
apple — macos | An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4. An app may be able to leak sensitive user information. | 2023-08-14 | 5.5 | CVE-2022-22655 MISC MISC |
apple — macos | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. An app may be able to cause a denial-of-service to Endpoint Security clients. | 2023-08-14 | 5.5 | CVE-2022-26699 MISC |
intel(r) — unison | Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access. | 2023-08-11 | 5.5 | CVE-2022-44612 MISC |
apple — macos | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. | 2023-08-14 | 5.5 | CVE-2022-46722 MISC |
google — android | In onAccessPointChanged of AccessPointPreference.java, there is a possible way for unprivileged apps to receive a broadcast about WiFi access point change and its BSSID or SSID due to a precondition check failure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | 5.5 | CVE-2023-21230 MISC |
google — android | In launchConfirmationActivity of ChooseLockSettingsHelper.java, there is a possible way to enable developer options without the lockscreen PIN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | 5.5 | CVE-2023-21234 MISC |
google — android | In parseInputs of ShimPreparedModel.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | 5.5 | CVE-2023-21271 MISC MISC |
intel(r) — onevpl_gpu | Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access. | 2023-08-11 | 5.5 | CVE-2023-22338 MISC |
intel(r) — onevpl_gpu | Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access. | 2023-08-11 | 5.5 | CVE-2023-22840 MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory. | 2023-08-14 | 5.5 | CVE-2023-27939 MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory. | 2023-08-14 | 5.5 | CVE-2023-27947 MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory. | 2023-08-14 | 5.5 | CVE-2023-27948 MISC |
apple — macos | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. An app may be able to disclose kernel memory. | 2023-08-14 | 5.5 | CVE-2023-28199 MISC |
intel(r) — hyperscan_library | Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access. | 2023-08-11 | 5.5 | CVE-2023-28711 MISC |
onlyoffice — document_server | Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file. | 2023-08-14 | 5.5 | CVE-2023-30188 MISC MISC MISC MISC MISC MISC |
intel(r) — realsense_450_fa_firmware | Out-of-bounds read in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable information disclosure via local access. | 2023-08-11 | 5.5 | CVE-2023-30760 MISC |
intel(r) — unite | Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access. | 2023-08-11 | 5.5 | CVE-2023-32609 MISC |
hcl_software — hcl_traveler_companion | When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information. | 2023-08-11 | 5.5 | CVE-2023-37512 MISC |
hcl_software– traveler_to_do | When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information. | 2023-08-11 | 5.5 | CVE-2023-37513 MISC |
thinkcmf — thinkcmf | Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login. | 2023-08-11 | 5.4 | CVE-2020-25915 MISC |
churchcrm — churchcrm | Cross Site Scripting (XSS) vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module. | 2023-08-11 | 5.4 | CVE-2020-28849 MISC |
jenkins — jenkins | Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control JUnit report file contents. | 2023-08-16 | 5.4 | CVE-2023-40342 MISC MISC |
jenkins — jenkins | Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure shortcut jobs. | 2023-08-16 | 5.4 | CVE-2023-40346 MISC MISC |
jenkins — jenkins | Jenkins Docker Swarm Plugin 1.11 and earlier does not escape values returned from Docker before inserting them into the Docker Swarm Dashboard view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control responses from Docker. | 2023-08-16 | 5.4 | CVE-2023-40350 MISC MISC |
wordpress — wordpress | The Comments Like Dislike plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the restore_settings function called via an AJAX action in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to reset the plugin’s settings. NOTE: After attempting to contact the developer with no response, and reporting this to the WordPress plugin’s team 30 days ago we are disclosing this issue as it still is not updated. | 2023-08-17 | 5.3 | CVE-2023-3244 MISC MISC |
juniper_networks — junos_os | A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify certain PHP environments variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series: * All versions prior to 20.4R3-S9; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R3-S1; * 22.4 versions prior to 22.4R2-S2, 22.4R3. | 2023-08-17 | 5.3 | CVE-2023-36844 MISC |
juniper_networks — junos_os | A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1-S1, 23.2R2. | 2023-08-17 | 5.3 | CVE-2023-36845 MISC |
juniper_networks — junos_os | A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request that doesn’t require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3. | 2023-08-17 | 5.3 | CVE-2023-36846 MISC |
juniper_networks — junos_os | A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request that doesn’t require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3. | 2023-08-17 | 5.3 | CVE-2023-36847 MISC |
huawei — emui | Vulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows. | 2023-08-13 | 5.3 | CVE-2023-39387 MISC MISC |
jenkins — jenkins | The webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs in its output. | 2023-08-16 | 5.3 | CVE-2023-40348 MISC MISC |
jenkins — jenkins | Jenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs. | 2023-08-16 | 5.3 | CVE-2023-40349 MISC MISC |
wordpress — wordpress | The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh_callback_handler function in versions up to, and including, 3.7.9. This makes it possible for unauthenticated attackers to modify the order status of arbitrary WooCommerce orders. | 2023-08-18 | 5.3 | CVE-2023-4040 MISC MISC |
supermicro-cms — supermicro-cms | An issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php. | 2023-08-11 | 4.9 | CVE-2021-25856 MISC |
wordpress — wordpress | Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin <= 3.1.0 versions. | 2023-08-14 | 4.8 | CVE-2023-29097 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <= 1.0 versions. | 2023-08-14 | 4.8 | CVE-2023-30477 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <= 7.3.0 versions. | 2023-08-14 | 4.8 | CVE-2023-30749 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <= 1.0.2 versions. | 2023-08-14 | 4.8 | CVE-2023-30751 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <= 2.0.1 versions. | 2023-08-14 | 4.8 | CVE-2023-30752 MISC |
online_travel_agency_system_project — online_travel_agency_system | Cross Site Scripting vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the description parameter in insert.php. | 2023-08-17 | 4.8 | CVE-2023-31942 MISC |
code-projects — hospital_information_system | Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS) | 2023-08-14 | 4.8 | CVE-2023-37070 MISC MISC MISC |
snowsoftware — snow_license_manager | Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser | 2023-08-11 | 4.8 | CVE-2023-3937 MISC |
intel(r)– pentium_j6426_firmware | Improper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | 4.4 | CVE-2022-27879 MISC |
intel(r)– pcsd_bios | Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | 4.4 | CVE-2022-34657 MISC |
intel(r) — xeon_d-2745nx_firmware | Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | 4.4 | CVE-2022-38083 MISC |
intel(r) — converged_security_management_engine_firmware | Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access. | 2023-08-11 | 4.4 | CVE-2022-38102 MISC |
intel(r)– pentium_j6426_firmware | Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. | 2023-08-11 | 4.4 | CVE-2022-43505 MISC |
intel(r) — nuc_bios | Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | 4.4 | CVE-2023-22330 MISC |
intel(r) — nuc_bios | Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | 4.4 | CVE-2023-22356 MISC |
intel(r) — nuc | Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | 4.4 | CVE-2023-22444 MISC |
intel(r) — support | Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | 4.4 | CVE-2023-27392 MISC |
intel(r) — nuc_bios | Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | 4.4 | CVE-2023-27887 MISC |
intel(r) — realsense_450_fa_firmware | Unchecked return value in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow a priviledged user to potentially enable denial of service via local access. | 2023-08-11 | 4.4 | CVE-2023-29243 MISC |
intel(r) — nuc_bios | Exposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access. | 2023-08-11 | 4.4 | CVE-2023-29500 MISC |
intel(r) — nuc_bios | Improper access control in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access. | 2023-08-11 | 4.4 | CVE-2023-32285 MISC |
apple — iphone_os | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing. | 2023-08-14 | 4.3 | CVE-2022-46725 MISC |
hcl_software — traveler_to_do | If certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved. | 2023-08-11 | 4.3 | CVE-2023-37511 MISC |
postgresql — postgresql | A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows. | 2023-08-11 | 4.3 | CVE-2023-39418 MISC MISC MISC MISC |
jenkins — jenkins | A missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 2023-08-16 | 4.3 | CVE-2023-40344 MISC MISC |
mattermost — mattermost | Mattermost fails to delete the attachments when deleting a message in a thread allowing a simple user to still be able to access and download the attachment of a deleted message | 2023-08-11 | 4.3 | CVE-2023-4105 MISC |
wordpress — wordpress | The WP Remote Users Sync plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the ‘refresh_logs_async’ functions in versions up to, and including, 1.2.11. This makes it possible for authenticated attackers with subscriber privileges or above, to view logs. | 2023-08-16 | 4.3 | CVE-2023-4374 MISC MISC MISC |
Low Vulnerabilities
Primary Vendor — Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apple — macos | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13. A shortcut may be able to view the hidden photos album without authentication. | 2023-08-14 | 3.3 | CVE-2022-32876 MISC |
google — android | In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | 3.3 | CVE-2023-21232 MISC |
froxlor — froxlor | Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0. | 2023-08-11 | 2.7 | CVE-2023-4304 MISC MISC |
apple — iphone_os | This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen. | 2023-08-14 | 2.4 | CVE-2022-46724 MISC |
Severity Not Yet Assigned
Primary Vendor — Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
even_balance,_inc. — punkbuster | Directory Traversal vulnerability in Server functionality in Even Balance Punkbuster version 1.902 before 1.905 allows remote attackers to execute arbitrary code. | 2023-08-16 | not yet calculated | CVE-2020-26037 MISC MISC MISC |
apple — macos | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | 2023-08-14 | not yet calculated | CVE-2022-42828 MISC |
wordpress — wordpress | The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. | 2023-08-16 | not yet calculated | CVE-2022-4782 MISC |
hp_inc. — hp_and_samsung_printer_software | Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. | 2023-08-16 | not yet calculated | CVE-2022-4894 MISC |
wordpress — wordpress | The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs. | 2023-08-14 | not yet calculated | CVE-2022-4953 MISC MISC |
wordpress — wordpress | The Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when creating and editing its shortcode, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack | 2023-08-16 | not yet calculated | CVE-2023-0058 MISC |
wordpress — wordpress | The URL Params WordPress plugin before 2.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 2023-08-16 | not yet calculated | CVE-2023-0274 MISC |
wordpress — wordpress | The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments | 2023-08-16 | not yet calculated | CVE-2023-0551 MISC |
wordpress — wordpress | The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks. | 2023-08-16 | not yet calculated | CVE-2023-0579 MISC |
opennms — horizon | The Horizon REST API includes a user’s endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to elevation of privilege. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization’s private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue. | 2023-08-14 | not yet calculated | CVE-2023-0872 MISC MISC |
wordpress — wordpress | The Yellow Yard Searchbar WordPress plugin before 2.8.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 2023-08-16 | not yet calculated | CVE-2023-1110 MISC |
wordpress — wordpress | The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin | 2023-08-16 | not yet calculated | CVE-2023-1465 MISC |
wordpress — wordpress | The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in its admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network. | 2023-08-16 | not yet calculated | CVE-2023-1977 MISC |
cisco — cisco_intersight_virtual_appliance | Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. | 2023-08-16 | not yet calculated | CVE-2023-20013 MISC |
cisco — cisco_intersight_virtual_appliance | Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. | 2023-08-16 | not yet calculated | CVE-2023-20017 MISC |
cisco — cisco_identity_services_engine | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to the improper storage of sensitive information within the web-based management interface. An attacker could exploit this vulnerability by logging in to the web-based management interface and viewing hidden fields within the application. A successful exploit could allow the attacker to access sensitive information, including device entry credentials, that could aid the attacker in further attacks. | 2023-08-16 | not yet calculated | CVE-2023-20111 MISC |
cisco — cisco_secure_endpoint_private_cloud_console | A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog. | 2023-08-16 | not yet calculated | CVE-2023-20197 MISC |
cisco — cisco_prime_infrastructure | Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device. | 2023-08-16 | not yet calculated | CVE-2023-20201 MISC |
cisco — cisco_prime_infrastructure | Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device. | 2023-08-16 | not yet calculated | CVE-2023-20203 MISC |
cisco — cisco_prime_infrastructure | Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device. | 2023-08-16 | not yet calculated | CVE-2023-20205 MISC |
cisco — cisco_telepresence_video_communication_server_expressway | A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges. | 2023-08-16 | not yet calculated | CVE-2023-20209 MISC |
cisco — cisco_unified_communications_manager | A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by authenticating to the application as a user with read-only or higher privileges and sending crafted HTTP requests to an affected system. A successful exploit could allow the attacker to read or modify data in the underlying database or elevate their privileges. | 2023-08-16 | not yet calculated | CVE-2023-20211 MISC |
cisco — autoit_module_of_clamav | A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability by submitting a crafted AutoIt file to be scanned by ClamAV on the affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to restart unexpectedly, resulting in a DoS condition. | 2023-08-18 | not yet calculated | CVE-2023-20212 MISC |
cisco — cisco_thousandeyes_recorder_application | A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing certain commands using sudo. A successful exploit could allow the attacker to view arbitrary files as root on the underlying operating system. The attacker must have valid credentials on the affected device. | 2023-08-16 | not yet calculated | CVE-2023-20217 MISC MISC MISC |
cisco — cisco_ip_phones_with_multiplatform_firmware | A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform a factory reset of the affected device, resulting in a Denial of Service (DoS) condition. | 2023-08-16 | not yet calculated | CVE-2023-20221 MISC |
cisco — cisco_prime_infrastructure | A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | 2023-08-16 | not yet calculated | CVE-2023-20222 MISC |
cisco — cisco_thousandeyes_recorder_application | A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device. | 2023-08-16 | not yet calculated | CVE-2023-20224 MISC MISC MISC |
cisco — cisco_unified_computing_system | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information. | 2023-08-16 | not yet calculated | CVE-2023-20228 MISC |
cisco — cisco_duo_device_health_application | A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks and overwrite arbitrary files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a directory traversal attack on an affected host. A successful exploit could allow an attacker to use a cryptographic key to overwrite arbitrary files with SYSTEM-level privileges, resulting in a denial of service (DoS) condition or data loss on the affected system. | 2023-08-16 | not yet calculated | CVE-2023-20229 MISC |
cisco — cisco_unified_contact_center_express | A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper input validation of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a specific API endpoint on the Unified CCX Finesse Portal. A successful exploit could allow the attacker to cause the internal WebProxy to redirect users to an attacker-controlled host. | 2023-08-16 | not yet calculated | CVE-2023-20232 MISC |
cisco — cisco_intersight_virtual_appliance | A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker access to internal subnets beyond the sphere of their intended access level. | 2023-08-16 | not yet calculated | CVE-2023-20237 MISC |
cisco — cisco_unified_communications_manager | A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM Presence Service (Unified CM IM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | 2023-08-16 | not yet calculated | CVE-2023-20242 MISC |
amd — ryzen(tm)_master | Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service. | 2023-08-15 | not yet calculated | CVE-2023-20560 MISC |
amd — ryzen(tm)_master | Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution. | 2023-08-15 | not yet calculated | CVE-2023-20564 MISC |
google — android | In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-20965 MISC MISC MISC MISC |
obsidian — obsidian | Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via “app://local/<absolute-path>”. This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies text from a malicious webpage and paste it into Obsidian. | 2023-08-19 | not yet calculated | CVE-2023-2110 MISC MISC |
google — android | In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that’s been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21132 MISC MISC |
google — android | In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that’s been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21133 MISC MISC |
google — android | In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that’s been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21134 MISC MISC |
google — android | In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that’s been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21140 MISC MISC |
wordpress — wordpress | The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize and escape the iowd_tabs_active parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link. | 2023-08-16 | not yet calculated | CVE-2023-2122 MISC |
wordpress — wordpress | The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. | 2023-08-16 | not yet calculated | CVE-2023-2123 MISC MISC |
google — android | In onCreate of LockSettingsActivity.java, there is a possible way set a new lock screen PIN without entering the existing PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21235 MISC |
google — android | In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21242 MISC MISC |
google — android | In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21264 MISC MISC MISC |
google — android | In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21265 MISC MISC |
google — android | In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21267 MISC MISC |
google — android | In update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21268 MISC MISC |
google — android | In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21269 MISC MISC |
google — android | In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21274 MISC MISC |
google — android | In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21275 MISC MISC |
google — android | In writeToParcel of CursorWindow.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21276 MISC MISC |
google — android | In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21277 MISC MISC |
google — android | In multiple locations, there is a possible way to obscure the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21278 MISC MISC |
google — android | In visitUris of RemoteViews.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21279 MISC MISC |
google — android | In setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21280 MISC MISC |
google — android | In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21281 MISC MISC |
google — android | In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21282 MISC MISC |
google — android | In multiple functions of StatusHints.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21283 MISC MISC MISC |
google — android | In multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21284 MISC MISC |
google — android | In setMetadata of MediaSessionRecord.java, there is a possible way to view another user’s images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21285 MISC MISC |
google — android | In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21286 MISC MISC |
google — android | In multiple locations, there is a possible code execution due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21287 MISC MISC |
google — android | In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21288 MISC MISC |
google — android | In multiple locations, there is a possible bypass of a multiuser security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21289 MISC MISC |
google — android | In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21290 MISC MISC |
google — android | In openContentUri of ActivityManagerService.java, there is a possible way for a third-party app to obtain restricted files due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-21292 MISC MISC |
wordpress — wordpress | The SEO Alert WordPress plugin through 1.59 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 2023-08-16 | not yet calculated | CVE-2023-2225 MISC |
wordpress — wordpress | The Ko-fi Button WordPress plugin before 1.3.3 does not properly some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup), and we consider it a low risk. | 2023-08-16 | not yet calculated | CVE-2023-2254 MISC |
wordpress — wordpress | The Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attack | 2023-08-16 | not yet calculated | CVE-2023-2271 MISC |
wordpress — wordpress | The Tiempo.com WordPress plugin through 0.1.2 does not sanitize and escape the page parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 2023-08-16 | not yet calculated | CVE-2023-2272 MISC |
audiocodes — voip_desk_phones | An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is able to store malicious firmware. | 2023-08-11 | not yet calculated | CVE-2023-22955 MISC MISC FULLDISC MISC |
audiocodes — voip_desk_phones | An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information. | 2023-08-11 | not yet calculated | CVE-2023-22956 MISC MISC FULLDISC MISC |
audiocodes — voip_desk_phones | An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password. | 2023-08-11 | not yet calculated | CVE-2023-22957 MISC MISC FULLDISC MISC |
google — chrome | Use after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-08-15 | not yet calculated | CVE-2023-2312 MISC MISC MISC MISC |
typora — typora | Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via “typora://app/<absolute-path>”. This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. | 2023-08-19 | not yet calculated | CVE-2023-2316 MISC MISC |
typora — typora | DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in <embed> tag. This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. | 2023-08-19 | not yet calculated | CVE-2023-2317 MISC MISC |
marktext — marktext | DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into MarkText. | 2023-08-19 | not yet calculated | CVE-2023-2318 MISC MISC |
genesys — genesys_administrator_extension | Genesys Administrator Extension (GAX) before 9.0.105.15 is vulnerable to Cross Site Scripting (XSS) via the Business Structure page of the iWD plugin, aka GAX-11261. | 2023-08-13 | not yet calculated | CVE-2023-23208 CONFIRM |
intel(r) — xeon(r)_scalable_processors | Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2023-23908 MISC MISC MISC MISC |
intel(r) — quartus(r)_prime_pro_edition_for_linux | Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access. | 2023-08-15 | not yet calculated | CVE-2023-24478 MISC |
zte — multiple_products | There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event. | 2023-08-17 | not yet calculated | CVE-2023-25647 MISC |
wordpress — wordpress | The WP Brutal AI WordPress plugin before 2.06 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 2023-08-14 | not yet calculated | CVE-2023-2606 MISC |
excalidraw — excalidraw | Versions of the package @excalidraw/excalidraw from 0.0.0 are vulnerable to Cross-site Scripting (XSS) via embedded links in whiteboard objects due to improper input sanitization. | 2023-08-16 | not yet calculated | CVE-2023-26140 MISC MISC MISC |
jorani — jorani | In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server. | 2023-08-17 | not yet calculated | CVE-2023-26469 MISC MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paul Kehrer Updraft plugin <= 0.6.1 versions. | 2023-08-17 | not yet calculated | CVE-2023-26530 MISC |
thales — safenet_authtentication_service_agent | Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation. | 2023-08-16 | not yet calculated | CVE-2023-2737 MISC |
insyde_software — insydeh20 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and validate information contained in the ‘MeSetup’ UEFI variable. On some systems, this variable can be overwritten using operating system APIs. Exploitation of this vulnerability could potentially lead to denial of service for the platform. | 2023-08-18 | not yet calculated | CVE-2023-27471 MISC |
phplist — phplist | An issue was discovered in phpList 3.6.12. Due to an access error, it was possible to manipulate and edit data of the system’s super admin, allowing one to perform an account takeover of the user with super-admin permission. | 2023-08-18 | not yet calculated | CVE-2023-27576 MISC |
wordpress — wordpress | The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-08-14 | not yet calculated | CVE-2023-2802 MISC |
wordpress — wordpress | The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2023-08-14 | not yet calculated | CVE-2023-2803 MISC |
dell — cpg_bios | Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. | 2023-08-16 | not yet calculated | CVE-2023-28075 MISC |
tigergraph — tigergraphdb_enterprise | An issue was discovered in Tigergraph Enterprise 3.7.0. There is unsecured write access to SSH authorized keys file. Any code running as the tigergraph user is able to add their SSH public key into the authorized keys file. This allows an attacker to obtain password-less SSH key access by using their own SSH key. | 2023-08-14 | not yet calculated | CVE-2023-28481 MISC |
tigergraph — tigergraphdb_enterprise | An issue was discovered in Tigergraph Enterprise 3.7.0. A single TigerGraph instance can host multiple graphs that are accessed by multiple different users. The TigerGraph platform does not protect the confidentiality of any data uploaded to the remote server. In this scenario, any user that has permissions to upload data can browse data uploaded by any other user (irrespective of their permissions). | 2023-08-14 | not yet calculated | CVE-2023-28482 MISC |
tigergraph — tigergraphdb_enterprise | An issue was discovered in Tigergraph Enterprise 3.7.0. The GSQL query language provides users with the ability to write data to files on a remote TigerGraph server. The locations that a query is allowed to write to are configurable via the GSQL.FileOutputPolicy configuration setting. GSQL queries that contain UDFs can bypass this configuration setting and, as a consequence, can write to any file location to which the administrative user has access. | 2023-08-14 | not yet calculated | CVE-2023-28483 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Williams Cab Grid plugin <= 1.5.15 versions. | 2023-08-17 | not yet calculated | CVE-2023-28533 MISC |
wordpress — wordpress | Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions. | 2023-08-17 | not yet calculated | CVE-2023-28622 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Steinbrecher WP BrowserUpdate plugin <= 4.5 versions. | 2023-08-17 | not yet calculated | CVE-2023-28690 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Balasaheb Bhise Advanced Youtube Channel Pagination plugin <= 1.0 version. | 2023-08-17 | not yet calculated | CVE-2023-28693 MISC |
wordpress — wordpress | Auth. (shop manager+) Stored Cross-Site Scripting (XSS) vulnerability in PHPRADAR Woocommerce Tip/Donation plugin <= 1.2 versions. | 2023-08-17 | not yet calculated | CVE-2023-28783 MISC |
asustor — adm | Improper neutralization of special elements used in a command (‘Command Injection’) vulnerability in Printer service functionality in ASUSTOR Data Master (ADM) allows remote unauthorized users to execute arbitrary commands via unspecified vectors. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below. | 2023-08-17 | not yet calculated | CVE-2023-2910 MISC |
rockwell_automation — thinmanager_thinserver | The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial-of-service condition in the software. | 2023-08-17 | not yet calculated | CVE-2023-2914 MISC |
rockwell_automation — thinmanager_thinserver | The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition. | 2023-08-17 | not yet calculated | CVE-2023-2915 MISC |
rockwell_automation — thinmanager_thinserver | The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities. | 2023-08-17 | not yet calculated | CVE-2023-2917 MISC |
fortinet — fortios | A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections. | 2023-08-17 | not yet calculated | CVE-2023-29182 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for Icomoon plugin <= 2.0 versions. | 2023-08-18 | not yet calculated | CVE-2023-29387 MISC |
texas_instruments — wilink8-wifi-mcp8 | The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier. | 2023-08-14 | not yet calculated | CVE-2023-29468 MISC |
typora — typora | Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via “typora://app/typemark/”. This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. | 2023-08-19 | not yet calculated | CVE-2023-2971 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov YML for Yandex Market plugin <= 3.10.7 versions. | 2023-08-16 | not yet calculated | CVE-2023-30473 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeFlavors Vimeotheque: Vimeo WordPress Plugin <= 2.2.1 versions. | 2023-08-15 | not yet calculated | CVE-2023-30498 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.32.7212 versions. | 2023-08-18 | not yet calculated | CVE-2023-30499 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPGem WooCommerce Easy Duplicate Product plugin <= 0.3.0.0 versions. | 2023-08-15 | not yet calculated | CVE-2023-30747 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt plugin <= 1.8.5 versions. | 2023-08-14 | not yet calculated | CVE-2023-30754 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry plugin <= 10.0.1 versions. | 2023-08-15 | not yet calculated | CVE-2023-30778 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jonathan Daggerhart Query Wrangler plugin <= 1.5.51 versions. | 2023-08-16 | not yet calculated | CVE-2023-30779 MISC |
lenovo — universal_device_client | An uncontrolled search path vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges. | 2023-08-17 | not yet calculated | CVE-2023-3078 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.5 versions. | 2023-08-16 | not yet calculated | CVE-2023-30782 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kaya Studio Kaya QR Code Generator plugin <= 1.5.2 versions. | 2023-08-16 | not yet calculated | CVE-2023-30784 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Video Grid plugin <= 1.21 versions. | 2023-08-16 | not yet calculated | CVE-2023-30785 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Benjamin Guy Captcha Them All plugin <= 1.3.3 versions. | 2023-08-16 | not yet calculated | CVE-2023-30786 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PT Woo Plugins (by Webdados) Stock Exporter for WooCommerce plugin <= 1.1.0 versions. | 2023-08-16 | not yet calculated | CVE-2023-30871 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Steve Curtis, St. Pete Design Gps Plotter plugin <= 5.1.4 versions. | 2023-08-17 | not yet calculated | CVE-2023-30874 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in All My Web Needs Logo Scheduler plugin <= 1.2.0 versions. | 2023-08-18 | not yet calculated | CVE-2023-30875 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dave Ross Dave’s WordPress Live Search plugin <= 4.8.1 versions. | 2023-08-17 | not yet calculated | CVE-2023-30876 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov XML for Google Merchant Center plugin <= 3.0.1 versions. | 2023-08-17 | not yet calculated | CVE-2023-30877 MISC |
insyde_software — insydeh20 | An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure. | 2023-08-14 | not yet calculated | CVE-2023-31041 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.14 versions. | 2023-08-17 | not yet calculated | CVE-2023-31071 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Praveen Goswami Advanced Category Template plugin <= 0.1 versions. | 2023-08-17 | not yet calculated | CVE-2023-31072 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in hupe13 Extensions for Leaflet Map plugin <= 3.4.1 versions. | 2023-08-17 | not yet calculated | CVE-2023-31074 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.6 versions. | 2023-08-17 | not yet calculated | CVE-2023-31076 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Roberts Tippy plugin <= 6.2.1 versions. | 2023-08-17 | not yet calculated | CVE-2023-31079 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pradeep Singh Dynamically Register Sidebars plugin <= 1.0.1 versions. | 2023-08-17 | not yet calculated | CVE-2023-31091 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin <= 2.4.0 versions. | 2023-08-18 | not yet calculated | CVE-2023-31094 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions. | 2023-08-18 | not yet calculated | CVE-2023-31218 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions. | 2023-08-18 | not yet calculated | CVE-2023-31228 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Artiss Plugins List plugin <= 2.5 versions. | 2023-08-18 | not yet calculated | CVE-2023-31232 MISC |
zoho_corporation — manageengine_admanager_plus | Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated attackers to view user passwords after executing backup or recovery operations on user accounts. | 2023-08-17 | not yet calculated | CVE-2023-31492 MISC |
eset,_spol._s_r.o. — multiple_products | The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions. | 2023-08-14 | not yet calculated | CVE-2023-3160 MISC |
node.js — node.js | `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | 2023-08-15 | not yet calculated | CVE-2023-32003 MISC MISC MISC |
node.js — node.js | A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | 2023-08-15 | not yet calculated | CVE-2023-32004 MISC MISC MISC |
node.js — node.js | The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. | 2023-08-15 | not yet calculated | CVE-2023-32006 MISC MISC MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Theme Palace TP Education plugin <= 4.4 versions. | 2023-08-18 | not yet calculated | CVE-2023-32103 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.17.1 versions. | 2023-08-18 | not yet calculated | CVE-2023-32105 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fahad Mahmood WP Docs plugin <= 1.9.9 versions. | 2023-08-18 | not yet calculated | CVE-2023-32106 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions. | 2023-08-18 | not yet calculated | CVE-2023-32107 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio Online plugin <= 4.6.3 versions. | 2023-08-18 | not yet calculated | CVE-2023-32108 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio Online plugin <= 4.6.3 versions. | 2023-08-18 | not yet calculated | CVE-2023-32109 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy Plugins Spiffy Calendar plugin <= 4.9.3 versions. | 2023-08-18 | not yet calculated | CVE-2023-32122 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.6 versions. | 2023-08-18 | not yet calculated | CVE-2023-32130 MISC |
dell — cpg_bios | Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security critical UEFI variable without knowledge of the BIOS administrator. | 2023-08-16 | not yet calculated | CVE-2023-32453 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges. | 2023-08-16 | not yet calculated | CVE-2023-32486 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS, 8.2.x – 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure. | 2023-08-16 | not yet calculated | CVE-2023-32487 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure. | 2023-08-16 | not yet calculated | CVE-2023-32488 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges. | 2023-08-16 | not yet calculated | CVE-2023-32489 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover. | 2023-08-16 | not yet calculated | CVE-2023-32490 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure. | 2023-08-16 | not yet calculated | CVE-2023-32491 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files. | 2023-08-16 | not yet calculated | CVE-2023-32492 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution. | 2023-08-16 | not yet calculated | CVE-2023-32493 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also. | 2023-08-16 | not yet calculated | CVE-2023-32494 MISC |
dell — powerscale_onefs | Dell PowerScale OneFS, 8.2.x-9.5.x, contains an exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges. | 2023-08-16 | not yet calculated | CVE-2023-32495 MISC |
cisco — cisco_adaptive_security_appliance | The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the “iBootPduSiteAuth” cookie, a malicious agent can direct the device to connect to a rouge database. Successful exploitation allows the malicious agent to take actions with administrator privileges including, but not limited to, manipulating power levels, modifying user accounts, and exporting confidential user information. | 2023-08-14 | not yet calculated | CVE-2023-3259 MISC |
cyberpower — powerpanel_enterprise | When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server. | 2023-08-14 | not yet calculated | CVE-2023-3260 MISC |
cyberpower — powerpanel_enterprise | When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server. | 2023-08-14 | not yet calculated | CVE-2023-3261 MISC |
cisco — cisco_adaptive_security_appliance | The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records. | 2023-08-14 | not yet calculated | CVE-2023-3262 MISC |
logitec_corporation — multiple_products | Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions allow an unauthenticated attacker to log in to the product’s certain management console and execute arbitrary OS commands. | 2023-08-18 | not yet calculated | CVE-2023-32626 MISC MISC |
cisco — cisco_adaptive_security_appliance | The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials. Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution. | 2023-08-14 | not yet calculated | CVE-2023-3263 MISC |
cisco — cisco_adaptive_security_appliance | The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials. Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution. | 2023-08-14 | not yet calculated | CVE-2023-3264 MISC |
cyberpower — powerpanel_enterprise | An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user “cyberpower” by appending a non-printable character. An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials. | 2023-08-14 | not yet calculated | CVE-2023-3265 MISC |
cyberpower — powerpanel_enterprise | A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator by selecting LDAP authentication from a hidden HTML combo box. Successful exploitation of this vulnerability also requires the attacker to know at least one username on the device, but any password will authenticate successfully. | 2023-08-14 | not yet calculated | CVE-2023-3266 MISC |
cyberpower — powerpanel_enterprise | When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server. | 2023-08-14 | not yet calculated | CVE-2023-3267 MISC |
mitel_networks_corp. — mivoice_connect | The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control. | 2023-08-14 | not yet calculated | CVE-2023-32748 MISC MISC |
moxa — tn-5900_series | TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors. | 2023-08-17 | not yet calculated | CVE-2023-33237 MISC |
moxa — tn-4900_series/tn-5900_series | TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices. | 2023-08-17 | not yet calculated | CVE-2023-33238 MISC |
moxa — tn-4900_series/tn-5900_series | TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient input validation in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices. | 2023-08-17 | not yet calculated | CVE-2023-33239 MISC |
wordpress — wordpress | The Custom Field For WP Job Manager WordPress plugin before 1.2 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-08-14 | not yet calculated | CVE-2023-3328 MISC |
prestashop — prestashop | In the module “Customization fields fee for your store” (aicustomfee) from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue. | 2023-08-16 | not yet calculated | CVE-2023-33663 MISC MISC |
moxa — tn-5900_series | TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices. | 2023-08-17 | not yet calculated | CVE-2023-34213 MISC |
moxa — tn-4900_series/tn-5900_series | TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious users to execute remote code on affected devices. | 2023-08-17 | not yet calculated | CVE-2023-34214 MISC |
moxa — tn-5900_series | TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the certification-generation function, which could potentially allow malicious users to execute remote code on affected devices. | 2023-08-17 | not yet calculated | CVE-2023-34215 MISC |
moxa — tn-4900_series/tn-5900_series | TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files. | 2023-08-17 | not yet calculated | CVE-2023-34216 MISC |
moxa — tn-4900_series/tn-5900_series | TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-delete function, which could potentially allow malicious users to delete arbitrary files. | 2023-08-17 | not yet calculated | CVE-2023-34217 MISC |
wordpress — wordpress | The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitize and escape several parameters before using it in a SQL statement as part of its exportation feature, allowing unauthenticated attackers to conduct SQL injection attacks. | 2023-08-14 | not yet calculated | CVE-2023-3435 MISC |
lenovo — notebook | A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code. | 2023-08-17 | not yet calculated | CVE-2023-34419 MISC |
ibm — cognos_analytics | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system information without authentication which could be used in reconnaissance to gather information that could be used for future attacks. IBM X-Force ID: 257703. | 2023-08-16 | not yet calculated | CVE-2023-35009 MISC MISC |
ibm — cognos_analytics | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 257705. | 2023-08-16 | not yet calculated | CVE-2023-35011 MISC MISC |
ivanti — epmm | An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier. | 2023-08-15 | not yet calculated | CVE-2023-35082 MISC |
google — android | In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-08-14 | not yet calculated | CVE-2023-35689 MISC |
ibm — security_guardium | IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824. | 2023-08-16 | not yet calculated | CVE-2023-35893 MISC MISC |
logitec_corporation — multiple_products | Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product’s certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions. | 2023-08-18 | not yet calculated | CVE-2023-35991 MISC MISC |
wordpress — wordpress | The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor. | 2023-08-14 | not yet calculated | CVE-2023-3601 MISC |
powerjob — powerjob | An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list. | 2023-08-17 | not yet calculated | CVE-2023-36106 MISC MISC |
wordpress — wordpress | The Contact Form Builder by Bit Form WordPress plugin before 2.2.0 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-08-14 | not yet calculated | CVE-2023-3645 MISC |
asustor — adm | Printer service fails to adequately handle user input, allowing a remote unauthorized user to navigate beyond the intended directory structure and create files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below. | 2023-08-17 | not yet calculated | CVE-2023-3697 MISC |
asustor — adm | Printer service fails to adequately handle user input, allowing a remote unauthorized user to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below. | 2023-08-17 | not yet calculated | CVE-2023-3698 MISC |
wordpress — wordpress | The WP-EMail WordPress plugin before 2.69.1 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-08-14 | not yet calculated | CVE-2023-3721 MISC |
xwiki — xwiki-platform | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can view `Invitation.WebHome` can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. This vulnerability has been patched on XWiki 14.4.8, 15.2-rc-1, and 14.10.6. Users are advised to upgrade. Users unable to upgrade may manually apply the patch on `Invitation.InvitationCommon` and `Invitation.InvitationConfig`, but there are otherwise no known workarounds for this vulnerability. | 2023-08-17 | not yet calculated | CVE-2023-37914 MISC MISC MISC |
logitec_corporation — lan-w451ngr | LAN-W451NGR all versions provided by LOGITEC CORPORATION contains an improper access control vulnerability, which allows an unauthenticated attacker to log in to telnet service. | 2023-08-18 | not yet calculated | CVE-2023-38132 MISC MISC |
hewlett_packard_enterprise — hpe_aruba_networking_virtual_intranet_access | A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system. | 2023-08-15 | not yet calculated | CVE-2023-38401 MISC |
hewlett_packard_enterprise — hpe_aruba_networking_virtual_intranet_access | A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process. | 2023-08-15 | not yet calculated | CVE-2023-38402 MISC |
logitec_corporation — lan-wh300n/re | Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console. | 2023-08-18 | not yet calculated | CVE-2023-38576 MISC MISC |
svelecte — svelecte | Svelecte is a flexible autocomplete/select component written in Svelte. Svelecte item names are rendered as raw HTML with no escaping. This allows the injection of arbitrary HTML into the Svelecte dropdown. This can be exploited to execute arbitrary JavaScript whenever a Svelecte dropdown is opened. Item names given to Svelecte appear to be directly rendered as HTML by the default item renderer. This means that any HTML tags in the name are rendered as HTML elements not as text. Note that the custom item renderer shown in https://mskocik.github.io/svelecte/#item-rendering is also vulnerable to the same exploit. Any site that uses Svelecte with dynamically created items either from an external source or from user-created content could be vulnerable to an XSS attack (execution of untrusted JavaScript), clickjacking or any other attack that can be performed with arbitrary HTML injection. The actual impact of this vulnerability for a specific application depends on how trustworthy the sources that provide Svelecte items are and the steps that the application has taken to mitigate XSS attacks. XSS attacks using this vulnerability are mostly mitigated by a Content Security Policy that blocks inline JavaScript. This issue has been addressed in version 3.16.3. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-14 | not yet calculated | CVE-2023-38687 MISC |
ibm — i | The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173. | 2023-08-14 | not yet calculated | CVE-2023-38721 MISC MISC |
ibm — webspher_application_server_liberty | IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 262567. | 2023-08-16 | not yet calculated | CVE-2023-38737 MISC MISC |
ibm — txseries_for_multiplatforms | IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905. | 2023-08-14 | not yet calculated | CVE-2023-38741 MISC MISC |
kidus_minimati — kidus_minimati | SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component. | 2023-08-17 | not yet calculated | CVE-2023-38838 MISC MISC MISC |
kidus_minimati — kidus_minimati | SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via theID parameter in the fulldelete.php component. | 2023-08-18 | not yet calculated | CVE-2023-38839 MISC |
bitwarden — bitwarden | Bitwarden Windows Desktop v2023.5.1 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process. | 2023-08-15 | not yet calculated | CVE-2023-38840 MISC MISC MISC |
atlos — atlos | An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function. | 2023-08-17 | not yet calculated | CVE-2023-38843 MISC MISC |
codedoc — codedoc | Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker to cause a denial of service via the codedoc.c:1742 component. | 2023-08-15 | not yet calculated | CVE-2023-38850 MISC |
langchain — langchain | An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter. | 2023-08-15 | not yet calculated | CVE-2023-38860 MISC |
wavlink — wl_wnj575a3 | An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi. | 2023-08-15 | not yet calculated | CVE-2023-38861 MISC |
comfast — cf-xr11 | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt. | 2023-08-15 | not yet calculated | CVE-2023-38862 MISC |
comfast — cf-xr11 | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt. | 2023-08-15 | not yet calculated | CVE-2023-38863 MISC |
comfast — cf-xr11 | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt. | 2023-08-15 | not yet calculated | CVE-2023-38864 MISC |
comfast — cf-xr11 | COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr. | 2023-08-15 | not yet calculated | CVE-2023-38865 MISC |
comfast — cf-xr11 | COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and display_name. | 2023-08-15 | not yet calculated | CVE-2023-38866 MISC |
alluxio — alluxio | An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroups(java.lang.String). | 2023-08-15 | not yet calculated | CVE-2023-38889 MISC |
online_shopping_portal_project — online_shopping_portal_project | Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks. | 2023-08-18 | not yet calculated | CVE-2023-38890 MISC |
tree-kit — tree-kit | A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function. | 2023-08-16 | not yet calculated | CVE-2023-38894 MISC MISC MISC |
langchain — langchain | An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions. | 2023-08-15 | not yet calculated | CVE-2023-38896 MISC MISC MISC |
cpython — cpython | An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component. | 2023-08-15 | not yet calculated | CVE-2023-38898 MISC MISC |
ruijie_networks — multiple_products | A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field. | 2023-08-17 | not yet calculated | CVE-2023-38902 MISC |
netlify_cms — netlify_cms | A Cross Site Scripting (XSS) vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function. | 2023-08-16 | not yet calculated | CVE-2023-38904 MISC |
jeecg-boot — jeecg-boot | SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions. | 2023-08-17 | not yet calculated | CVE-2023-38905 MISC MISC |
cszcms– cszcms | CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the ‘Carousel Wiget’ section and choosing our carousel widget created above, in ‘Photo URL’ and ‘YouTube URL’ plugin. | 2023-08-18 | not yet calculated | CVE-2023-38910 MISC |
cszcms– cszcms | A Cross-Site Scripting (XSS) vulnerability in CSZ CMS 1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Gallery parameter in the YouTube URL fields. | 2023-08-18 | not yet calculated | CVE-2023-38911 MISC MISC |
easyadmin8 — easyadmin8 | File Upload vulnerability in Wolf-leo EasyAdmin8 v.1.0 allows a remote attacker to execute arbitrary code via the upload type function. | 2023-08-15 | not yet calculated | CVE-2023-38915 MISC |
evotingsystem-php — evotingsystem-php | SQL Injection vulnerability in eVotingSystem-PHP v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the user input fields. | 2023-08-15 | not yet calculated | CVE-2023-38916 MISC |
campcodes — online_matrimonial_website_system_script | install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document. | 2023-08-16 | not yet calculated | CVE-2023-39115 MISC MISC MISC MISC |
ntsc-crt_2.2.1 — ntsc-crt_2.2.1 | NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmp_rw.c because a file’s width, height, and BPP are not validated. NOTE: the vendor’s perspective is “this main application was not intended to be a well-tested program, it’s just something to demonstrate it works and for the user to see how to integrate it into their own programs.” | 2023-08-18 | not yet calculated | CVE-2023-39125 MISC |
dell — dell_storage_integration_tools_for_vmware | Dell Storage Integration Tools for VMware (DSITV) 06.01.00.016 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. | 2023-08-16 | not yet calculated | CVE-2023-39250 MISC |
mitel_networks_corp. — mivoice_office_400_smb_controller | A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary database and management operations. | 2023-08-14 | not yet calculated | CVE-2023-39292 MISC |
mitel_networks_corp. — mivoice_office_400_smb_controller | A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to execute arbitrary commands within the context of the system. | 2023-08-14 | not yet calculated | CVE-2023-39293 MISC |
north_grid_corporation — multiple_products | Improper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote unauthenticated attacker to log in to the product’s Control Panel and perform an unintended operation. | 2023-08-18 | not yet calculated | CVE-2023-39415 MISC MISC MISC |
north_grid_corporation — multiple_products | Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote authenticated attacker with an administrative privilege to execute arbitrary OS commands. | 2023-08-18 | not yet calculated | CVE-2023-39416 MISC MISC MISC |
sap_se — cla_assistant | A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. This allows an arbitrary authenticated user to read CLA information including information of the persons who signed them as well as custom fields the CLA requester had configured. In addition, an arbitrary authenticated user can update or delete the CLA-configuration for repositories or organizations using CLA-assistant. The stored access tokens for GitHub are not affected, as these are redacted from the API-responses. | 2023-08-15 | not yet calculated | CVE-2023-39438 MISC |
logitec_corporation — lan-wh300n/re | Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an unauthenticated attacker to execute arbitrary code by sending a specially crafted file to the product’s certain management console. | 2023-08-18 | not yet calculated | CVE-2023-39445 MISC MISC |
elecom_co._ltd.– multiple_products | Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code. | 2023-08-18 | not yet calculated | CVE-2023-39454 MISC MISC |
elecom_co._ltd. — multiple_products | OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-F1167ACF2 all versions, WRC-1467GHBK-S all versions, and WRC-1900GHBK-S all versions. | 2023-08-18 | not yet calculated | CVE-2023-39455 MISC MISC |
recruit_co._ltd. — rikunabi_next_app_for_android | Improper authorization in the custom URL scheme handler in “Rikunabi NEXT” App for Android prior to ver. 11.5.0 allows a malicious intent to lead the vulnerable App to access an arbitrary website. | 2023-08-16 | not yet calculated | CVE-2023-39507 MISC |
eprosima — fast-dds | eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue. | 2023-08-11 | not yet calculated | CVE-2023-39534 MISC MISC MISC MISC MISC |
langchain — langchain | An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component. | 2023-08-15 | not yet calculated | CVE-2023-39659 MISC MISC |
pandas-ai — pandas-ai | An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the _is_jailbreak function. | 2023-08-15 | not yet calculated | CVE-2023-39661 MISC |
llama_index — llama_index | An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function. | 2023-08-15 | not yet calculated | CVE-2023-39662 MISC |
d-link — dir-842 | D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters. | 2023-08-18 | not yet calculated | CVE-2023-39666 MISC MISC MISC |
d-link — dir-880 | D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824. | 2023-08-18 | not yet calculated | CVE-2023-39669 MISC MISC MISC |
tenda — ac6 | Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets. | 2023-08-18 | not yet calculated | CVE-2023-39670 MISC MISC |
d-link — dir-880 | D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68. | 2023-08-18 | not yet calculated | CVE-2023-39671 MISC MISC MISC |
tenda — wh450 | Tenda WH450 v1.0.0.18 was discovered to contain a buffer overflow via the function fgets. | 2023-08-18 | not yet calculated | CVE-2023-39672 MISC MISC |
tenda — ac15 | Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34(). | 2023-08-18 | not yet calculated | CVE-2023-39673 MISC MISC |
d-link — dir-880 | D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets. | 2023-08-18 | not yet calculated | CVE-2023-39674 MISC MISC MISC |
lrzip — lrzip | lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | 2023-08-17 | not yet calculated | CVE-2023-39741 MISC MISC |
lrzip-next_lzma — lrzip-next_lzma | lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c. | 2023-08-17 | not yet calculated | CVE-2023-39743 MISC MISC |
etekcity — 3-in-1_smart_door_lock | Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device. | 2023-08-15 | not yet calculated | CVE-2023-39841 MISC |
digoo — dg-hamb_smart_home_security_system | Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device. | 2023-08-15 | not yet calculated | CVE-2023-39842 MISC |
suleve — 5-in-1_smart_door_lock | Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device. | 2023-08-15 | not yet calculated | CVE-2023-39843 MISC |
konga — konga | An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token. | 2023-08-16 | not yet calculated | CVE-2023-39846 MISC |
yubico — yubihsm_2_sdk | The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory. | 2023-08-14 | not yet calculated | CVE-2023-39908 MISC |
elecom_co._ltd. — wrc-1167acf/wrc-1750ghbk3 | OS command injection vulnerability in WRC-F1167ACF all versions, and WRC-1750GHBK all versions allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. | 2023-08-18 | not yet calculated | CVE-2023-39944 MISC MISC |
eprosima — fast-dds | eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled `BadParamException` in fastcdr, which in turn crashes fastdds. Versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5 contain a patch for this issue. | 2023-08-11 | not yet calculated | CVE-2023-39945 MISC MISC MISC MISC |
eprosima — fast-dds | eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PID_PROPERTY_LIST parameter that contains a CDR string with length larger than the size of actual content. In `eprosima::fastdds::dds::ParameterPropertyList_t::push_back_helper`, `memcpy` is called to first copy the octet’ized length and then to copy the data into `properties_.data`. At the second memcpy, both `data` and `size` can be controlled by anyone that sends the CDR string to the discovery multicast port. This can remotely crash any Fast-DDS process. Versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6 contain a patch for this issue. | 2023-08-11 | not yet calculated | CVE-2023-39946 MISC MISC MISC |
eprosima — fast-dds | eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed `PID_PROPERTY_LIST` parameters cause heap overflow at a different program counter. This can remotely crash any Fast-DDS process. Versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6 contain a patch for this issue. | 2023-08-11 | not yet calculated | CVE-2023-39947 MISC MISC MISC |
eprosima — fast-dds | eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the `BadParamException` thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain a patch for this issue. | 2023-08-11 | not yet calculated | CVE-2023-39948 MISC MISC MISC MISC |
eprosima — fast-dds | eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue. | 2023-08-11 | not yet calculated | CVE-2023-39949 MISC MISC MISC MISC |
siemens — efibootguard | efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. This is triggered when the affected components try to modify a manipulated environment, in particular its user variables. Furthermore, `bg_printenv` may crash over invalid read accesses or report invalid results. Not affected by this issue is EFI Boot Guard’s bootloader EFI binary. EFI Boot Guard release v0.15 contains required patches to sanitize and validate the bootloader environment prior to processing it in userspace. Its library and tools should be updated, so should programs statically linked against it. An update of the bootloader EFI executable is not required. The only way to prevent the issue with an unpatched EFI Boot Guard version is to avoid accesses to user variables, specifically modifications to them. | 2023-08-14 | not yet calculated | CVE-2023-39950 MISC MISC MISC MISC MISC |
joomla — joomla | Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution. | 2023-08-17 | not yet calculated | CVE-2023-39970 MISC |
joomla — joomla | Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3. | 2023-08-17 | not yet calculated | CVE-2023-39971 MISC MISC |
joomla — joomla | Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists. | 2023-08-17 | not yet calculated | CVE-2023-39972 MISC MISC |
joomla — joomla | Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns. | 2023-08-17 | not yet calculated | CVE-2023-39973 MISC MISC |
joomla — joomla | Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list. | 2023-08-17 | not yet calculated | CVE-2023-39974 MISC MISC |
massachusetts_institute_of_technology — kerberos_5 | kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another. | 2023-08-16 | not yet calculated | CVE-2023-39975 CONFIRM MISC MISC |
svg-loader — svg-loader | SVG Loader is a javascript library that fetches SVGs using XMLHttpRequests and injects the SVG code in the tag’s place. According to the docs, svg-loader will strip all JS code before injecting the SVG file for security reasons, but the input sanitization logic is not sufficient and can be trivially bypassed. This allows an attacker to craft a malicious SVG which can result in Cross-site Scripting (XSS). When trying to sanitize the svg the lib removes event attributes such as `onmouseover`, `onclick` but the list of events is not exhaustive. Any website which uses external-svg-loader and allows its users to provide svg src, upload svg files would be susceptible to stored XSS attack. This issue has been addressed in commit `d3562fc08` which is included in releases from 1.6.9. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-14 | not yet calculated | CVE-2023-40013 MISC MISC MISC MISC |
privateuploader — privateuploader | PrivateUploader is an open-source image hosting server written in Vue and TypeScript. In affected versions `app/routes/v3/admin.controller.ts` did not correctly verify whether the user was an administrator (High Level) or moderator (Low Level) causing the request to continue processing. The response would be a 403 with ADMIN_ONLY, however, next() would call leading to any updates/changes in the route to process. This issue has been addressed in version 3.2.49. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-14 | not yet calculated | CVE-2023-40020 MISC MISC |
oppia — oppia | Oppia is an online learning platform. When comparing a received CSRF token against the expected token, Oppia uses the string equality operator (`==`), which is not safe against timing attacks. By repeatedly submitting invalid tokens, an attacker can brute force the expected CSRF token character by character. Once they have recovered the token, they can then submit a forged request on behalf of a logged-in user and execute privileged actions on that user’s behalf. In particular the function to validate received CSRF tokens is at `oppia.core.controllers.base.CsrfTokenManager.is_csrf_token_valid`. An attacker who can lure a logged-in Oppia user to a malicious website can perform any change on Oppia that the user is authorized to do, including changing profile information; creating, deleting, and changing explorations; etc. Note that the attacker cannot change a user’s login credentials. An attack would need to complete within 1 second because every second, the time used in computing the token changes. This issue has been addressed in commit `b89bf80837` which has been included in release `3.3.2-hotfix-2`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-16 | not yet calculated | CVE-2023-40021 MISC MISC MISC MISC |
yaklang — yaklang | yaklang is a programming language designed for cybersecurity. The Yak Engine has been found to contain a local file inclusion (LFI) vulnerability. This vulnerability allows attackers to include files from the server’s local file system through the web application. When exploited, this can lead to the unintended exposure of sensitive data, potential remote code execution, or other security breaches. Users utilizing versions of the Yak Engine prior to 1.2.4-sp1 are impacted. This vulnerability has been patched in version 1.2.4-sp1. Users are advised to upgrade. users unable to upgrade may avoid exposing vulnerable versions to untrusted input and to closely monitor any unexpected server behavior until they can upgrade. | 2023-08-14 | not yet calculated | CVE-2023-40023 MISC MISC MISC |
nexb — scancode.io | ScanCode.io is a server to script and automate software composition analysis pipelines. In the `/license/` endpoint, the detailed view key is not properly validated and sanitized, which can result in a potential cross-site scripting (XSS) vulnerability when attempting to access a detailed license view that does not exist. Attackers can exploit this vulnerability to inject malicious scripts into the response generated by the `license_details_view` function. When unsuspecting users visit the page, their browsers will execute the injected scripts, leading to unauthorized actions, session hijacking, or stealing sensitive information. This issue has been addressed in release `32.5.2`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-14 | not yet calculated | CVE-2023-40024 MISC MISC |
keystone — keystone | Keystone is an open-source headless CMS for Node.js — built with GraphQL and React. When `ui.isAccessAllowed` is set as `undefined`, the `adminMeta` GraphQL query is publicly accessible (no session required). This is different to the behaviour of the default AdminUI middleware, which by default will only be publicly accessible (no session required) if a `session` strategy is not defined. This vulnerability does not affect developers using the `@keystone-6/auth` package, or any users that have written their own `ui.isAccessAllowed` (that is to say, `isAccessAllowed` is not `undefined`). This vulnerability does affect users who believed that their `session` strategy will, by default, enforce that `adminMeta` is inaccessible by the public in accordance with that strategy; akin to the behaviour of the AdminUI middleware. This vulnerability has been patched in `@keystone-6/core` version `5.5.1`. Users are advised to upgrade. Users unable to upgrade may opt to write their own `isAccessAllowed` functionality to work-around this vulnerability. | 2023-08-15 | not yet calculated | CVE-2023-40027 MISC MISC MISC |
ghost — ghost | Ghost is an open-source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost’s `content/` folder. Version 5.59.1 contains a fix for this issue. All users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-15 | not yet calculated | CVE-2023-40028 MISC MISC |
flarum — flarum | Flarum is an open-source forum software. Flarum is affected by a vulnerability that allows an attacker to conduct a Blind Server-Side Request Forgery (SSRF) attack or disclose any file on the server, even with a basic user account on any Flarum forum. By uploading a file containing a URL and spoofing the MIME type, an attacker can manipulate the application to execute unintended actions. The vulnerability is due to the behavior of the `intervention/image` package, which attempts to interpret the supplied file contents as a URL, which then fetches its contents. This allows an attacker to exploit the vulnerability to perform SSRF attacks, disclose local file contents, or conduct a blind oracle attack. This has been patched in Flarum version 1.8.0. Users are advised to upgrade. Users unable to upgrade may disable PHP’s `allow_url_fopen` which will prevent the fetching of external files via URLs as a temporary workaround for the SSRF aspect of the vulnerability. | 2023-08-16 | not yet calculated | CVE-2023-40033 MISC MISC |
woodpecker-ci — woodpecker | Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data which lead to an update of the repository data that can e.g., allow the takeover of a repo. This is only critical if the CI is configured for public usage and connected to a forge which is also in public usage. This issue has been addressed in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should secure the CI system by making it inaccessible to untrusted entities, for example, by placing it behind a firewall. | 2023-08-16 | not yet calculated | CVE-2023-40034 MISC MISC MISC MISC |
apache — nifi | Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connection URL validation using custom input formatting. The resolution enhances connection URL validation and introduces validation for additional related properties. Upgrading to Apache NiFi 1.23.1 is the recommended mitigation. | 2023-08-18 | not yet calculated | CVE-2023-40037 MISC MISC MISC |
elecom_co._ltd. — multiple_products | OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-F1167ACF all versions, WRC-1750GHBK all versions, WRC-1167GHBK2 all versions, WRC-1750GHBK2-I all versions, and WRC-1750GHBK-E all versions. | 2023-08-18 | not yet calculated | CVE-2023-40069 MISC MISC |
elecom_co._ltd. — wab-s600-ps/wab-s300 | OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allow an authenticated user to execute an arbitrary OS command by sending a specially crafted request. | 2023-08-18 | not yet calculated | CVE-2023-40072 MISC MISC |
rubygems — rubygems | rubygems.org is the Ruby community’s primary gem (library) hosting service. Insufficient input validation allowed malicious actors to replace any uploaded gem version that had a platform, version number, or gem name matching `/-\d/`, permanently replacing the legitimate upload in the canonical gem storage bucket and triggering an immediate CDN purge so that the malicious gem would be served immediately. The maintainers have checked all gems matching the `/-\d/` pattern and can confirm that no unexpected `.gem`s were found. As a result, we believe this vulnerability was _not_ exploited. The easiest way to ensure that a user’s applications were not exploited by this vulnerability is to check that all of your downloaded .gems have a checksum that matches the checksum recorded in the RubyGems.org database. RubyGems contributor Maciej Mensfeld wrote a tool to automatically check that all downloaded .gem files match the checksums recorded in the RubyGems.org database. You can use it by running: `bundle add bundler-integrity` followed by `bundle exec bundler-integrity`. Neither this tool nor anything else can prove you were not exploited, but they can assist your investigation by quickly comparing RubyGems API-provided checksums with the checksums of files on your disk. The issue has been patched with improved input validation and the changes are live. No action is required on the part of the user. Users are advised to validate their local gems. | 2023-08-17 | not yet calculated | CVE-2023-40165 MISC MISC |
turbowarp — desktop | TurboWarp is a desktop application that compiles scratch projects to JavaScript. TurboWarp Desktop versions prior to version 1.8.0 allowed a malicious project or custom extension to read arbitrary files from disk and upload them to a remote server. The only required user interaction is opening the sb3 file or loading the extension. The web version of TurboWarp is not affected. This bug has been addressed in commit `55e07e99b59` after an initial fix which was reverted. Users are advised to upgrade to version 1.8.0 or later. Users unable to upgrade should avoid opening sb3 files or loading extensions from untrusted sources. | 2023-08-17 | not yet calculated | CVE-2023-40168 MISC MISC MISC MISC |
dispatch — dispatch | Dispatch is an open-source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the `Dispatch Plugin – Basic Authentication Provider` plugin encounters an error when attempting to decode a JWT token. Any Dispatch users who own their instance and rely on the `Dispatch Plugin – Basic Authentication Provider` plugin for authentication may be impacted, allowing for any account to be taken over within their own instance. This could be done by using the secret to sign attacker crafted JWTs. If you think that you may be impacted, we strongly suggest you rotate the secret stored in the `DISPATCH_JWT_SECRET` envvar in the `.env` file. This issue has been addressed in commit `b1942a4319` which has been included in the `20230817` release. users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-17 | not yet calculated | CVE-2023-40171 MISC MISC MISC MISC |
social_media_skeleton — social_media_skeleton | Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery (CSRF) attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do. This can be done by sending the victim a malicious link or by exploiting a vulnerability in the website. Prior to version 1.0.5 Social media skeleton did not properly restrict CSRF attacks. This has been addressed in version 1.0.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-18 | not yet calculated | CVE-2023-40172 MISC MISC |
social_media_skeleton — social_media_skeleton | Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue. | 2023-08-18 | not yet calculated | CVE-2023-40173 MISC MISC MISC |
social_media_skeleton — social_media_skeleton | Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Insufficient session expiration is a web application security vulnerability that occurs when a web application does not properly manage the lifecycle of a user’s session. Social media skeleton releases prior to 1.0.5 did not properly limit manage user session lifecycles. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-18 | not yet calculated | CVE-2023-40174 MISC MISC |
puma — puma | Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is highly dependent on the nature of the web site using puma is. This could be caused by either incorrect parsing of trailing fields in chunked transfer encoding bodies or by parsing of blank/zero-length Content-Length headers. Both issues have been addressed and this vulnerability has been fixed in versions 6.3.1 and 5.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-08-18 | not yet calculated | CVE-2023-40175 MISC MISC |
genians — multiple_products | Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | 2023-08-17 | not yet calculated | CVE-2023-40251 MISC |
genians — multiple_products | Improper Control of Generation of Code (‘Code Injection’) vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | 2023-08-17 | not yet calculated | CVE-2023-40252 MISC |
genians — multiple_products | Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | 2023-08-11 | not yet calculated | CVE-2023-40253 MISC |
genians — multiple_products | Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | 2023-08-11 | not yet calculated | CVE-2023-40254 MISC |
apache — airflow | Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not affected. | 2023-08-17 | not yet calculated | CVE-2023-40272 MISC MISC MISC |
getzola — getzola | An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the “zola serve” command, allows directory traversal. The handle_request function, used by the server to process HTTP requests, does not account for sequences of special path control characters (../) in the URL when serving a file, which allows one to escape the webroot of the server and read arbitrary files from the filesystem. | 2023-08-14 | not yet calculated | CVE-2023-40274 MISC MISC |
lenovo — notebook | A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code. | 2023-08-17 | not yet calculated | CVE-2023-4028 MISC |
ec-cube_co._ltd. — ec-cube_2_series | EC-CUBE 2.11.0 to 2.17.2-p1 contain a cross-site scripting vulnerability in “mail/template” and “products/product” of Management page. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the other administrator or the user who accessed the website using the product. | 2023-08-17 | not yet calculated | CVE-2023-40281 MISC MISC |
linux — kernel | An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of a sk are mishandled. | 2023-08-14 | not yet calculated | CVE-2023-40283 MISC MISC MISC DEBIAN |
lenovo — thinkpad | A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code. | 2023-08-17 | not yet calculated | CVE-2023-4029 MISC |
harman_international — harman_automotive_infotainment | Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name. | 2023-08-14 | not yet calculated | CVE-2023-40291 MISC |
harman_international — harman_automotive_infotainment | Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets. | 2023-08-14 | not yet calculated | CVE-2023-40292 MISC |
harman_international — harman_automotive_infotainment | Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object. | 2023-08-14 | not yet calculated | CVE-2023-40293 MISC |
boron_2.0.8– boron_2.0.8 | libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c. | 2023-08-14 | not yet calculated | CVE-2023-40294 MISC |
boron_2.0.8– boron_2.0.8 | libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_strInitUtf8 at string.c. | 2023-08-14 | not yet calculated | CVE-2023-40295 MISC |
async-sockets-cpp — async-sockets-cpp | async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets. | 2023-08-14 | not yet calculated | CVE-2023-40296 MISC |
lenovo — thinkpad | A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt. | 2023-08-17 | not yet calculated | CVE-2023-4030 MISC |
gnu_inetutils — gnu_inetutils | GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process. | 2023-08-14 | not yet calculated | CVE-2023-40303 MISC MISC MISC |
gnu_indent — gnu_indent | GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. | 2023-08-14 | not yet calculated | CVE-2023-40305 MISC MISC |
opennms — horizon | Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization’s private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue. | 2023-08-14 | not yet calculated | CVE-2023-40311 MISC MISC MISC |
opennms — horizon | Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization’s private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue. | 2023-08-14 | not yet calculated | CVE-2023-40312 MISC MISC |
opennms — horizon | A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian versions which could allow arbitrary remote Java code execution. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization’s private networks and should not be directly accessible from the Internet. | 2023-08-17 | not yet calculated | CVE-2023-40313 MISC MISC |
opennms — horizon | In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYSTEM_EDITOR can easily escalate their privileges to ROLE_ADMIN or any other role. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization’s private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue. | 2023-08-17 | not yet calculated | CVE-2023-40315 MISC MISC |
jenkins — jenkins | A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders. | 2023-08-16 | not yet calculated | CVE-2023-40336 MISC MISC |
jenkins — jenkins | A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder. | 2023-08-16 | not yet calculated | CVE-2023-40337 MISC MISC |
jenkins — jenkins | Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system. | 2023-08-16 | not yet calculated | CVE-2023-40338 MISC MISC |
jenkins — jenkins | Jenkins Config File Provider Plugin 952.va_544a_6234b_46 and earlier does not mask (i.e., replace with asterisks) credentials specified in configuration files when they’re written to the build log. | 2023-08-16 | not yet calculated | CVE-2023-40339 MISC MISC |
jenkins — jenkins | Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs. | 2023-08-16 | not yet calculated | CVE-2023-40340 MISC MISC |
jenkins — jenkins | A cross-site request forgery (CSRF) vulnerability in Jenkins Favorite View Plugin 5.v77a_37f62782d and earlier allows attackers to add or remove views from another user’s favorite views tab bar. | 2023-08-16 | not yet calculated | CVE-2023-40351 MISC MISC |
mariadb_maxscale — mariadb_maxscale | An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a “maxctrl create service” command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08.8, and 23.02.3. | 2023-08-14 | not yet calculated | CVE-2023-40354 MISC |
xterm — xterm | xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. | 2023-08-14 | not yet calculated | CVE-2023-40359 MISC |
qemu — qemu | QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled. | 2023-08-14 | not yet calculated | CVE-2023-40360 MISC MISC MISC |
litespeed/openlitespeed — litespeed/openlitespeed | LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers. | 2023-08-14 | not yet calculated | CVE-2023-40518 MISC MISC |
moxa — nport_iaw5000a-i/o_series | NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerability which poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate firmware manipulation. | 2023-08-16 | not yet calculated | CVE-2023-4204 MISC |
cloudflare — lol-html | lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected. | 2023-08-16 | not yet calculated | CVE-2023-4241 MISC |
zephyrproject-rtos — zephyr | Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis… https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis.c#L841 | 2023-08-12 | not yet calculated | CVE-2023-4265 MISC |
cockpit-hq — cockpit | Cross-site Scripting (XSS) – Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3. | 2023-08-14 | not yet calculated | CVE-2023-4321 MISC MISC |
radareorg — radare2 | Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | 2023-08-14 | not yet calculated | CVE-2023-4322 MISC MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup. | 2023-08-15 | not yet calculated | CVE-2023-4323 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers. | 2023-08-15 | not yet calculated | CVE-2023-4324 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities. | 2023-08-15 | not yet calculated | CVE-2023-4325 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites. | 2023-08-15 | not yet calculated | CVE-2023-4326 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux. | 2023-08-15 | not yet calculated | CVE-2023-4327 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux. | 2023-08-15 | not yet calculated | CVE-2023-4328 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute. | 2023-08-15 | not yet calculated | CVE-2023-4329 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable to Denial of Service which can be caused by an authenticated user to the REST API Interface. | 2023-08-15 | not yet calculated | CVE-2023-4330 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to an insecure default TLS configuration that support obsolete and vulnerable TLS protocols. | 2023-08-15 | not yet calculated | CVE-2023-4331 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file. | 2023-08-15 | not yet calculated | CVE-2023-4332 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows. | 2023-08-15 | not yet calculated | CVE-2023-4333 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller Web server (nginx) is serving private files without any authentication. | 2023-08-15 | not yet calculated | CVE-2023-4334 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux. | 2023-08-15 | not yet calculated | CVE-2023-4335 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute. | 2023-08-15 | not yet calculated | CVE-2023-4336 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation. | 2023-08-15 | not yet calculated | CVE-2023-4337 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers. | 2023-08-15 | not yet calculated | CVE-2023-4338 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions. | 2023-08-15 | not yet calculated | CVE-2023-4339 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file. | 2023-08-15 | not yet calculated | CVE-2023-4340 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI. | 2023-08-15 | not yet calculated | CVE-2023-4341 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy. | 2023-08-15 | not yet calculated | CVE-2023-4342 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter. | 2023-08-15 | not yet calculated | CVE-2023-4343 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection. | 2023-08-15 | not yet calculated | CVE-2023-4344 MISC |
broadcom — raid_controller_web_interface | Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user. | 2023-08-15 | not yet calculated | CVE-2023-4345 MISC |
librenms — librenms/librenms | Cross-site Scripting (XSS) – Reflected in GitHub repository librenms/librenms prior to 23.8.0. | 2023-08-15 | not yet calculated | CVE-2023-4347 MISC MISC |
google — chrome | Use after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-08-15 | not yet calculated | CVE-2023-4349 MISC MISC MISC MISC |
google — chrome_for_android | Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) | 2023-08-15 | not yet calculated | CVE-2023-4350 MISC MISC MISC MISC |
google — chrome | Use after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-08-15 | not yet calculated | CVE-2023-4351 MISC MISC MISC MISC |
google — chrome | Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-08-15 | not yet calculated | CVE-2023-4352 MISC MISC MISC MISC |
google — chrome | Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-08-15 | not yet calculated | CVE-2023-4353 MISC MISC MISC MISC |
google — chrome | Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-08-15 | not yet calculated | CVE-2023-4354 MISC MISC MISC MISC |
google — chrome | Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-08-15 | not yet calculated | CVE-2023-4355 MISC MISC MISC MISC |
google — chrome | Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4356 MISC MISC MISC MISC |
google — chrome | Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4357 MISC MISC MISC MISC |
google — chrome | Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4358 MISC MISC MISC MISC |
google — chrome_for_ios | Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4359 MISC MISC MISC MISC |
google — chrome | Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4360 MISC MISC MISC MISC |
google — chrome_for_android | Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4361 MISC MISC MISC MISC |
google — chrome | Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4362 MISC MISC MISC MISC |
google — chrome_for_android | Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4363 MISC MISC MISC MISC |
google — chrome | Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4364 MISC MISC MISC MISC |
google — chrome | Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4365 MISC MISC MISC MISC |
google — chrome | Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4366 MISC MISC MISC MISC |
google — chrome | Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4367 MISC MISC MISC MISC |
google — chrome | Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4368 MISC MISC MISC MISC |
google — chrome_for_chromeos | Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-15 | not yet calculated | CVE-2023-4369 MISC MISC |
phprecdb — phprecdb | A vulnerability was found in phpRecDB 1.3.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument r/view leads to cross site scripting. The attack may be launched remotely. VDB-237194 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-15 | not yet calculated | CVE-2023-4371 MISC MISC |
instantsoft — instantsoft/icms2 | Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git. | 2023-08-16 | not yet calculated | CVE-2023-4381 MISC MISC |
tdevs — hyip_rio | A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be launched remotely. VDB-237314 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-16 | not yet calculated | CVE-2023-4382 MISC MISC MISC |
microworld — escan_anti-virus | A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-16 | not yet calculated | CVE-2023-4383 MISC MISC MISC |
maximatech — portal_executivo | A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to missing encryption of sensitive data. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237316. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-16 | not yet calculated | CVE-2023-4384 MISC MISC MISC |
linux — kernel | A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check. | 2023-08-16 | not yet calculated | CVE-2023-4385 MISC MISC MISC |
linux — kernel | A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware’s vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem. | 2023-08-16 | not yet calculated | CVE-2023-4387 MISC MISC MISC |
linux — kernel | A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information. | 2023-08-16 | not yet calculated | CVE-2023-4389 MISC MISC MISC |
control_id — gerencia_web | A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected by this issue is some unknown functionality of the component Cookie Handler. The manipulation leads to cleartext storage of sensitive information. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237380. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-17 | not yet calculated | CVE-2023-4392 MISC MISC MISC |
linux — kernel | A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information | 2023-08-17 | not yet calculated | CVE-2023-4394 MISC MISC MISC |
cockpit-hq — cockpit | Cross-site Scripting (XSS) – Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4. | 2023-08-17 | not yet calculated | CVE-2023-4395 MISC MISC |
codecanyon — credit_lite | A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/account_statement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-237511. | 2023-08-18 | not yet calculated | CVE-2023-4407 MISC MISC |
nbs&happysoftwechat — nbs&happysoftwechat | A vulnerability, which was classified as critical, has been found in NBS&HappySoftWeChat 1.1.6. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237512. | 2023-08-18 | not yet calculated | CVE-2023-4409 MISC MISC MISC |
totolink — ex1200l | A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023. This affects the function setDiagnosisCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237513 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-18 | not yet calculated | CVE-2023-4410 MISC MISC MISC |
totolink — ex1200l | A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-237514 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-18 | not yet calculated | CVE-2023-4411 MISC MISC MISC |
totolink — ex1200l | A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This issue affects the function setWanCfg. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237515. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-18 | not yet calculated | CVE-2023-4412 MISC MISC MISC |
rkhunter — rootkit_hunter | A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It has been classified as problematic. Affected is an unknown function of the file /var/log/rkhunter.log. The manipulation leads to sensitive information in log files. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237516. | 2023-08-18 | not yet calculated | CVE-2023-4413 MISC MISC MISC MISC |
beijing_baichuo — smart_s85f_management_platform | A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237517 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-18 | not yet calculated | CVE-2023-4414 MISC MISC MISC |
ruijie_networks — rg-ew1200g | A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-18 | not yet calculated | CVE-2023-4415 MISC MISC MISC |
cockpit-hq — cockpit | Cross-site Scripting (XSS) – Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3. | 2023-08-18 | not yet calculated | CVE-2023-4422 MISC MISC |
cockpit-hq — cockpit | Cross-site Scripting (XSS) – Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4. | 2023-08-19 | not yet calculated | CVE-2023-4432 MISC MISC |
cockpit-hq — cockpit | Cross-site Scripting (XSS) – Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4. | 2023-08-19 | not yet calculated | CVE-2023-4433 MISC MISC |
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.