US-CERT Vulnerability Summary for the Week of October 2, 2023

Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.

 

High Vulnerabilities

Primary
Vendor — Product
DescriptionPublishedCVSS ScoreSource & Patch Info
acronis — agentLocal privilege escalation due to improper soft link handling. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 29051.2023-10-047.8CVE-2023-44209
MISC
acronis — cyber_protect_home_officeSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713.2023-10-049.1CVE-2023-44208
MISC
afterlogic — aurora_filesA deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute arbitrary code via supplying a crafted .sabredav file.2023-10-038.8CVE-2023-43176
MISC
MISC
MISC
MISC
apple — ipados/iosThe issue was addressed with improved checks. This issue is fixed in iOS 17.0.3 and iPadOS 17.0.3. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.2023-10-047.8CVE-2023-42824
MISC
MISC
MISC
aqua_esolutions — aqua_driveAqua Drive, in its 2.4 version, is vulnerable to a relative path traversal vulnerability. By exploiting this vulnerability, an authenticated non privileged user could access/modify stored resources of other users. It could also be possible to access and modify the source and configuration files of the cloud disk platform, affecting the integrity and availability of the entire platform.2023-10-048.8CVE-2023-3701
MISC
asyncua — asyncuaVersions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. **Note:** This issue is a result of missing checks for services that require an active session.2023-10-037.5CVE-2023-26150
MISC
MISC
MISC
MISC
MISC
MISC
MISC
asyncua — asyncuaVersions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory.2023-10-037.5CVE-2023-26151
MISC
MISC
MISC
MISC
MISC
MISC
baramundi_software_gmbh — enterprise_mobility_management_agentBuffer Overflow vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an attacker to cause a denial of service via a crafted request to the password parameter.2023-10-027.8CVE-2023-37605
MISC
bydemes — airspace_cctv_web_serviceThe web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access.2023-10-038.8CVE-2023-0506
MISC
MISC
cambium_networks — enterprise_wi-fiCambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitize the ping host argument in device-agent.2023-09-299.8CVE-2022-35908
CONFIRM
MISC
candlepin — candlepinAn improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant.2023-10-048.1CVE-2023-1832
MISC
MISC
caphyon — advanced_installerA vulnerability classified as critical has been found in Caphyon Advanced Installer 19.7. This affects an unknown part of the component WinSxS DLL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Upgrading to version 19.7.1 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-240903.2023-09-307.8CVE-2022-4956
MISC
MISC
MISC
MISC
cashit — cashit!cashIT! – serving solutions. Devices from “PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH” to 03.A06rks 2023.02.37 are affected by an origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the network.2023-10-039.8CVE-2023-3654
MISC
cashit — cashit!cashIT! – serving solutions. Devices from “PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH” to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network.2023-10-039.8CVE-2023-3656
MISC
cashit — cashit!cashIT! – serving solutions. Devices from “PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH” to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,…). This vulnerability can be triggered by an HTTP endpoint exposed to the network.2023-10-037.5CVE-2023-3655
MISC
cato_networks — cato_clientAn issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and winning the race condition (TOCTOU) via the PrivilegedHelperTool component.2023-10-038.1CVE-2023-43976
MISC
MISC
cisco — emergency_responderA vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.2023-10-049.8CVE-2023-20101
MISC
composer — composerComposer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has `register_argc_argv` enabled in php.ini. Versions 2.6.4, 2.2.22 and 1.10.27 patch this vulnerability. Users are advised to upgrade. Users unable to upgrade should make sure `register_argc_argv` is disabled in php.ini, and avoid publishing composer.phar to the web as this is not best practice.2023-09-298.8CVE-2023-43655
MISC
MISC
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44828
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44829
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44830
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44831
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44832
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44833
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44834
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44835
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44836
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44837
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44838
MISC
MISC
d-link — dir-823g_firmwareD-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.2023-10-057.5CVE-2023-44839
MISC
MISC
d-link — dir-846_firmwareAn issue in D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 firmware version 100A53DBR-Retail allows a remote attacker to execute arbitrary code.2023-10-058.8CVE-2023-43284
MISC
MISC
dedecms — dedecmsA vulnerability classified as critical was found in DedeCMS 5.7.111. This vulnerability affects the function AddMyAddon of the file album_add.php. The manipulation of the argument albumUploadFiles leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240940.2023-09-308.8CVE-2023-5301
MISC
MISC
MISC
dell — common_event_enablerDell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges.2023-09-297.8CVE-2023-32477
MISC
dell — smartfabric_storage_softwareDell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity.2023-10-059.8CVE-2023-32485
MISC
dell — smartfabric_storage_softwareDell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands.2023-10-058.8CVE-2023-43068
MISC
dell — smartfabric_storage_softwareDell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access.2023-10-058.8CVE-2023-4401
MISC
dell — smartfabric_storage_softwareDell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker.2023-10-057.8CVE-2023-43069
MISC
dell — smartfabric_storage_softwareDell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands.2023-10-057.8CVE-2023-43072
MISC
deyue_remote_vehicle_management_system — deyue_remote_vehicle_management_systemDeyue Remote Vehicle Management System v1.1 was discovered to contain a deserialization vulnerability.2023-10-028.8CVE-2023-43268
MISC
MISC
MISC
dts — monitoringAn issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection (blind).2023-10-039.8CVE-2023-33268
MISC
dts — monitoringAn issue was discovered in DTS Monitoring 3.57.0. The parameter options within the WGET check function is vulnerable to OS command injection (blind).2023-10-039.8CVE-2023-33269
MISC
dts — monitoringAn issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check function is vulnerable to OS command injection (blind).2023-10-039.8CVE-2023-33270
MISC
dts — monitoringAn issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL Certificate check function is vulnerable to OS command injection (blind).2023-10-039.8CVE-2023-33271
MISC
dts — monitoringAn issue was discovered in DTS Monitoring 3.57.0. The parameter ip within the Ping check function is vulnerable to OS command injection (blind).2023-10-039.8CVE-2023-33272
MISC
dts — monitoringAn issue was discovered in DTS Monitoring 3.57.0. The parameter url within the WGET check function is vulnerable to OS command injection (blind).2023-10-039.8CVE-2023-33273
MISC
eclipse — mosquittoIn Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types.2023-10-027.5CVE-2023-3592
MISC
ecshop — ecshopA vulnerability has been found in ECshop 4.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/order.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240925 was assigned to this vulnerability.2023-09-298.8CVE-2023-5294
MISC
MISC
MISC
efs_software — easy_address_book_web_serverBuffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, asking for the name via a POST request, resulting in arbitrary code execution on the remote machine.2023-10-049.8CVE-2023-4491
MISC
efs_software — easy_chat_serverStack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine.2023-10-049.8CVE-2023-4494
MISC
emlog — emlogAn arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.2023-10-039.8CVE-2023-44973
MISC
emlog — emlogAn arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.2023-10-039.8CVE-2023-44974
MISC
field_logic — datacube4_firmwareA vulnerability classified as problematic was found in Field Logic DataCube4 up to 20231001. This vulnerability affects unknown code of the file /api/ of the component Web API. The manipulation leads to improper authentication. The exploit has been disclosed to the public and may be used. VDB-241030 is the identifier assigned to this vulnerability.2023-10-027.5CVE-2023-5329
MISC
MISC
MISC
free5gc — free5gcCross-Site Request Forgery vulnerability, whose exploitation could allow an attacker to perform different actions on the platform as an administrator, simply by changing the token value to “admin”. It is also possible to perform POST, GET and DELETE requests without any token value. Therefore, an unprivileged remote user is able to create, delete and modify users within theapplication.2023-10-029.8CVE-2023-4659
MISC
furuno_systems — acera_1210_firmwareCross-site request forgery (CSRF) vulnerability exists in FURUNO SYSTEMS wireless LAN access point devices. If a user views a malicious page while logged in, unintended operations may be performed. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.2023-10-038.8CVE-2023-41086
MISC
MISC
furuno_systems — acera_1310_firmwareOS command injection vulnerability in FURUNO SYSTEMS wireless LAN access point devices allow an authenticated user to execute an arbitrary OS command that is not intended to be executed from the web interface by sending a specially crafted request. Affected products and versions are as follows: ACERA 1320 firmware ver.01.26 and earlier, ACERA 1310 firmware ver.01.26 and earlier, ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.2023-10-038.8CVE-2023-39222
MISC
MISC
furuno_systems — acera_1310_firmwareAuthentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files and/or firmware. They are affected when running in ST(Standalone) mode.2023-10-038.8CVE-2023-42771
MISC
MISC
gitlab — gitlabA vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.2023-09-308.8CVE-2023-5207
MISC
MISC
MISC
gitlab — gitlabAn issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to only project members.2023-09-297.5CVE-2023-3413
MISC
MISC
gitlab — gitlabDenial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail.2023-09-297.5CVE-2023-3917
MISC
MISC
gitlab — gitlabAn issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports.2023-10-027.5CVE-2023-5106
MISC
gitlab — gitlabAn issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page.2023-09-297.1CVE-2023-3922
MISC
MISC
gnu — glibcA buffer overflow was discovered in the GNU C Library’s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.2023-10-037.8CVE-2023-4911
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
google — chromeType confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-10-058.8CVE-2023-5346
MISC
MISC
MISC
gpac — gpacOut-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV.2023-10-047.1CVE-2023-5377
MISC
MISC
hashicorp — vaultThe Vault and Vault Enterprise (“Vault”) Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.2023-09-297.5CVE-2023-5077
MISC
helpdezk — helpdezkImproper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to access the platform without authentication and retrieve personal data via the jsonGrid parameter.2023-10-048.6CVE-2023-3037
MISC
helpdezk — helpdezkSQL injection vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the rows parameter of the jsonGrid route and extract all the information stored in the application.2023-10-047.5CVE-2023-3038
MISC
hitachi — ops_center_common_servicesAllocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00.2023-10-037.5CVE-2023-3967
MISC
hospital_management_system — hospital_management_systemHospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.2023-09-299.1CVE-2023-43909
MISC
ibermatica — ibermatica_rpsInformation exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded.2023-10-037.5CVE-2023-3349
MISC
ibermatica — ibermatica_rpsA Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By firstly downloading the log file, an attacker could retrieve the SQL query sent to the application in plaint text. This log file contains the password hashes coded with AES-CBC-128 bits algorithm, which can be decrypted with a .NET function, obtaining the username’s password in plain text.2023-10-037.5CVE-2023-3350
MISC
ibm — disconnected_log_collectorIBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security misconfigurations that could disclose unintended information. IBM X-Force ID: 224648.2023-10-047.5CVE-2022-22447
MISC
MISC
MISC
ibm — observability_with_instanaIBM Observability with Instana 1.0.243 through 1.0.254 could allow an attacker on the network to execute arbitrary code on the host after a successful DNS poisoning attack. IBM X-Force ID: 259789.2023-10-049.8CVE-2023-37404
MISC
MISC
icpdas — et-7060_firmwareThis vulnerability allows an authenticated attacker to upload malicious files by bypassing the restrictions of the upload functionality, compromising the entire device.2023-10-038.8CVE-2023-4817
MISC
ingeteam — ingepac_da3451_firmwareIncorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services.2023-10-027.5CVE-2023-3768
MISC
ingeteam — ingepac_fc5066_firmwareIncorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services.2023-10-027.5CVE-2023-3769
MISC
jorani — joraniAn SQL Injection vulnerability has been found on Jorani version 1.0.0. This vulnerability allows an authenticated remote user, with low privileges, to send queries with malicious SQL code on the “/leaves/validate” path and the “id” parameter, managing to extract arbritary information from the database.2023-10-038.8CVE-2023-2681
MISC
libvpx — libvpxVP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.2023-09-307.5CVE-2023-44488
MISC
MISC
MISC
MISC
MLIST
MLIST
MISC
GENTOO
DEBIAN
linux — kernelAn issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in ceph_decode_32.2023-09-298.8CVE-2023-44466
MISC
MISC
MISC
MISC
linux — kernelAn improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.2023-10-048.2CVE-2023-39191
MISC
MISC
MISC
linux — kernelA use-after-free vulnerability in the Linux kernel’s fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.2023-10-037.8CVE-2023-5345
MISC
MISC
MISC
MISC
MISC
mediatek,_inc. — lr11In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.2023-10-029.8CVE-2023-20819
MISC
mediatek,_inc. — multiple_productsIn wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.2023-10-027.5CVE-2023-32820
MISC
microweber — microweberUse of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0.2023-09-307.5CVE-2023-5318
MISC
MISC
mojoportal — mojoportalFile Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the File Manager function.2023-10-029.8CVE-2023-44008
MISC
mojoportal — mojoportalFile Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function.2023-10-029.8CVE-2023-44009
MISC
MISC
mojoportal — mojoportalAn issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component.2023-10-029.8CVE-2023-44011
MISC
moxa — nport_5150ai-m12-ct-t_firmwareAll firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.2023-10-038.8CVE-2023-4929
MISC
netis_systems — n3m_firmwareNetis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. This vulnerability is exploited via a crafted payload.2023-10-029.8CVE-2023-43891
MISC
netis_systems — n3m_firmwareNetis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings. This vulnerability is exploited via a crafted payload.2023-10-029.8CVE-2023-43892
MISC
netis_systems — n3m_firmwareNetis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. This vulnerability is exploited via a crafted payload.2023-10-029.8CVE-2023-43893
MISC
netis_systems — n3m_firmwareNetis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. This vulnerability is exploited via a crafted HTTP request.2023-10-028.8CVE-2023-43890
MISC
nodebb_inc. — nodebbDenial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively.2023-09-297.5CVE-2023-30591
MISC
MISC
MISC
MISC
nokia — wavelite_metro_200_and_fan_firmwareIf Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative privileges by manipulating a web request. This affects (for example) WaveLite Metro 200 and Fan, WaveLite Metro 200 OPS and Fans, WaveLite Metro 200 and F2B fans, WaveLite Metro 200 OPS and F2B fans, WaveLite Metro 200 NE and F2B fans, and WaveLite Metro 200 NE OPS and F2B fans.2023-10-047.8CVE-2023-22618
MISC
MISC
open5gs — open5gsDOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. This action could trigger the args_assets() function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash.2023-10-037.5CVE-2023-4882
MISC
open5gs — open5gsInvalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF (Virtual Network Function) and triggering the ogs_sbi_message_free function, which could cause a service outage.2023-10-037.5CVE-2023-4883
MISC
open5gs — open5gsAn attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication.2023-10-037.5CVE-2023-4884
MISC
optipng — optipngOptiPNG v0.7.7 was discovered to contain a global buffer overflow via the ‘buffer’ variable at gifread.c.2023-10-017.8CVE-2023-43907
MISC
MISC
MISC
oracle — apache_avroWhen deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro version 1.11.3 which addresses this issue.2023-09-297.5CVE-2023-39410
MISC
MISC
pandora_fms — pandora_fmsA Cross-site Request Forgery (CSRF) vulnerability in Pandora FMS allows an attacker to force authenticated users to send a request to a web application they are currently authenticated against. This issue affects Pandora FMS version 767 and earlier versions on all platforms.2023-10-037.1CVE-2023-24518
MISC
personal_management_system — personal_management_systemAn arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile’s avatar.2023-10-047.8CVE-2023-43838
MISC
MISC
MISC
MISC
MISC
MISC
phpipam — phpipamPhpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request.2023-10-027.5CVE-2023-41580
MISC
MISC
phpmyfaq — phpmyfaqUnrestricted Upload of File with Dangerous Type in GitHub repository thorsten/phpmyfaq prior to 3.1.8.2023-09-309.8CVE-2023-5227
MISC
MISC
pjsip — pjsipPJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability’s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.2023-10-069.8CVE-2023-38703
MISC
MISC
prestashop — prestashopSQL injection vulnerability in KnowBand Module One Page Checkout, Social Login & Mailchimp (supercheckout) v.8.0.3 and before allows a remote attacker to execute arbitrary code via a crafted request to the updateCheckoutBehaviour function in the supercheckout.php component.2023-10-059.8CVE-2023-44024
MISC
prestashop — prestashopImproper neutralization of SQL parameter in Theme Volty CMS Payment Icon module for PrestaShop. In the module “Theme Volty CMS Payment Icon” (tvcmspaymenticon) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.2023-10-039.8CVE-2023-39645
MISC
prestashop — prestashopImproper neutralization of SQL parameter in Theme Volty CMS Category Chain Slider module for PrestaShop. In the module “Theme Volty CMS Category Chain Slide”(tvcmscategorychainslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.2023-10-039.8CVE-2023-39646
MISC
prestashop — prestashopImproper neutralization of SQL parameter in Theme Volty CMS Category Product module for PrestaShop. In the module “Theme Volty CMS Category Product” (tvcmscategoryproduct) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.2023-10-039.8CVE-2023-39647
MISC
prestashop — prestashopImproper neutralization of SQL parameter in Theme Volty CMS Testimonial module for PrestaShop. In the module “Theme Volty CMS Testimonial” (tvcmstestimonial) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.2023-10-039.8CVE-2023-39648
MISC
prestashop — prestashopImproper neutralization of SQL parameter in Theme Volty CMS Category Slider module for PrestaShop. In the module “Theme Volty CMS Category Slider” (tvcmscategoryslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.2023-10-039.8CVE-2023-39649
MISC
prestashop — prestashopImproper neutralization of SQL parameter in Theme Volty CMS BrandList module for PrestaShop In the module “Theme Volty CMS BrandList” (tvcmsbrandlist) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.2023-10-039.8CVE-2023-39651
MISC
presto_changeo — attribute_gridPresto Changeo attributegrid up to 2.0.3 was discovered to contain a SQL injection vulnerability via the component disable_json.php.2023-10-059.8CVE-2023-43983
MISC
presto_changeo — test_site_creatorPresto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization vulnerability via the component delete_excluded_folder.php.2023-10-059.8CVE-2023-43981
MISC
presto_changeo — testsitecreatorPresto Changeo testsitecreator up to v1.1.1 was discovered to contain a SQL injection vulnerability via the component disable_json.php.2023-10-029.8CVE-2023-43980
MISC
MISC
pretix — pretixpretix before 2023.7.2 allows Pillow to parse EPS files.2023-09-297.8CVE-2023-44464
MISC
MISC
MISC
MISC
CONFIRM
prointegra — uptime_dcImproper authorisation of regular users in ProIntegra Uptime DC software (versions below 2.0.0.33940) allows them to change passwords of all other users including administrators leading to a privilege escalation.2023-10-048.8CVE-2023-4997
MISC
MISC
puppet — puppet_serverFor certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked.2023-10-037.5CVE-2023-5255
MISC
pure_storage — flasharray_purityA flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.2023-10-038.8CVE-2023-36628
MISC
qsige — qsigeThe file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username.2023-10-038.8CVE-2023-4097
MISC
qsige — qsigeIt has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application.2023-10-038.8CVE-2023-4098
MISC
qsige — qsigeAllows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other actions.2023-10-038.2CVE-2023-4100
MISC
qualcomm — 315_5g_iot_modem_firmwareMemory Corruption in Data Modem while making a MO call or MT VOLTE call.2023-10-039.8CVE-2023-22385
MISC
qualcomm — 315_5g_iot_modem_firmwareTransient DOS in Modem while triggering a camping on an 5G cell.2023-10-037.5CVE-2023-24843
MISC
qualcomm — 315_5g_iot_modem_firmwareTransient DOS in Modem while allocating DSM items.2023-10-037.5CVE-2023-24847
MISC
qualcomm — 315_5g_iot_modem_firmwareInformation Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.2023-10-037.5CVE-2023-24848
MISC
qualcomm — 315_5g_iot_modem_firmwareInformation Disclosure in data Modem while parsing an FMTP line in an SDP message.2023-10-037.5CVE-2023-24849
MISC
qualcomm — 315_5g_iot_modem_firmwareCryptographic issue in Data Modem due to improper authentication during TLS handshake.2023-10-037.5CVE-2023-28540
MISC
qualcomm — 315_5g_iot_modem_firmwareTransient DOS in WLAN Firmware while parsing rsn ies.2023-10-037.5CVE-2023-33027
MISC
qualcomm — apq8017_firmwareMemory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.2023-10-037.8CVE-2023-24850
MISC
qualcomm — apq8064au_firmwareWeak configuration in Automotive while VM is processing a listener request from TEE.2023-10-038.2CVE-2023-22382
MISC
qualcomm — aqt1000_firmwareImproper Access to the VM resource manager can lead to Memory Corruption.2023-10-037.8CVE-2023-21673
MISC
qualcomm — ar8035_firmwareMemory corruption in Modem while processing security related configuration before AS Security Exchange.2023-10-039.8CVE-2023-24855
MISC
qualcomm — ar8035_firmwareMemory corruption in WLAN Firmware while doing a memory copy of pmk cache.2023-10-039.8CVE-2023-33028
MISC
qualcomm — ar8035_firmwareMemory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.2023-10-037.8CVE-2023-24844
MISC
qualcomm — ar8035_firmwareMemory Corruption in HLOS while registering for key provisioning notify.2023-10-037.8CVE-2023-24853
MISC
qualcomm — ar8035_firmwareMemory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.2023-10-037.8CVE-2023-28539
MISC
qualcomm — ar8035_firmwareMemory corruption in DSP Service during a remote call from HLOS to DSP.2023-10-037.8CVE-2023-33029
MISC
qualcomm — ar8035_firmwareMemory corruption while invoking callback function of AFE from ADSP.2023-10-037.8CVE-2023-33035
MISC
qualcomm — ar8035_firmwareTransient DOS in WLAN Firmware while parsing a NAN management frame.2023-10-037.5CVE-2023-33026
MISC
qualcomm — csra6620_firmwareMemory corruption while parsing the ADSP response command.2023-10-037.8CVE-2023-33034
MISC
qualcomm — qam8295p_firmwareMemory corruption in Automotive Display while destroying the image handle created using connected display driver.2023-10-037.8CVE-2023-33039
MISC
qualcomm — qca6574au_firmwareMemory Corruption in VR Service while sending data using Fast Message Queue (FMQ).2023-10-037.8CVE-2023-22384
MISC
rdiffweb — rdiffwebAllocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4.2023-09-298.8CVE-2023-5289
MISC
MISC
red_hat — openshiftA flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra notebook pipeline editor as Python DSL or YAML, it reads S3 credentials from the cluster (ds pipeline server) and saves them in plain text in the generated output instead of an ID for a Kubernetes secret.2023-10-047.5CVE-2023-3361
MISC
MISC
MISC
riello-ups — netman_204_firmwareAll versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery function.2023-10-038.8CVE-2022-47891
MISC
riello-ups — netman_204_firmwareAll versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config.cgi) containing sensitive information, like credentials.2023-10-037.5CVE-2022-47892
MISC
riello_ups — netman_204_firmwareThere is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root.2023-10-039.8CVE-2022-47893
MISC
rockoa — rockoaA vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. Affected by this issue is some unknown functionality of the file api.php?m=reimplat&a=index of the component Password Handler. The manipulation leads to weak password recovery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-240926 is the identifier assigned to this vulnerability.2023-09-297.5CVE-2023-5296
MISC
MISC
MISC
rockoa — rockoaA vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This affects the function start of the file task.php?m=sys|runt&a=beifen. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240927.2023-09-297.5CVE-2023-5297
MISC
MISC
MISC
sage — sage_200_spainPlaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation of which could allow a remote attacker to extract SQL database credentials from the DLL application. This vulnerability could be linked to known techniques to obtain remote execution of MS SQL commands and escalate privileges on Windows systems because the credentials are stored in plaintext.2023-10-049.8CVE-2023-2809
MISC
salesagility — suitecrmSQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1.2023-10-039.1CVE-2023-5350
MISC
MISC
samsung — androidStack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows attacker to perform code execution.2023-10-049.8CVE-2023-30733
MISC
samsung — androidImproper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.2023-10-047.8CVE-2023-30692
MISC
samsung — androidImproper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction.2023-10-047.5CVE-2023-30727
MISC
samsung — galaxy_book_firmwareAn improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption.2023-10-047.8CVE-2023-30738
MISC
sato — cl4nx-j_plus_firmwareA vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WebConfig. The manipulation leads to improper authentication. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241027.2023-10-018.8CVE-2023-5326
MISC
MISC
MISC
sato — cl4nx-j_plus_firmwareA vulnerability classified as critical has been found in SATO CL4NX-J Plus 1.13.2-u455_r2. This affects an unknown part of the component Cookie Handler. The manipulation with the input auth=user,level1,settings; web=true leads to improper authentication. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-241029 was assigned to this vulnerability.2023-10-028.8CVE-2023-5328
MISC
MISC
MISC
setelsa_security — conacwinRelative path traversal vulnerability in Setelsa Security’s ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the “Download file” parameter.2023-10-047.5CVE-2023-3512
MISC
MISC
sick — sim1012-0p0g200_firmwareA remote unauthorized attacker may connect to the SIM1012, interact with the device and change configuration settings. The adversary may also reset the SIM and in the worst case upload a new firmware version to the device.2023-09-299.8CVE-2023-5288
MISC
MISC
MISC
slims — slimsServer-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the “scrape_image.php” file in the imageURL parameter.2023-10-028.8CVE-2023-3744
MISC
soflyy — oxygen_builderCross-Site Request Forgery (CSRF) vulnerability in Soflyy Oxygen Builder plugin <= 4.4 versions.2023-10-038.8CVE-2022-46841
MISC
sonicwall — net_extenderA local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.2023-10-037.8CVE-2023-44217
MISC
MISC
sonicwall — net_extenderA flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with ‘SYSTEM’ level privileges, leading to a local privilege escalation (LPE) vulnerability.2023-10-037.8CVE-2023-44218
MISC
sourcecodester — best_courier_management_systemA vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-240882 is the identifier assigned to this vulnerability.2023-09-298.8CVE-2023-5269
MISC
MISC
MISC
sourcecodester — best_courier_management_systemA vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240883.2023-09-298.8CVE-2023-5270
MISC
MISC
MISC
sourcecodester — best_courier_management_systemA vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240884.2023-09-298.8CVE-2023-5271
MISC
MISC
MISC
sourcecodester — best_courier_management_systemA vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-240885 was assigned to this vulnerability.2023-09-298.8CVE-2023-5272
MISC
MISC
MISC
sourcecodester — engineers_online_portalA vulnerability classified as critical was found in SourceCodester Engineers Online Portal 1.0. This vulnerability affects unknown code of the file downloadable_student.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-240904.2023-09-299.8CVE-2023-5276
MISC
MISC
MISC
sourcecodester — engineers_online_portalA vulnerability, which was classified as critical, has been found in SourceCodester Engineers Online Portal 1.0. This issue affects some unknown processing of the file student_avatar.php. The manipulation of the argument change leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240905 was assigned to this vulnerability.2023-09-299.8CVE-2023-5277
MISC
MISC
MISC
sourcecodester — engineers_online_portalA vulnerability, which was classified as critical, was found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-240906 is the identifier assigned to this vulnerability.2023-09-299.8CVE-2023-5278
MISC
MISC
MISC
sourcecodester — engineers_online_portalA vulnerability has been found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file my_classmates.php. The manipulation of the argument teacher_class_student_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240907.2023-09-299.8CVE-2023-5279
MISC
MISC
MISC
sourcecodester — engineers_online_portalA vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file my_students.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240908.2023-09-299.8CVE-2023-5280
MISC
MISC
MISC
sourcecodester — engineers_online_portalA vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as critical. This affects an unknown part of the file remove_inbox_message.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240909 was assigned to this vulnerability.2023-09-299.8CVE-2023-5281
MISC
MISC
MISC
sourcecodester — engineers_online_portalA vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seed_message_student.php. The manipulation of the argument teacher_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-240910 is the identifier assigned to this vulnerability.2023-09-299.8CVE-2023-5282
MISC
MISC
MISC
sourcecodester — engineers_online_portalA vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teacher_signup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240911.2023-09-298.8CVE-2023-5283
MISC
MISC
MISC
sourcecodester — engineers_online_portalA vulnerability classified as critical has been found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file upload_save_student.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240912.2023-09-298.8CVE-2023-5284
MISC
MISC
MISC
sourcecodester — online_computer_and_laptop_storeA vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function register of the file Master.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-241254 is the identifier assigned to this vulnerability.2023-10-049.8CVE-2023-5373
MISC
MISC
MISC
sourcecodester — online_computer_and_laptop_storeA vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241255.2023-10-049.8CVE-2023-5374
MISC
MISC
MISC
sourcecodester — simple_membership_systemA vulnerability, which was classified as critical, has been found in SourceCodester Simple Membership System 1.0. This issue affects some unknown processing of the file group_validator.php. The manipulation of the argument club_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240869 was assigned to this vulnerability.2023-09-299.8CVE-2023-5260
MISC
MISC
MISC
static-server — static-serverAll versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.2023-10-037.5CVE-2023-26152
MISC
MISC
MISC
super_store_finder — super_store_finderSuper Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php content.2023-10-028.8CVE-2023-43835
MISC
tcman — gimTCMAN GIM v8.0.1 is vulnerable to a SQL injection via the ‘SqlWhere’ parameter inside the function ‘BuscarESM’. The exploitation of this vulnerability might allow a remote attacker to directly interact with the database.2023-10-049.8CVE-2022-36276
MISC
tenda — ac6_firmwareTenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.2023-10-039.8CVE-2023-40830
MISC
tibco_software_inc. — nimbusThe Web Client component of TIBCO Software Inc.’s TIBCO Nimbus contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts targeting the affected system or the victim’s local system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO Nimbus: versions 10.6.0 and below.2023-09-299CVE-2023-26218
MISC
tongda — tongda_oaA vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240870 is the identifier assigned to this vulnerability.2023-09-299.8CVE-2023-5261
MISC
MISC
MISC
tongda — tongda_oaA vulnerability, which was classified as critical, has been found in Tongda OA 2017. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_transfer/delete.php. The manipulation of the argument TRANSFER_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240878 is the identifier assigned to this vulnerability.2023-09-299.8CVE-2023-5265
MISC
MISC
MISC
tongda — tongda_oaA vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/hr_pool/delete.php. The manipulation of the argument EXPERT_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-240880.2023-09-299.8CVE-2023-5267
MISC
MISC
MISC
tongda — tongda_oaA vulnerability classified as critical was found in Tongda OA 2017. Affected by this vulnerability is an unknown functionality of the file general/hr/recruit/recruitment/delete.php. The manipulation of the argument RECRUITMENT_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-240913 was assigned to this vulnerability.2023-09-297.5CVE-2023-5285
MISC
MISC
MISC
tongda — tongda_oaA vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTS_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240938 is the identifier assigned to this vulnerability.2023-09-307.5CVE-2023-5298
MISC
MISC
MISC
ttsplanning — ttsplanningA vulnerability classified as critical has been found in TTSPlanning up to 20230925. This affects an unknown part. The manipulation of the argument uid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240939.2023-09-309.8CVE-2023-5300
MISC
MISC
MISC
turna — advertising_administration_panel
 
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Turna Advertising Administration Panel allows SQL Injection.This issue affects Advertising Administration Panel: before 1.1.2023-10-069.8CVE-2023-4530
MISC
unify — session_border_controllerAtos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users.2023-10-049.8CVE-2023-36619
CONFIRM
MISC
MISC
unify — session_border_controllerAtos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users.2023-10-048.8CVE-2023-36618
CONFIRM
MISC
MISC
vim — vimHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.2023-10-027.5CVE-2023-5344
MISC
MISC
MISC
wordpress — wordpressA vulnerability was found in Most Popular Posts Widget Plugin up to 0.8 on WordPress. It has been classified as critical. Affected is the function add_views/show_views of the file functions.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 0.9 is able to address this issue. The patch is identified as a99667d11ac8d320006909387b100e9a8b5c12e1. It is recommended to upgrade the affected component. VDB-241026 is the identifier assigned to this vulnerability.2023-10-029.8CVE-2015-10124
MISC
MISC
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions.2023-10-048.8CVE-2023-25025
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy WP tell a friend popup form plugin <= 7.1 versions.2023-10-038.8CVE-2023-25463
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Update Theme and Plugins from Zip File plugin <= 2.0.0 versions.2023-10-048.8CVE-2023-25489
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Saphali Saphali Woocommerce Lite plugin <= 1.8.13 versions.2023-10-048.8CVE-2023-25788
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in CAGE Web Design | Rolf van Gelder Optimize Database after Deleting Revisions plugin <= 5.1 versions.2023-10-048.8CVE-2023-25980
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Make Paths Relative plugin <= 1.3.0 versions.2023-10-048.8CVE-2023-27433
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui HTTP Auth plugin <= 0.3.2 versions.2023-10-038.8CVE-2023-27435
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Trustindex.Io WP Testimonials plugin <= 1.4.2 versions.2023-10-038.8CVE-2023-2830
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simple Org Chart plugin <= 2.3.4 versions.2023-10-068.8CVE-2023-28791
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Fugu Maintenance Switch plugin <= 1.5.2 versions.2023-10-068.8CVE-2023-29235
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <= 0.9.4 versions.2023-10-038.8CVE-2023-32091
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin <= 2.0.4 versions.2023-10-038.8CVE-2023-37891
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Mike Perelink Pro plugin <= 2.1.4 versions.2023-10-038.8CVE-2023-37990
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Monchito.Net WP Emoji One plugin <= 0.6.0 versions.2023-10-038.8CVE-2023-37991
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions.2023-10-038.8CVE-2023-37992
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions.2023-10-048.8CVE-2023-37995
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions.2023-10-038.8CVE-2023-37996
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Saas Disabler plugin <= 3.0.3 versions.2023-10-038.8CVE-2023-37998
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Cyle Conoly WP-FlyBox plugin <= 6.46 versions.2023-10-038.8CVE-2023-38381
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Anshul Labs Mobile Address Bar Changer plugin <= 3.0 versions.2023-10-038.8CVE-2023-38390
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez plugin <= 3.1.2 versions.2023-10-038.8CVE-2023-38396
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Taboola plugin <= 2.0.1 versions.2023-10-038.8CVE-2023-38398
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets plugin <= 2.2.8 versions.2023-10-038.8CVE-2023-39165
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.2.6 versions.2023-10-038.8CVE-2023-39917
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Post Grid plugin <= 7.2.7 versions.2023-10-038.8CVE-2023-39923
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in 99robots Header Footer Code Manager plugin <= 1.1.34 versions.2023-10-038.8CVE-2023-39989
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in CRUDLab WP Like Button plugin <= 1.7.0 versions.2023-10-038.8CVE-2023-40199
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in FuturioWP Futurio Extra plugin <= 1.8.4 versions leads to activation of arbitrary plugin.2023-10-038.8CVE-2023-40201
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Hannes Etzelstorfer // codemiq WP HTML Mail plugin <= 3.4.1 versions.2023-10-038.8CVE-2023-40202
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Sean Barton (Tortoise IT) SB Child List plugin <= 4.5 versions.2023-10-038.8CVE-2023-40210
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin <= 3.3.5 versions.2023-10-038.8CVE-2023-40558
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in theDotstore Dynamic Pricing and Discount Rules for WooCommerce plugin <= 2.4.0 versions.2023-10-048.8CVE-2023-40559
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in theDotstore Enhanced Ecommerce Google Analytics for WooCommerce plugin <= 3.7.1 versions.2023-10-048.8CVE-2023-40561
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin <= 1.10.0 versions.2023-10-068.8CVE-2023-40607
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Buildfail Localize Remote Images plugin <= 1.0.9 versions.2023-10-038.8CVE-2023-41244
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in edward_plainview MyCryptoCheckout plugin <= 2.125 versions.2023-10-038.8CVE-2023-41693
MISC
xiph — vorbis-toolsBuffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.2023-10-027.8CVE-2023-43361
MISC
MISC
MISC
MISC
zzzcms — zzzcmsA vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240872.2023-09-298.8CVE-2023-5263
MISC
MISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
DescriptionPublishedCVSS ScoreSource & Patch Info
acilia — widestandCross-site Scripting (XSS) reflected vulnerability on WideStand until 5.3.5 version, which generates one of the meta tags directly using the content of the queried URL, which would allow an attacker to inject HTML/Javascript code into the response.2023-10-046.1CVE-2023-4090
MISC
acronis — agentSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 29258.2023-10-045.5CVE-2023-44210
MISC
MISC
animal-art-lab — animal-art-labAn issue in animal-art-lab v13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.2023-10-025.4CVE-2023-43297
MISC
arm — 5th_gen_gpu_architecture_kernel_driverA local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.2023-10-015.5CVE-2023-4211
MISC
arm — mali_gpu_kernel_driverA local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.2023-10-034.7CVE-2023-33200
MISC
arm — valhall_gpu_kernel_driverA local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory2023-10-034.7CVE-2023-34970
MISC
broadpeak — centralized_accounts_management_auth_agentA cross-site scripting (XSS) vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575_ee9195b0, 01.01.01.30097902_fd999e76, and 00.12.01.9565588_1254b459 allows remote attackers to inject arbitrary web script or HTML via the disconnectMessage parameter.2023-10-036.1CVE-2023-40519
MISC
buddyboss — buddybossAuthorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users’ albums. This vulnerability can be exploited by changing the album identification (id).2023-10-035.4CVE-2023-32669
MISC
buddyboss — buddybossCross-Site Scripting vulnerability in BuddyBoss 2.2.9 version , which could allow a local attacker with basic privileges to execute a malicious payload through the “[name]=image.jpg” parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is loaded.2023-10-035.4CVE-2023-32670
MISC
capensis — canopsisThis vulnerability could allow an attacker to store a malicious JavaScript payload in the login footer and login page description parameters within the administration panel.2023-10-034.8CVE-2023-3196
MISC
capensis — canopsisThis vulnerability could allow an attacker to store a malicious JavaScript payload in the broadcast message parameter within the admin panel.2023-10-034.8CVE-2023-4564
MISC
concrete_cms — concrete_cmsMultiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects.2023-10-065.4CVE-2023-44761
MISC
concrete_cms — concrete_cmsA Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings – Tags.2023-10-065.4CVE-2023-44762
MISC
concrete_cms — concrete_cmsA Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SITE parameter from installation or in the Settings.2023-10-065.4CVE-2023-44764
MISC
concrete_cms — concrete_cmsA Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings.2023-10-065.4CVE-2023-44765
MISC
concrete_cms — concrete_cmsA Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO – Extra from Page Settings.2023-10-065.4CVE-2023-44766
MISC
dell — smartfabric_storage_softwareDell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. A remote authenticated attacker could potentially exploit this vulnerability, leading to modify or write arbitrary files to arbitrary locations in the license container.2023-10-056.5CVE-2023-43070
MISC
dell — smartfabric_storage_softwareDell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data.2023-10-056.5CVE-2023-43073
MISC
dell — smartfabric_storage_softwareDell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to various injection type attacks.2023-10-055.4CVE-2023-43071
MISC
dolibarr — dolibarrCross-site Scripting (XSS) – Generic in GitHub repository dolibarr/dolibarr prior to 18.0.2023-10-016.1CVE-2023-5323
MISC
MISC
easy_address_book_web_server — easy_address_book_web_serverVulnerability in Easy Address Book Web Server 1.6 version, affecting the parameters (firstname, homephone, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate and workzip) of the /addrbook.ghp file, allowing an attacker to inject a JavaScript payload specially designed to run when the application is loaded.2023-10-046.1CVE-2023-4492
MISC
easy_address_book_web_server — easy_address_book_web_serverStored Cross-Site Scripting in Easy Address Book Web Server 1.6 version, through the users_admin.ghp file that affects multiple parameters such as (firstname, homephone, lastname, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate, workzip). This vulnerability allows a remote attacker to store a malicious JavaScript payload in the application to be executed when the page is loaded, resulting in an integrity impact.2023-10-045.4CVE-2023-4493
MISC
easy_chat_server — easy_chat_serverEasy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Resume parameter. The XSS is loaded from /register.ghp.2023-10-046.1CVE-2023-4495
MISC
easy_chat_server — easy_chat_serverEasy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /body2.ghp (POST method), in the mtowho parameter.2023-10-046.1CVE-2023-4496
MISC
easy_chat_server — easy_chat_serverEasy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Icon parameter. The XSS is loaded from /users.ghp.2023-10-046.1CVE-2023-4497
MISC
eclipse — mosquittoIn Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.2023-10-025.3CVE-2023-0809
MISC
ecshop — ecshopA vulnerability, which was classified as critical, was found in ECshop 4.1.5. Affected is an unknown function of the file /admin/leancloud.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240924.2023-09-296.5CVE-2023-5293
MISC
MISC
MISC
eeroos — eeroosA vulnerability has been found in eeroOS up to 6.16.4-11 and classified as critical. This vulnerability affects unknown code of the component Ethernet Interface. The manipulation leads to denial of service. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241024.2023-10-016.5CVE-2023-5324
MISC
MISC
MISC
emlog — emlogA cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title field.2023-10-025.4CVE-2023-43267
MISC
MISC
foreman — foremanA sensitive information exposure vulnerability was found in foreman. Contents of tomcat’s server.xml file, which contain passwords to candlepin’s keystore and truststore, were found to be world readable.2023-10-034.4CVE-2023-4886
MISC
MISC
foru_cms — foru_cmsA vulnerability classified as problematic was found in ForU CMS. This vulnerability affects unknown code of the file /admin/cms_admin.php. The manipulation of the argument del leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-240868.2023-09-294.9CVE-2023-5259
MISC
MISC
MISC
freebsd — freebsdOn an msdosfs filesystem, the ‘truncate’ or ‘ftruncate’ system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).2023-10-046.5CVE-2023-5368
MISC
furuno_systems — acera_1210_firmwareCross-site scripting vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to inject an arbitrary script via a crafted configuration. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.2023-10-035.4CVE-2023-39429
MISC
MISC
furuno_systems — acera_1310_firmwarePath traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in ST(Standalone) mode.2023-10-035.7CVE-2023-43627
MISC
MISC
gitlab — gitlabAn information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration.2023-09-295.7CVE-2023-0989
MISC
MISC
gitlab — gitlabA business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects.2023-09-295.3CVE-2023-3914
MISC
MISC
gitlab — gitlabAn improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to leak the owner’s Sentry instance projects.2023-09-294.3CVE-2023-2233
MISC
MISC
gitlab — gitlabAn issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project repositories.2023-09-294.3CVE-2023-3115
MISC
MISC
gitlab — gitlabAn issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship between existing projects contrary to the documentation.2023-09-294.3CVE-2023-3920
MISC
MISC
gitlab — gitlabAn issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on your branch get permission to write to the merge request’s source branch.2023-09-294.3CVE-2023-3979
MISC
MISC
gitlab — gitlabAn issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a member of.2023-09-294.3CVE-2023-4532
MISC
MISC
gitlab — gitlabAn issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys.2023-09-294.3CVE-2023-5198
MISC
MISC
google — androidIn video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433.2023-10-026.7CVE-2023-32821
MISC
google — androidIn ftm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07994229; Issue ID: ALPS07994229.2023-10-026.7CVE-2023-32822
MISC
google — androidIn rpmb, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912966.2023-10-026.7CVE-2023-32823
MISC
google — androidIn rpmb, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912961.2023-10-026.7CVE-2023-32824
MISC
google — androidIn camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544.2023-10-026.7CVE-2023-32826
MISC
google — androidIn camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539.2023-10-026.7CVE-2023-32827
MISC
google — androidIn TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03802522; Issue ID: DTV03802522.2023-10-026.7CVE-2023-32830
MISC
google — androidIn display, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS08014138.2023-10-024.4CVE-2023-32819
MISC
hashicorp — vaultA Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8.2023-09-294.9CVE-2023-3775
MISC
hitachi — ops_center_administratorInsertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users  to gain sensive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00.2023-10-035.5CVE-2023-3335
MISC
ibm — content_navigatorIBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 264019.2023-10-045.4CVE-2023-40684
MISC
MISC
ibm — filenet_content_managerIBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 259384.2023-10-045.4CVE-2023-35905
MISC
MISC
ibm — security_guardiumIBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897.2023-10-045.3CVE-2022-43906
MISC
MISC
ibm — urbancode_deployIBM UrbanCode Deploy (UCD) 7.1 – 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0 under certain configurations could allow an authenticated user to make changes to environment variables due to improper authentication controls. IBM X-Force ID: 263581.2023-10-046.5CVE-2023-40376
MISC
MISC
ingeteam — ingepac_da3451_firmware Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol (1925/UDP) to obtain device-specific information without the need for authentication.2023-10-024.3CVE-2023-3770
MISC
inure — inureMissing Authorization in GitHub repository hamza417/inure prior to build94.2023-09-305.5CVE-2023-5321
MISC
MISC
jfrog — artifactoryJFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body.2023-10-036.5CVE-2023-42508
MISC
jizhicms — jizhicmsThere is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information2023-10-026.5CVE-2023-43836
MISC
MISC
lemonldap — lemonldapA Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1 allows authenticated remote attackers to send GET requests to arbitrary URLs through the request_uri authorization parameter. This is similar to CVE-2020-10770.2023-09-294.3CVE-2023-44469
MISC
MISC
MISC
MLIST
libhv — libhvAll versions of the package ithewei/libhv are vulnerable to Cross-site Scripting (XSS) such that when a file with a name containing a malicious payload is served by the application, the filename is displayed without proper sanitization when it is rendered.2023-09-296.1CVE-2023-26146
MISC
MISC
libhv — libhvAll versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n (carriage return line feeds) characters to end the HTTP response headers and inject malicious content, like for example additional headers or new response body, leading to a potential XSS vulnerability.2023-09-296.1CVE-2023-26147
MISC
MISC
libhv — libhvAll versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n (carriage return line feeds) characters and inject additional headers in the request sent.2023-09-295.3CVE-2023-26148
MISC
MISC
linux — kernelA flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.2023-10-034.7CVE-2023-4732
MISC
MISC
mattermost — mattermostMattermost fails to enforce character limits in all possible notification props allowing an attacker to send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users.2023-09-296.5CVE-2023-5196
MISC
mattermost — mattermostMattermost fails to properly validate the permissions when soft deleting a team allowing a team member to soft delete other teams that they are not part of2023-09-295.4CVE-2023-5195
MISC
mattermost — mattermostMattermost fails to check the Show Full Name option at the /api/v4/teams/TEAM_ID/top/team_members endpoint allowing a member to get the full name of another user even if the Show Full Name option was disabled2023-10-024.3CVE-2023-5160
MISC
mattermost — mattermostMattermost fails to properly validate permissions when demoting and deactivating a user allowing for a system/user manager to demote / deactivate another manager2023-09-294.3CVE-2023-5194
MISC
mediatek,_inc. — multiple_productsCross-Site Request Forgery (CSRF) vulnerability in theDotstore Banner Management For WooCommerce plugin <= 2.4.2 versions.2023-10-036.5CVE-2023-39158
MISC
mediatek,_inc. — multiple_productsCross-Site Request Forgery (CSRF) vulnerability in theDotstore Fraud Prevention For Woocommerce plugin <= 2.1.5 versions.2023-10-036.5CVE-2023-39159
MISC
mediatek,_inc. — multiple_productsCross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Pipes plugin <= 1.4.0 versions.2023-10-036.5CVE-2023-40009
MISC
mediatek,_inc. — multiple_productsCross-Site Request Forgery (CSRF) vulnerability in Antsanchez Easy Cookie Law plugin <= 3.1 versions.2023-10-036.5CVE-2023-40198
MISC
mediatek,_inc. — multiple_productsCross-Site Request Forgery (CSRF) vulnerability in theDotstore Product Attachment for WooCommerce plugin <= 2.1.8 versions.2023-10-036.5CVE-2023-40212
MISC
mediatek,_inc. — multiple_productsIn vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767817; Issue ID: ALPS07767817.2023-10-026.7CVE-2023-32828
MISC
mediatek,_inc. — multiple_productsIn apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478.2023-10-026.7CVE-2023-32829
MISC
mhlw — fd_applicationFD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.2023-10-025.5CVE-2023-42132
MISC
MISC
mojoportal — mojoportalCross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component.2023-10-026.1CVE-2023-44012
MISC
mosparo — mosparoOpen Redirect in GitHub repository mosparo/mosparo prior to 1.0.2.2023-10-046.1CVE-2023-5375
MISC
MISC
nothings_stb — nothings_stbNothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file.2023-10-035.5CVE-2023-43898
MISC
nxlog — nxlog_managerCross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests.2023-10-036.5CVE-2023-32791
MISC
nxlog — nxlog_managerCross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests.2023-10-036.5CVE-2023-32792
MISC
nxlog — nxlog_managerCross-Site Scripting (XSS) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to inject a malicious JavaScript payload into the ‘Full Name’ field during a user edit, due to improper sanitization of the input parameter.2023-10-036.1CVE-2023-32790
MISC
online_banquet_booking_system — online_banquet_booking_systemA vulnerability, which was classified as problematic, was found in Online Banquet Booking System 1.0. Affected is an unknown function of the file /view-booking-detail.php of the component Account Detail Handler. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. VDB-240942 is the identifier assigned to this vulnerability.2023-09-306.1CVE-2023-5303
MISC
MISC
online_banquet_booking_system — online_banquet_booking_systemA vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument message leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-240943.2023-09-306.1CVE-2023-5304
MISC
MISC
online_banquet_booking_system — online_banquet_booking_systemA vulnerability was found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /mail.php of the component Contact Us Page. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-240944.2023-09-306.1CVE-2023-5305
MISC
MISC
open5gs — open5gsMan in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information.2023-10-035.9CVE-2023-4885
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “tracking_number” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43702
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “product_info[][name]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43703
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “title” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43704
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “translation_value[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43705
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “email_templates_key” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43706
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “CatalogsPageDescriptionForm[1][name] ” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43707
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “configuration_title[1](MODULE_PAYMENT_SAGE_PAY_SERVER_TEXT_TITLE)” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43708
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “configuration_title[1](MODULE)” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43709
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “configuration_title[1][MODULE_SHIPPING_PERCENT_TEXT_TITLE]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43710
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “admin_firstname” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43711
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “access_levels_name” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43712
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability, which allows attackers to inject JS via the “title” parameter, in the “/admin/admin-menu/add-submit” endpoint, which can lead to unauthorized execution of scripts in a user’s web browser.2023-09-305.4CVE-2023-43713
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “SKIP_CART_PAGE_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43714
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “ENTRY_FIRST_NAME_MIN_LENGTH_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43715
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “MAX_DISPLAY_NEW_PRODUCTS_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43716
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “MSEARCH_HIGHLIGHT_ENABLE_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43717
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “MSEARCH_ENABLE_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43718
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “SHIPPING_GENDER_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43719
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “BILLING_GENDER_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43720
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “PACKING_SLIPS_SUMMARY_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43721
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “orders_status_groups_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43722
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “orders_status_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43723
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “derb6zmklgtjuhh2cn5chn2qjbm2stgmfa4.oastify.comscription[1][name]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43724
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “orders_products_status_name_long[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43725
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “orders_products_status_manual_name_long[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43726
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “stock_indication_text[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43727
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “stock_delivery_terms_text[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43728
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “xsell_type_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43729
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “countries_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43730
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “zone_name” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43731
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “tax_class_title” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43732
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “company_address” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43733
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “name” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43734
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “formats_titles[7]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-43735
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “featured_type_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-5111
MISC
MISC
os_commerce — os_commerceOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “specials_type_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.2023-09-305.4CVE-2023-5112
MISC
MISC
ovn — open_virtual_networkA flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.2023-10-045.3CVE-2023-3153
MISC
MISC
MISC
MISC
MISC
MISC
pandorafms — pandora_fmsCross-site Scripting (XSS) vulnerability in Syslog Section of Pandora FMS allows attacker to cause that users cookie value will be transferred to the attacker’s user’s server. This issue affects Pandora FMS v767 version and prior versions on all platforms.2023-10-036.1CVE-2023-0828
MISC
phpmyfaq — phpmyfaqCross-site Scripting (XSS) – DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18.2023-09-306.1CVE-2023-5316
MISC
MISC
phpmyfaq — phpmyfaqCross-site Scripting (XSS) – DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18.2023-09-306.1CVE-2023-5320
MISC
MISC
phpmyfaq — phpmyfaqCross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18.2023-09-305.4CVE-2023-5317
MISC
MISC
phpmyfaq — phpmyfaqCross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18.2023-09-305.4CVE-2023-5319
MISC
MISC
pleasant_solutions — pleasant_password_serverA cross-site scripting (XSS) vulnerability in the component /framework/cron/action/humanize of Pleasant Solutions Pleasant Password Server v7.11.41.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cronString parameter.2023-10-046.1CVE-2023-27121
MISC
MISC
MISC
pretix — pretixAn issue was discovered in pretix before 2023.7.1. Incorrect parsing of configuration files causes the application to trust unchecked X-Forwarded-For headers even though it has not been configured to do so. This can lead to IP address spoofing by users of the application.2023-10-025.3CVE-2023-44463
MISC
MISC
MISC
MISC
CONFIRM
pure_storage — flasharray_purityA flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection.2023-10-034.9CVE-2023-32572
MISC
pure_storage — purityA flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s object store protocol can impact the availability of the system’s data access and replication protocols.2023-10-024.3CVE-2023-31042
MISC
qsige — qsigeThe QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.2023-10-036.5CVE-2023-4099
MISC
qualcomm — apq8064au_firmwareInformation disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.2023-10-035.5CVE-2023-28571
MISC
quick_cms — quick_cmsCross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files – Description parameter in the Pages Menu component.2023-10-055.4CVE-2023-43343
MISC
MISC
red_hat — multiple_productsA flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).2023-10-045.9CVE-2022-4132
MISC
MISC
ritecms — ritecmsRite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu.2023-10-044.8CVE-2023-43877
MISC
salesagility — suitecrmImproper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1.2023-10-036.5CVE-2023-5353
MISC
MISC
salesagility — suitecrmCross-site Scripting (XSS) – Stored in GitHub repository salesagility/suitecrm prior to 7.14.1.2023-10-035.4CVE-2023-5351
MISC
MISC
samsung — androidLogic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type.2023-10-044.6CVE-2023-30731
MISC
samsung — healthImproper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.2023-10-045.5CVE-2023-30734
MISC
samsung — healthImproper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.2023-10-045.5CVE-2023-30737
MISC
samsung — samsung_assistantImproper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required.2023-10-045.4CVE-2023-30736
MISC
sato — cl4nx-j_plus_firmwareA vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /rest/dir/. The manipulation of the argument full leads to path traversal. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241028.2023-10-016.5CVE-2023-5327
MISC
MISC
MISC
setelsa_security — conacwinBlind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter.2023-10-045.5CVE-2023-4037
MISC
silabs — gecko_software_development_kitForcing the Bluetooth LE stack to segment ‘prepare write response’ packets can lead to an out-of-bounds memory access.2023-09-296.5CVE-2023-3024
MISC
MISC
small_crm — small_crmCross Site Scripting vulnerability in Small CRM in PHP v.3.0 allows a remote attacker to execute arbitrary code via a crafted payload to the Address parameter.2023-10-045.4CVE-2023-44075
MISC
sourcecodester — best_courier_management_systemA vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-240886 is the identifier assigned to this vulnerability.2023-09-295.4CVE-2023-5273
MISC
MISC
MISC
sourcecodester — best_courier_management_systemA vulnerability, which was classified as problematic, has been found in SourceCodester Best Courier Management System 1.0. This issue affects some unknown processing of the component Manage Account Page. The manipulation of the argument First Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240941 was assigned to this vulnerability.2023-09-305.4CVE-2023-5302
MISC
MISC
MISC
sourcecodester — expense_trackerA vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file add_category.php of the component Category Handler. The manipulation of the argument category_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-240914 is the identifier assigned to this vulnerability.2023-09-295.4CVE-2023-5286
MISC
MISC
MISC
sourcecodester — task_management_systemA Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list.2023-09-295.4CVE-2023-43944
MISC
sscms — sscmsSSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Material Management component.2023-10-035.4CVE-2023-43952
MISC
sscms — sscmsSSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Column Management component.2023-10-035.4CVE-2023-43951
MISC
sscms — sscmsSSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Content Management component.2023-10-035.4CVE-2023-43953
MISC
tcman — gimThe ‘sReferencia’, ‘sDescripcion’, ‘txtCodigo’ and ‘txtDescripcion’ parameters, in the frmGestionStock.aspx and frmEditServicio.aspx files in TCMAN GIM v8.0.1, could allow an attacker to perform persistent XSS attacks.2023-10-046.1CVE-2022-36277
MISC
upv — peixAuthorization bypass vulnerability in UPV PEIX, affecting the component “pdf_curri_new.php”. Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.2023-10-036.5CVE-2023-2544
MISC
userfeedback — userfeedbackUnauth. Stored Cross-Site Scripting (XSS) vulnerability in UserFeedback Team User Feedback plugin <= 1.0.7 versions.2023-09-296.1CVE-2023-39308
MISC
MISC
whitehsbg — jndiexploitA vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as problematic. Affected by this issue is the function handleFileRequest of the file src/main/java/com/feihong/ldap/HTTPServer.java. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. VDB-240866 is the identifier assigned to this vulnerability.2023-09-295.7CVE-2023-5257
MISC
MISC
MISC
wordpress — wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Photo Gallery Slideshow & Masonry Tiled Gallery plugin <= 1.0.13 versions.2023-09-296.1CVE-2023-41658
MISC
wordpress — wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ulf Benjaminsson WP-dTree plugin <= 4.4.5 versions.2023-09-296.1CVE-2023-41662
MISC
wordpress — wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin <= 1.6.9 versions.2023-09-296.1CVE-2023-41663
MISC
wordpress — wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Hennessey Digital Attorney theme <= 3 theme.2023-10-026.1CVE-2023-41692
MISC
wordpress — wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickToTweet.Com Click To Tweet plugin <= 2.0.14 versions.2023-10-026.1CVE-2023-41856
MISC
wordpress — wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dreamfox Payment gateway per Product for WooCommerce plugin <= 3.2.7 versions.2023-10-026.1CVE-2023-44144
MISC
wordpress — wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.44 versions.2023-10-026.1CVE-2023-44244
MISC
wordpress — wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin <= 4.0.0 versions.2023-10-026.1CVE-2023-44245
MISC
wordpress — wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in MD Jakir Hosen Tiger Forms – Drag and Drop Form Builder plugin <= 2.0.0 versions.2023-10-026.1CVE-2023-44474
MISC
wordpress — wordpressAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Stockdio Stock Quotes List plugin <= 2.9.9 versions.2023-09-295.4CVE-2023-41666
MISC
wordpress — wordpressAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Irina Sokolovskaya Goods Catalog plugin <= 2.4.1 versions.2023-09-295.4CVE-2023-41687
MISC
wordpress — wordpressAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rescue Themes Rescue Shortcodes plugin <= 2.5 versions.2023-10-025.4CVE-2023-41728
MISC
wordpress — wordpressAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gold Plugins Locations plugin <= 4.0 versions.2023-10-025.4CVE-2023-41797
MISC
wordpress — wordpressAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WEN Solutions Notice Bar plugin <= 3.1.0 versions.2023-10-025.4CVE-2023-41847
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jesweb.Dev Anchor Episodes Index (Spotify for Podcasters) plugin <= 2.1.7 versions.2023-10-025.4CVE-2023-44145
MISC
wordpress — wordpressAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin <= 1.3.54 versions.2023-10-025.4CVE-2023-44242
MISC
wordpress — wordpressAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin <= 2.2.5 versions.2023-10-025.4CVE-2023-44264
MISC
wordpress — wordpressAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Boxy Studio Cooked plugin <= 1.7.13 versions.2023-10-025.4CVE-2023-44477
MISC
wordpress — wordpressThe Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ‘AWL-BlogFilter’ shortcode in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.2023-10-045.4CVE-2023-5291
MISC
MISC
MISC
wordpress — wordpressThe WP Responsive header image slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ‘sp_responsiveslider’ shortcode in versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.2023-10-035.4CVE-2023-5334
MISC
MISC
wordpress — wordpressThe Instagram for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.2023-10-045.4CVE-2023-5357
MISC
MISC
wordpress — wordpressThe WP Mail SMTP Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the is_print_page function in versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to disclose potentially sensitive email information.2023-10-045.3CVE-2023-3213
MISC
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Andreas Heigl authLdap plugin <= 2.5.9 versions.2023-09-294.8CVE-2023-41655
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Groundhogg Inc. HollerBox plugin <= 2.3.2 versions.2023-09-294.8CVE-2023-41657
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions.2023-09-294.8CVE-2023-41661
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.2023-10-024.8CVE-2023-41729
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WordPress publish post email notification plugin <= 1.0.2.2 versions.2023-10-024.8CVE-2023-41731
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in YYDevelopment Back To The Top Button plugin <= 2.1.5 versions.2023-10-024.8CVE-2023-41733
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nigauri Insert Estimated Reading Time plugin <= 1.2 versions.2023-10-024.8CVE-2023-41734
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Email posts to subscribers plugin <= 6.2 versions.2023-10-024.8CVE-2023-41736
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPGens Swifty Bar, sticky bar by WPGens plugin <= 1.2.10 versions.2023-10-024.8CVE-2023-41737
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in UniConsent UniConsent CMP for GDPR CPRA GPP TCF plugin <= 1.4.2 versions.2023-10-024.8CVE-2023-41800
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Regpacks Regpack plugin <= 0.1 versions.2023-10-024.8CVE-2023-41855
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions.2023-10-024.8CVE-2023-41859
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <= 8.1 versions.2023-10-024.8CVE-2023-44228
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions.2023-10-024.8CVE-2023-44230
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jobin Jose WWM Social Share On Image Hover plugin <= 2.2 versions.2023-10-024.8CVE-2023-44239
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Renzo Johnson Blocks plugin <= 1.6.41 versions.2023-10-024.8CVE-2023-44262
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Riyaz Social Metrics plugin <= 2.2 versions.2023-10-024.8CVE-2023-44263
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions.2023-10-024.8CVE-2023-44265
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jewel Theme WP Adminify plugin <= 3.1.6 versions.2023-10-024.8CVE-2023-44266
MISC
wordpress — wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jim Krill WP Jump Menu plugin <= 3.6.4 versions.2023-10-024.8CVE-2023-44479
MISC
wordpress — wordpress
 
The Profile Extra Fields by BestWebSoft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the prflxtrflds_export_file function in versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to expose potentially sensitive user data, including data entered into custom fields.2023-10-065.3CVE-2023-4469
MISC
MISC
zenario_cms — zenario_cmsA Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer – Spare alias.2023-10-065.4CVE-2023-44770
MISC
zenario_cms — zenario_cmsA Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout.2023-10-065.4CVE-2023-44771
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
DescriptionPublishedCVSS ScoreSource & Patch Info
gitlab — gitlabAn input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.2023-09-293.5CVE-2023-3906
MISC
MISC
mattermost — mattermostMattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots.2023-09-292.7CVE-2023-5159
MISC
mattermost — mattermostMattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation.2023-09-292.7CVE-2023-5193
MISC
phpkobo — ajax_poll_scriptA vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler. The manipulation leads to improper enforcement of a single, unique action. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240949 was assigned to this vulnerability.2023-09-303.7CVE-2023-5313
MISC
MISC
MISC
pure_storage — flasharray_purityA flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode.2023-10-032.7CVE-2023-28373
MISC
pure_storage — flashblad_purityA flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock.2023-10-022.7CVE-2023-28372
MISC
pure_storage — flashblade_purityA flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly.2023-10-022.7CVE-2023-36627
MISC
samsung — androidImproper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number.2023-10-043.3CVE-2023-30732
MISC
samsung — sassistantImproper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant.2023-10-043.3CVE-2023-30735
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
DescriptionPublishedCVSS ScoreSource & Patch Info
simple_and_nice_shopping_cart_scrip —
simple_and_nice_shopping_cart_script
 
File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component.2023-10-06not yet calculatedCVE-2023-44061
MISC
1e — 1e_client
 
1E Client installer can perform arbitrary file deletion on protected files.   A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. A hotfix is available Q23092 that forces the 1E Client to check for a symbolic link or junction and if it finds one refuses to use that path and instead creates a path involving a random GUID.2023-10-05not yet calculatedCVE-2023-45159
MISC
1e — 1e_client
 
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. This has been fixed in patch Q23094 as the 1E Client’s temporary directory is now locked down2023-10-05not yet calculatedCVE-2023-45160
MISC
acronis — acronis_agent
 
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31637.2023-10-05not yet calculatedCVE-2023-44211
MISC
acronis — acronis_agent
 
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31477.2023-10-05not yet calculatedCVE-2023-44212
MISC
MISC
acronis — acronis_agent
 
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.2023-10-05not yet calculatedCVE-2023-44214
MISC
acronis — acronis_agent
 
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.2023-10-05not yet calculatedCVE-2023-45240
MISC
acronis — acronis_agent
 
Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.2023-10-05not yet calculatedCVE-2023-45241
MISC
acronis — acronis_agent
 
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.2023-10-05not yet calculatedCVE-2023-45242
MISC
acronis — acronis_agent
 
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.2023-10-05not yet calculatedCVE-2023-45243
MISC
acronis — acronis_agent
 
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35895.2023-10-06not yet calculatedCVE-2023-45244
MISC
acronis — acronis_agent
 
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36119.2023-10-06not yet calculatedCVE-2023-45245
MISC
acronis — acronis_agent
 
Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36343.2023-10-06not yet calculatedCVE-2023-45246
MISC
acronis — acronis_agent_for_windows
 
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Windows) before build 35739.2023-10-05not yet calculatedCVE-2023-44213
MISC
altair-graphql — altair
 
Altair is a GraphQL Client. Prior to version 5.2.5, the Altair GraphQL Client Desktop Application does not sanitize external URLs before passing them to the underlying system. Moreover, Altair GraphQL Client also does not isolate the context of the renderer process. This affects versions of the software running on MacOS, Windows, and Linux. Version 5.2.5 fixes this issue.2023-10-04not yet calculatedCVE-2023-43799
MISC
MISC
ansible — ansible
 
A logic flaw exists in Ansible. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and availability.2023-10-04not yet calculatedCVE-2023-4380
MISC
MISC
MISC
ansible_automation_platform — ansible_automation_platform
 
A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system’s confidentiality, integrity, and availability.2023-10-04not yet calculatedCVE-2023-4237
MISC
MISC
atlassian — confluence_data_center
 
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. For more details, please review the linked advisory on this CVE.2023-10-04not yet calculatedCVE-2023-22515
MISC
MISC
MISC
buddyboss — buddyboss
 
A stored XSS vulnerability has been found on BuddyBoss Platform affecting version 2.2.9. This vulnerability allows an attacker to store a malicious javascript payload via POST request when sending an invitation.2023-10-03not yet calculatedCVE-2023-32671
MISC
canonical_ltd. — subiquity
 
Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege.2023-10-07not yet calculatedCVE-2023-5182
MISC
MISC
checkfront_inc. — checkfront_online_booking_system
 
Cross-Site Request Forgery (CSRF) vulnerability in Checkfront Inc. Checkfront Online Booking System plugin <= 3.6 versions.2023-10-06not yet calculatedCVE-2023-44146
MISC
cisco — ios_xe_software
 
A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user. This vulnerability exists because Docker containers with the privileged runtime option are not blocked when they are in application development mode. An attacker could exploit this vulnerability by using the Docker CLI to access an affected device. The application development workflow is meant to be used only on development systems and not in production systems.2023-10-04not yet calculatedCVE-2023-20235
MISC
cisco — unified_communications_products
 
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for device management and is unlikely to be used in normal operations of the device. This vulnerability is due to improper API authentication and incomplete validation of the API request. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to high CPU utilization, which could negatively impact user traffic and management access. When the attack stops, the device will recover without manual intervention.2023-10-04not yet calculatedCVE-2023-20259
MISC
citadel — citadelA cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user.2023-10-04not yet calculatedCVE-2023-44272
MISC
MISC
MISC
MISC
d-link — dir-820l
 
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function.2023-10-06not yet calculatedCVE-2023-44807
MISC
MISC
decidim — decidim
 
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The `templates` module doesn’t enforce the correct permissions, allowing any logged-in user to access to this functionality in the administration panel. An attacker could use this vulnerability to change, create or delete templates of surveys. This issue has been patched in version 0.26.8 and 0.27.4.2023-10-06not yet calculatedCVE-2023-36465
MISC
MISC
MISC
digital_china_networks — dcfw-1800-sdc
 
File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component.2023-10-04not yet calculatedCVE-2023-43321
MISC
MISC
discourse — discourse-jira
 
Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the `discourse_jira_verbose_log` site setting. A moderator user could manipulate the request path to the Jira API, allowing them to perform arbitrary GET requests using the Jira API credentials, potentially with elevated permissions, used by the application.2023-10-06not yet calculatedCVE-2023-44384
MISC
MISC
MISC
extreme_networks — iq_engine
 
IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow.2023-10-04not yet calculatedCVE-2023-35803
MISC
facebook — whatsapp_desktop_for_mac
 
A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability.2023-10-04not yet calculatedCVE-2023-38537
MISC
facebook — whatsapp_desktop_for_mac
 
A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability.2023-10-04not yet calculatedCVE-2023-38538
MISC
freebsd — freebsd
 
Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAP_SEEK capability. This incorrect privilege check enabled sandboxed processes with only read or write but no seek capability on a file descriptor to read data from or write data to an arbitrary location within the file corresponding to that file descriptor.2023-10-04not yet calculatedCVE-2023-5369
MISC
freebsd — freebsd
 
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0.2023-10-04not yet calculatedCVE-2023-5370
MISC
fsevents — fsevents
 
fsevents before 1.2.11 depends on the https://fsevents-binaries.s3-us-west-2.amazonaws.com URL, which might allow an adversary to execute arbitrary code if any JavaScript project (that depends on fsevents) distributes code that was obtained from that URL at a time when it was controlled by an adversary.2023-10-06not yet calculatedCVE-2023-45311
MISC
MISC
MISC
MISC
MISC
MISC
MISC
garuda_linux — garuda_linux
 
Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the ‘Garuda settings manager’, an insecure procedure is performed that keeps the created user without an assigned password during some seconds. This could allow a potential attacker to exploit this vulnerability in order to authenticate without knowing the password.2023-10-04not yet calculatedCVE-2021-3784
MISC
gdidees_cms — gdidees_cms
 
GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title.2023-10-06not yet calculatedCVE-2023-44758
MISC
geokit-rails– geokit-railsVersions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the ‘geo_location’ cookie. This issue can be exploited remotely via a malicious cookie value. **Note:** An attacker can use this vulnerability to execute commands on the host system.2023-10-06not yet calculatedCVE-2023-26153
MISC
MISC
MISC
MISC
MISC
go_toolchain — cmd/go
 
Line directives (“//line”) can be used to bypass the restrictions on “//go:cgo_” directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running “go build”. The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.2023-10-05not yet calculatedCVE-2023-39323
MISC
MISC
MISC
MISC
google — android
 
In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.2023-10-06not yet calculatedCVE-2023-21244
MISC
MISC
MISC
MISC
google — android
 
In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.2023-10-06not yet calculatedCVE-2023-21252
MISC
MISC
MISC
google — android
 
In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.2023-10-06not yet calculatedCVE-2023-21253
MISC
MISC
MISC
MISC
google — android
 
In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-10-06not yet calculatedCVE-2023-21266
MISC
MISC
google — android
 
In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.2023-10-06not yet calculatedCVE-2023-21291
MISC
MISC
gradle — gradle
 
Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack (OOB-XXE), just parsing XML can lead to exfiltration of local text files to a remote server. Gradle parses XML files for several purposes. Most of the time, Gradle parses XML files it generated or were already present locally. Only Ivy XML descriptors and Maven POM files can be fetched from remote repositories and parsed by Gradle. In Gradle 7.6.3 and 8.4, resolving XML external entities has been disabled for all use cases to protect against this vulnerability. Gradle will now refuse to parse XML files that have XML external entities.2023-10-06not yet calculatedCVE-2023-42445
MISC
MISC
MISC
gradle — gradle
 
Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to files having too much permissions given that symlinks usually are world readable and writeable. While it is unlikely this results in a direct vulnerability for the impacted build, it may open up attack vectors depending on where build artifacts end up being copied to or un-archived. In versions 7.6.3, 8.4 and above, Gradle will now properly use the permissions of the file pointed at by the symlink to set permissions of the copied or archived file.2023-10-05not yet calculatedCVE-2023-44387
MISC
MISC
MISC
MISC
hex_dragon — plain_craft_launcher_2
 
Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information.2023-10-07not yet calculatedCVE-2023-36123
MISC
MISC
hitachi — hitachi_ops_center_common_services
 
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.2023-10-04not yet calculatedCVE-2023-3971
MISC
MISC
MISC
MISC
hitachi — jp1/performance_management-manager
 
Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation.This issue affects JP1/Performance Management – Manager: from 09-00 before 12-50-07; JP1/Performance Management – Base: from 09-00 through 10-50-*; JP1/Performance Management – Agent Option for Application Server: from 11-00 before 11-50-16; JP1/Performance Management – Agent Option for Enterprise Applications: from 09-00 before 12-00-14; JP1/Performance Management – Agent Option for HiRDB: from 09-00 before 12-00-14; JP1/Performance Management – Agent Option for IBM Lotus Domino: from 10-00 before 11-50-16; JP1/Performance Management – Agent Option for Microsoft(R) Exchange Server: from 09-00 before  12-00-14; JP1/Performance Management – Agent Option for Microsoft(R) Internet Information Server: from 09-00 before 12-00-14; JP1/Performance Management – Agent Option for Microsoft(R) SQL Server: from 09-00 before 12-50-07; JP1/Performance Management – Agent Option for Oracle: from 09-00 before  12-10-08; JP1/Performance Management – Agent Option for Platform: from 09-00 before 12-50-07; JP1/Performance Management – Agent Option for Service Response: from 09-00 before 11-50-16; JP1/Performance Management – Agent Option for Transaction System: from 11-00 before 12-00-14; JP1/Performance Management – Remote Monitor for Microsoft(R) SQL Server: from 09-00 before 12-50-07; JP1/Performance Management – Remote Monitor for Oracle: from 09-00 before 12-10-08; JP1/Performance Management – Remote Monitor for Platform: from 09-00 before 12-10-08; JP1/Performance Management – Remote Monitor for Virtual Machine: from 10-00 before 12-50-07; JP1/Performance Management – Agent Option for Domino: from 09-00 through 09-00-*; JP1/Performance Management – Agent Option for IBM WebSphere Application Server: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for IBM WebSphere MQ: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for JP1/AJS3: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for OpenTP1: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for Oracle WebLogic Server: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for uCosminexus Application Server: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for Virtual Machine: from 09-00 through 09-01-*.2023-10-03not yet calculatedCVE-2023-3440
MISC
hotrod-client — hotrod-client
 
A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.2023-10-04not yet calculatedCVE-2023-4586
MISC
MISC
MISC
hp_inc. — multiple_products
 
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI.2023-10-04not yet calculatedCVE-2023-5113
MISC
htmlsanitizer — htmlsanitizer
 
HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. The vulnerability occurs in configurations where foreign content is allowed, i.e. either `svg` or `math` are in the list of allowed elements. In the case an application sanitizes user input with a vulnerable configuration, an attacker could bypass the sanitization and inject arbitrary HTML, including JavaScript code. Note that in the default configuration the vulnerability is not present. The vulnerability has been fixed in versions 8.0.723 and 8.1.722-beta (preview version).2023-10-05not yet calculatedCVE-2023-44390
MISC
MISC
hydra — hydra
 
Hydra is the layer-two scalability solution for Cardano. Users of the Hydra head protocol send the UTxOs they wish to commit into the Hydra head first to the `commit` validator, where they remain until they are either collected into the `head` validator or the protocol initialisation is aborted and the value in the committed UTxOs is returned to the users who committed them. Prior to version 0.12.0, the `commit` validator contains a flawed check when the `ViaAbort` redeemer is used, which allows any user to spend any UTxO which is at the validator arbitrarily, meaning an attacker can steal the funds that users are trying to commit into the head validator. The intended behavior is that the funds must be returned to the user which committed the funds and can only be performed by a participant of the head. The `initial` validator also is similarly affected as the same flawed check is performed for the `ViaAbort` redeemer. Due to this issue, an attacker can steal any funds that user’s try to commit into a Hydra head. Also, an attacker can prevent any Hydra head from being successfully opened. It does not allow an attacker to take funds which have been successfully collected into and currently reside in the `head` validator. Version 0.12.0 contains a fix for this issue.2023-10-04not yet calculatedCVE-2023-38701
MISC
MISC
MISC
MISC
hydra — hydra
 
Hydra is the layer-two scalability solution for Cardano. Prior to version 0.13.0, the specification states that the contestation period in the datum of the UTxO at the head validator must stay unchanged as the state progresses from Open to Closed (Close transaction), but no such check appears to be performed in the `checkClose` function of the head validator. This would allow a malicious participant to modify the contestation deadline of the head to either allow them to fanout the head without giving another participant the chance to contest or prevent any participant from ever redistributing the funds locked in the head via a fan-out. Version 0.13.0 contains a patch for this issue.2023-10-04not yet calculatedCVE-2023-42448
MISC
MISC
MISC
MISC
MISC
hydra — hydra
 
Hydra is the two-layer scalability solution for Cardano. Prior to version 0.13.0, it is possible for a malicious head initializer to extract one or more PTs for the head they are initializing due to incorrect data validation logic in the head token minting policy which then results in a flawed check for burning the head ST in the `initial` validator. This is possible because it is not checked in `HeadTokens.hs` that the datums of the outputs at the `initial` validator are equal to the real head ID, and it is also not checked in the `off-chain code`. During the `Initial` state of the protocol, if the malicious initializer removes a PT from the Hydra scripts it becomes impossible for any other participant to reclaim any funds they have attempted to commit into the head, as to do so the Abort transaction must burn all the PTs for the head, but they cannot burn the PT which the attacker controls and so cannot satisfy this requirement. That means the initializer can lock the other participants committed funds forever or until they choose to return the PT (ransom). The malicious initializer can also use the PT to spoof that they have committed a particular TxO when progressing the head into the `Open` state. For example, they could say they committed a TxO residing at their address containing 100 ADA, but in fact this 100 ADA was not moved into the head, and thus in order for another participant to perform the fanout they will be forced to pay the attacker the 100 ADA out of their own funds, as the fanout transaction must pay all the committed TxOs (even though the attacker did not really commit that TxO). They can do this by placing the PT in a UTxO with a well-formed `Commit` datum with whatever contents they like, then use this UTxO in the `collectCom` transaction. There may be other possible ways to abuse having control of a PT. Version 0.13.0 fixes this issue.2023-10-04not yet calculatedCVE-2023-42449
MISC
MISC
MISC
MISC
MISC
ibm — engineering_lifecycle_management
 
IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version information to a user that could be used in further attacks against the system. IBM X-Force ID: 230498.2023-10-06not yet calculatedCVE-2022-34355
MISC
MISC
ibm — robotic_process_automationIBM Robotic Process Automation 23.0.9 is vulnerable to privilege escalation that affects ownership of projects. IBM X-Force ID: 247527.2023-10-06not yet calculatedCVE-2023-43058
MISC
MISC
ibm — security_directory_suite
 
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568.2023-10-06not yet calculatedCVE-2022-33160
MISC
MISC
ibm — storage_protect_client
 
IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246.2023-10-06not yet calculatedCVE-2023-35897
MISC
MISC
idm_sistemas_qsige — qsige
 
The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.2023-10-03not yet calculatedCVE-2023-4101
MISC
idm_sistemas_qsige — qsige
 
QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.2023-10-03not yet calculatedCVE-2023-4102
MISC
idm_sistemas_qsige — qsige
 
QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application.2023-10-03not yet calculatedCVE-2023-4103
MISC
imagemagick — imagemagick
 
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.2023-10-04not yet calculatedCVE-2023-3428
MISC
MISC
keycloak — keycloak
 
A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as any other client, therefore, access data that belongs to other clients.2023-10-04not yet calculatedCVE-2023-2422
MISC
MISC
MISC
MISC
MISC
MISC
MISC
kong — insomnia
 
Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLD_INSERT_LIBRARIES environment variable.2023-10-04not yet calculatedCVE-2023-40299
MISC
MISC
MISC
MISC
libtiff — libtiff
 
A memory leak flaw was found in Libtiff’s tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service.2023-10-04not yet calculatedCVE-2023-3576
MISC
MISC
libtiff — libtiff
 
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.2023-10-05not yet calculatedCVE-2023-40745
MISC
MISC
libtiff — libtiff
 
A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.2023-10-05not yet calculatedCVE-2023-41175
MISC
MISC
linux — kernel
 
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.2023-10-05not yet calculatedCVE-2023-42754
MISC
MISC
MISC
MISC
MISC
MISC
linux — kernel
 
A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.2023-10-05not yet calculatedCVE-2023-42755
MISC
MISC
MISC
mbed_tls — mbed_tls
 
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.2023-10-07not yet calculatedCVE-2023-43615
MISC
mbed_tls — mbed_tls
 
Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.2023-10-07not yet calculatedCVE-2023-45199
MISC
meks — multiple_productsCross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup.2023-10-03not yet calculatedCVE-2023-25989
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
meta — tac_plus
 
A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server.2023-10-06not yet calculatedCVE-2023-45239
MISC
MISC
MISC
milesight — multiple_products
 
Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.2023-10-05not yet calculatedCVE-2023-43260
MISC
milesight — multiple_products
 
An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.2023-10-04not yet calculatedCVE-2023-43261
MISC
MISC
MISC
MISC
MISC
misskey — misskey
 
Misskey is an open source, decentralized social media platform. Prior to version 2023.9.0, by editing the URL, a user can bypass the authentication of the Bull dashboard, which is the job queue management UI, and access it. Version 2023.9.0 contains a fix. There are no known workarounds.2023-10-04not yet calculatedCVE-2023-43793
MISC
MISC
MISC
mozilla — common_voice
 
Common Voice is the web app for Mozilla Common Voice, a platform for collecting speech donations in order to create public domain datasets for training voice recognition-related tools. Version 1.88.2 is vulnerable to reflected Cross-Site Scripting given that user-controlled data flows to a path expression (path of a network request). This issue may lead to reflected Cross-Site Scripting (XSS) in the context of Common Voice’s server origin. As of time of publication, it is unknown whether any patches or workarounds exist.2023-10-04not yet calculatedCVE-2023-42808
MISC
MISC
MISC
national_instruments — measurementlink
 
An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using version 1.1.0 of the ni-measurementlink-service Python package and all previous versions.2023-10-05not yet calculatedCVE-2023-4570
MISC
netbsd_ftpd — netbsd_ftpd
 
ftpd before “NetBSD-ftpd 20230930” can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) before 20231001 is also vulnerable.2023-10-05not yet calculatedCVE-2023-45198
MISC
MISC
netis_systems — n3m_firmware
 
An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service via the authorization component in the HTTP request.2023-10-06not yet calculatedCVE-2023-44860
MISC
nexkey — nexkey
 
Nexkey is a fork of Misskey, an open source, decentralized social media platform. Prior to version 12.121.9, incomplete URL validation can allow users to bypass authentication for access to the job queue dashboard. Version 12.121.9 contains a fix for this issue. As a workaround, it may be possible to avoid this by blocking access using tools such as Cloudflare’s WAF.2023-10-04not yet calculatedCVE-2023-43805
MISC
MISC
MISC
open_mct — open_mct
 
In NASA Open MCT (aka openmct) 2.2.5 before 545a177, prototype pollution can occur via an import action.2023-10-06not yet calculatedCVE-2023-45282
MISC
MISC
opentelemetry — opentelemetry
 
OpenTelemetry, also known as OTel for short, is a vendor-neutral open-source Observability framework for instrumenting, generating, collecting, and exporting telemetry data such as traces, metrics, logs. Autoinstrumentation out of the box adds the label `http_method` that has unbound cardinality. It leads to the server’s potential memory exhaustion when many malicious requests are sent. HTTP method for requests can be easily set by an attacker to be random and long. In order to be affected program has to be instrumented for HTTP handlers and does not filter any unknown HTTP methods on the level of CDN, LB, previous middleware, etc. This issue has been patched in version 0.41b0.2023-10-06not yet calculatedCVE-2023-43810
MISC
MISC
MISC
openvswitch — openvswitch
 
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.2023-10-06not yet calculatedCVE-2023-5366
MISC
MISC
pigcms — pigcms
 
pigcms up to 7.0 was discovered to contain an arbitrary file upload vulnerability.2023-10-05not yet calculatedCVE-2023-43269
MISC
prixan — connect
 
Prixan prixanconnect up to v1.62 was discovered to contain a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts().2023-10-05not yet calculatedCVE-2023-40920
MISC
puppet — bolt
 
In Puppet Bolt versions prior to 3.27.4, a path to escalate privileges was identified.2023-10-06not yet calculatedCVE-2023-5214
MISC
qnap_systems_inc. — multiple_products
 
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later2023-10-06not yet calculatedCVE-2023-32971
MISC
qnap_systems_inc. — multiple_products
 
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later2023-10-06not yet calculatedCVE-2023-32972
MISC
qnap_systems_inc. — music_station
 
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later2023-10-06not yet calculatedCVE-2023-23365
MISC
qnap_systems_inc. — music_station
 
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later2023-10-06not yet calculatedCVE-2023-23366
MISC
qnap_systems_inc. — qvpn_windows
 
An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.1.0.0518 and later2023-10-06not yet calculatedCVE-2023-23370
MISC
qnap_systems_inc. — qvpn_windows
 
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.2.0.0823 and later2023-10-06not yet calculatedCVE-2023-23371
MISC
qognify — nicevision
 
Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. With these credentials an attacker can retrieve information about the cameras, user information, and modify database records.2023-10-05not yet calculatedCVE-2023-2306
MISC
quarkus_oidc — quarkus_oidc
 
A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provider services. Please note that passwords are not stored in access tokens.2023-10-04not yet calculatedCVE-2023-1584
MISC
MISC
MISC
MISC
MISC
red_hat — multiple_products
 
A flaw was found in OpenShift API, as admission checks do not enforce “custom-host” permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.2023-10-05not yet calculatedCVE-2022-3248
MISC
MISC
red_hat — openshift
 
A content spoofing flaw was found in OpenShift’s OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation.2023-10-05not yet calculatedCVE-2022-4145
MISC
MISC
redisson — redisson
 
Redisson is a Java Redis client that uses the Netty framework. Prior to version 3.22.0, some of the messages received from the Redis server contain Java objects that the client deserializes without further validation. Attackers that manage to trick clients into communicating with a malicious server can include especially crafted objects in its responses that, once deserialized by the client, force it to execute arbitrary code. This can be abused to take control of the machine the client is running in. Version 3.22.0 contains a patch for this issue. Some post-fix advice is available. Do NOT use `Kryo5Codec` as deserialization codec, as it is still vulnerable to arbitrary object deserialization due to the `setRegistrationRequired(false)` call. On the contrary, `KryoCodec` is safe to use. The fix applied to `SerializationCodec` only consists of adding an optional allowlist of class names, even though making this behavior the default is recommended. When instantiating `SerializationCodec` please use the `SerializationCodec(ClassLoader classLoader, Set<String> allowedClasses)` constructor to restrict the allowed classes for deserialization.2023-10-04not yet calculatedCVE-2023-42809
MISC
MISC
samsung_mobile — samsung_mobile_devices
 
Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.2023-10-04not yet calculatedCVE-2023-30690
MISC
schneider_electric — c-bus_toolkit
 
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could cause a path traversal issue when using the File Command. 2023-10-04not yet calculatedCVE-2023-5399
MISC
schneider_electric — c-bus_toolkit
 
A CWE-269: Improper Privilege Management vulnerability exists that could cause a local privilege escalation when the transfer command is used.2023-10-04not yet calculatedCVE-2023-5402
MISC
schneider_electric — ecostruxure_power_monitoring_expert
 
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker to execute arbitrary code on the targeted system by sending a specifically crafted packet to the application. 2023-10-04not yet calculatedCVE-2023-5391
MISC
silicon_labs — ember_znet
 
TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected2023-10-04not yet calculatedCVE-2023-41094
MISC
snipe — snipe-it
 
Cross-site Scripting (XSS) – Stored in GitHub repository snipe/snipe-it prior to v6.2.2.2023-10-06not yet calculatedCVE-2023-5452
MISC
MISC
soft_serve — soft_serve
 
Soft Serve is a self-hostable Git server for the command line. Prior to version 0.6.2, a security vulnerability in Soft Serve could allow an unauthenticated, remote attacker to bypass public key authentication when keyboard-interactive SSH authentication is active, through the `allow-keyless` setting, and the public key requires additional client-side verification for example using FIDO2 or GPG. This is due to insufficient validation procedures of the public key step during SSH request handshake, granting unauthorized access if the keyboard-interaction mode is utilized. An attacker could exploit this vulnerability by presenting manipulated SSH requests using keyboard-interactive authentication mode. This could potentially result in unauthorized access to the Soft Serve. Users should upgrade to the latest Soft Serve version `v0.6.2` to receive the patch for this issue. To work around this vulnerability without upgrading, users can temporarily disable Keyboard-Interactive SSH Authentication using the `allow-keyless` setting.2023-10-04not yet calculatedCVE-2023-43809
MISC
MISC
MISC
MISC
sourcecodester — online_pizza_ordering_system
 
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirm_order. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-241384.2023-10-05not yet calculatedCVE-2023-5423
MISC
MISC
thingsboard — thingboard
 
ThingsBoard before 3.5 allows Server-Side Template Injection if users are allowed to modify an email template, because Apache FreeMarker supports freemarker.template.utility.Execute (for content sent to the /api/admin/settings endpoint).2023-10-06not yet calculatedCVE-2023-45303
MISC
MISC
trellix_ — trellix_endpoint_security
 
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code.2023-10-04not yet calculatedCVE-2023-3665
MISC
urllib3 — urllib3
 
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn’t treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn’t disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.2023-10-04not yet calculatedCVE-2023-43804
MISC
MISC
MISC
MISC
vapor — vapor
 
Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler closed connections when HTTP parse errors occur instead of passing them on. The issue is fixed as of Vapor release 4.84.2.2023-10-05not yet calculatedCVE-2023-44386
MISC
MISC
MISC
vim — vim
 
NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.2023-10-05not yet calculatedCVE-2023-5441
MISC
MISC
watchguard — epdrAn issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe.2023-10-05not yet calculatedCVE-2023-26236
CONFIRM
watchguard — epdrAn issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM.2023-10-05not yet calculatedCVE-2023-26237
CONFIRM
watchguard — epdrAn issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe.2023-10-05not yet calculatedCVE-2023-26238
CONFIRM
watchguard — epdrAn issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user.2023-10-05not yet calculatedCVE-2023-26239
CONFIRM
webkit — webkit
 
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability.2023-10-06not yet calculatedCVE-2023-39928
MISC
MISC
wireshark — wireshark
 
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file2023-10-04not yet calculatedCVE-2023-5371
MISC
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share Boost plugin <= 4.5 versions.2023-10-06not yet calculatedCVE-2023-25033
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions.2023-10-06not yet calculatedCVE-2023-25480
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin <= 2.8.0 versions.2023-10-06not yet calculatedCVE-2023-27448
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Dipak C. Gajjar WP Super Minify plugin <= 1.5.1 versions.2023-10-06not yet calculatedCVE-2023-27615
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simple Org Chart plugin <= 2.3.4 versions.2023-10-06not yet calculatedCVE-2023-40008
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Greg Ross Schedule Posts Calendar plugin <= 5.2 versions.2023-10-06not yet calculatedCVE-2023-40556
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in ??wp DX-auto-save-images plugin <= 1.4.0 versions.2023-10-06not yet calculatedCVE-2023-40671
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Venugopal Remove/hide Author, Date, Category Like Entry-Meta plugin <= 2.1 versions.2023-10-06not yet calculatedCVE-2023-41650
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Andreas Heigl authLdap plugin <= 2.5.8 versions.2023-10-06not yet calculatedCVE-2023-41654
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Jules Colle, BDWM Responsive Gallery Grid plugin <= 2.3.10 versions.2023-10-06not yet calculatedCVE-2023-41659
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Blocks plugin <= 1.0.20 versions.2023-10-06not yet calculatedCVE-2023-41732
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin <= 4.3 versions.2023-10-06not yet calculatedCVE-2023-41801
MISC
wordpress — wordpressCross-Site Request Forgery (CSRF) vulnerability in Laposta – Roel Bousardt Laposta Signup Basic plugin <= 1.4.1 versions.2023-10-06not yet calculatedCVE-2023-41950
MISC
wordpress — wordpress
 
A vulnerability classified as problematic has been found in WP Ultimate CSV Importer Plugin 3.7.2 on WordPress. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 3.7.3 is able to address this issue. The identifier of the patch is 13c30af721d3f989caac72dd0f56cf0dc40fad7e. It is recommended to upgrade the affected component. The identifier VDB-241317 was assigned to this vulnerability.2023-10-05not yet calculatedCVE-2015-10125
MISC
MISC
MISC
MISC
wordpress — wordpress
 
A vulnerability classified as critical was found in Easy2Map Photos Plugin 1.0.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The patch is identified as 503d9ee2482d27c065f78d9546f076a406189908. It is recommended to upgrade the affected component. VDB-241318 is the identifier assigned to this vulnerability.2023-10-06not yet calculatedCVE-2015-10126
MISC
MISC
MISC
wordpress — wordpress
 
Cross-Site Request Forgery (CSRF) vulnerability in P Royal Royal Elementor Addons and Templates plugin <= 1.3.75 versions.2023-10-06not yet calculatedCVE-2022-47175
MISC
wordpress — wordpress
 
Cross-Site Request Forgery (CSRF) vulnerability in FooPlugins Best WordPress Gallery Plugin – FooGallery plugin <= 2.2.44 versions.2023-10-06not yet calculatedCVE-2023-44233
MISC
wordpress — wordpress
 
Cross-Site Request Forgery (CSRF) vulnerability in Dylan Blokhuis Instant CSS plugin <= 1.2.1 versions.2023-10-06not yet calculatedCVE-2023-44243
MISC
zephyr — zephyr
 
Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem2023-10-06not yet calculatedCVE-2023-3725
MISC
zope_foundation — zope
 
Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.62023-10-04not yet calculatedCVE-2023-44389
MISC
MISC
MISC

Back to top


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.