US-CERT Vulnerability Summary for the Week of October 2, 2023
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
High Vulnerabilities
Primary Vendor — Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
acronis — agent | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 29051. | 2023-10-04 | 7.8 | CVE-2023-44209 MISC |
acronis — cyber_protect_home_office | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713. | 2023-10-04 | 9.1 | CVE-2023-44208 MISC |
afterlogic — aurora_files | A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute arbitrary code via supplying a crafted .sabredav file. | 2023-10-03 | 8.8 | CVE-2023-43176 MISC MISC MISC MISC |
apple — ipados/ios | The issue was addressed with improved checks. This issue is fixed in iOS 17.0.3 and iPadOS 17.0.3. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6. | 2023-10-04 | 7.8 | CVE-2023-42824 MISC MISC MISC |
aqua_esolutions — aqua_drive | Aqua Drive, in its 2.4 version, is vulnerable to a relative path traversal vulnerability. By exploiting this vulnerability, an authenticated non privileged user could access/modify stored resources of other users. It could also be possible to access and modify the source and configuration files of the cloud disk platform, affecting the integrity and availability of the entire platform. | 2023-10-04 | 8.8 | CVE-2023-3701 MISC |
asyncua — asyncua | Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. **Note:** This issue is a result of missing checks for services that require an active session. | 2023-10-03 | 7.5 | CVE-2023-26150 MISC MISC MISC MISC MISC MISC MISC |
asyncua — asyncua | Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory. | 2023-10-03 | 7.5 | CVE-2023-26151 MISC MISC MISC MISC MISC MISC |
baramundi_software_gmbh — enterprise_mobility_management_agent | Buffer Overflow vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an attacker to cause a denial of service via a crafted request to the password parameter. | 2023-10-02 | 7.8 | CVE-2023-37605 MISC |
bydemes — airspace_cctv_web_service | The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access. | 2023-10-03 | 8.8 | CVE-2023-0506 MISC MISC |
cambium_networks — enterprise_wi-fi | Cambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitize the ping host argument in device-agent. | 2023-09-29 | 9.8 | CVE-2022-35908 CONFIRM MISC |
candlepin — candlepin | An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant. | 2023-10-04 | 8.1 | CVE-2023-1832 MISC MISC |
caphyon — advanced_installer | A vulnerability classified as critical has been found in Caphyon Advanced Installer 19.7. This affects an unknown part of the component WinSxS DLL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Upgrading to version 19.7.1 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-240903. | 2023-09-30 | 7.8 | CVE-2022-4956 MISC MISC MISC MISC |
cashit — cashit! | cashIT! – serving solutions. Devices from “PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH” to 03.A06rks 2023.02.37 are affected by an origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the network. | 2023-10-03 | 9.8 | CVE-2023-3654 MISC |
cashit — cashit! | cashIT! – serving solutions. Devices from “PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH” to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network. | 2023-10-03 | 9.8 | CVE-2023-3656 MISC |
cashit — cashit! | cashIT! – serving solutions. Devices from “PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH” to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,…). This vulnerability can be triggered by an HTTP endpoint exposed to the network. | 2023-10-03 | 7.5 | CVE-2023-3655 MISC |
cato_networks — cato_client | An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and winning the race condition (TOCTOU) via the PrivilegedHelperTool component. | 2023-10-03 | 8.1 | CVE-2023-43976 MISC MISC |
cisco — emergency_responder | A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. | 2023-10-04 | 9.8 | CVE-2023-20101 MISC |
composer — composer | Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has `register_argc_argv` enabled in php.ini. Versions 2.6.4, 2.2.22 and 1.10.27 patch this vulnerability. Users are advised to upgrade. Users unable to upgrade should make sure `register_argc_argv` is disabled in php.ini, and avoid publishing composer.phar to the web as this is not best practice. | 2023-09-29 | 8.8 | CVE-2023-43655 MISC MISC MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44828 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44829 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44830 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44831 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44832 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44833 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44834 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44835 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44836 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44837 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44838 MISC MISC |
d-link — dir-823g_firmware | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | 2023-10-05 | 7.5 | CVE-2023-44839 MISC MISC |
d-link — dir-846_firmware | An issue in D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 firmware version 100A53DBR-Retail allows a remote attacker to execute arbitrary code. | 2023-10-05 | 8.8 | CVE-2023-43284 MISC MISC |
dedecms — dedecms | A vulnerability classified as critical was found in DedeCMS 5.7.111. This vulnerability affects the function AddMyAddon of the file album_add.php. The manipulation of the argument albumUploadFiles leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240940. | 2023-09-30 | 8.8 | CVE-2023-5301 MISC MISC MISC |
dell — common_event_enabler | Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges. | 2023-09-29 | 7.8 | CVE-2023-32477 MISC |
dell — smartfabric_storage_software | Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity. | 2023-10-05 | 9.8 | CVE-2023-32485 MISC |
dell — smartfabric_storage_software | Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands. | 2023-10-05 | 8.8 | CVE-2023-43068 MISC |
dell — smartfabric_storage_software | Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access. | 2023-10-05 | 8.8 | CVE-2023-4401 MISC |
dell — smartfabric_storage_software | Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker. | 2023-10-05 | 7.8 | CVE-2023-43069 MISC |
dell — smartfabric_storage_software | Dell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands. | 2023-10-05 | 7.8 | CVE-2023-43072 MISC |
deyue_remote_vehicle_management_system — deyue_remote_vehicle_management_system | Deyue Remote Vehicle Management System v1.1 was discovered to contain a deserialization vulnerability. | 2023-10-02 | 8.8 | CVE-2023-43268 MISC MISC MISC |
dts — monitoring | An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection (blind). | 2023-10-03 | 9.8 | CVE-2023-33268 MISC |
dts — monitoring | An issue was discovered in DTS Monitoring 3.57.0. The parameter options within the WGET check function is vulnerable to OS command injection (blind). | 2023-10-03 | 9.8 | CVE-2023-33269 MISC |
dts — monitoring | An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check function is vulnerable to OS command injection (blind). | 2023-10-03 | 9.8 | CVE-2023-33270 MISC |
dts — monitoring | An issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL Certificate check function is vulnerable to OS command injection (blind). | 2023-10-03 | 9.8 | CVE-2023-33271 MISC |
dts — monitoring | An issue was discovered in DTS Monitoring 3.57.0. The parameter ip within the Ping check function is vulnerable to OS command injection (blind). | 2023-10-03 | 9.8 | CVE-2023-33272 MISC |
dts — monitoring | An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the WGET check function is vulnerable to OS command injection (blind). | 2023-10-03 | 9.8 | CVE-2023-33273 MISC |
eclipse — mosquitto | In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types. | 2023-10-02 | 7.5 | CVE-2023-3592 MISC |
ecshop — ecshop | A vulnerability has been found in ECshop 4.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/order.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240925 was assigned to this vulnerability. | 2023-09-29 | 8.8 | CVE-2023-5294 MISC MISC MISC |
efs_software — easy_address_book_web_server | Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, asking for the name via a POST request, resulting in arbitrary code execution on the remote machine. | 2023-10-04 | 9.8 | CVE-2023-4491 MISC |
efs_software — easy_chat_server | Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine. | 2023-10-04 | 9.8 | CVE-2023-4494 MISC |
emlog — emlog | An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 2023-10-03 | 9.8 | CVE-2023-44973 MISC |
emlog — emlog | An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 2023-10-03 | 9.8 | CVE-2023-44974 MISC |
field_logic — datacube4_firmware | A vulnerability classified as problematic was found in Field Logic DataCube4 up to 20231001. This vulnerability affects unknown code of the file /api/ of the component Web API. The manipulation leads to improper authentication. The exploit has been disclosed to the public and may be used. VDB-241030 is the identifier assigned to this vulnerability. | 2023-10-02 | 7.5 | CVE-2023-5329 MISC MISC MISC |
free5gc — free5gc | Cross-Site Request Forgery vulnerability, whose exploitation could allow an attacker to perform different actions on the platform as an administrator, simply by changing the token value to “admin”. It is also possible to perform POST, GET and DELETE requests without any token value. Therefore, an unprivileged remote user is able to create, delete and modify users within theapplication. | 2023-10-02 | 9.8 | CVE-2023-4659 MISC |
furuno_systems — acera_1210_firmware | Cross-site request forgery (CSRF) vulnerability exists in FURUNO SYSTEMS wireless LAN access point devices. If a user views a malicious page while logged in, unintended operations may be performed. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode. | 2023-10-03 | 8.8 | CVE-2023-41086 MISC MISC |
furuno_systems — acera_1310_firmware | OS command injection vulnerability in FURUNO SYSTEMS wireless LAN access point devices allow an authenticated user to execute an arbitrary OS command that is not intended to be executed from the web interface by sending a specially crafted request. Affected products and versions are as follows: ACERA 1320 firmware ver.01.26 and earlier, ACERA 1310 firmware ver.01.26 and earlier, ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode. | 2023-10-03 | 8.8 | CVE-2023-39222 MISC MISC |
furuno_systems — acera_1310_firmware | Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files and/or firmware. They are affected when running in ST(Standalone) mode. | 2023-10-03 | 8.8 | CVE-2023-42771 MISC MISC |
gitlab — gitlab | A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user. | 2023-09-30 | 8.8 | CVE-2023-5207 MISC MISC MISC |
gitlab — gitlab | An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to only project members. | 2023-09-29 | 7.5 | CVE-2023-3413 MISC MISC |
gitlab — gitlab | Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail. | 2023-09-29 | 7.5 | CVE-2023-3917 MISC MISC |
gitlab — gitlab | An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports. | 2023-10-02 | 7.5 | CVE-2023-5106 MISC |
gitlab — gitlab | An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page. | 2023-09-29 | 7.1 | CVE-2023-3922 MISC MISC |
gnu — glibc | A buffer overflow was discovered in the GNU C Library’s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | 2023-10-03 | 7.8 | CVE-2023-4911 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
google — chrome | Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-10-05 | 8.8 | CVE-2023-5346 MISC MISC MISC |
gpac — gpac | Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV. | 2023-10-04 | 7.1 | CVE-2023-5377 MISC MISC |
hashicorp — vault | The Vault and Vault Enterprise (“Vault”) Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0. | 2023-09-29 | 7.5 | CVE-2023-5077 MISC |
helpdezk — helpdezk | Improper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to access the platform without authentication and retrieve personal data via the jsonGrid parameter. | 2023-10-04 | 8.6 | CVE-2023-3037 MISC |
helpdezk — helpdezk | SQL injection vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the rows parameter of the jsonGrid route and extract all the information stored in the application. | 2023-10-04 | 7.5 | CVE-2023-3038 MISC |
hitachi — ops_center_common_services | Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00. | 2023-10-03 | 7.5 | CVE-2023-3967 MISC |
hospital_management_system — hospital_management_system | Hospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. | 2023-09-29 | 9.1 | CVE-2023-43909 MISC |
ibermatica — ibermatica_rps | Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded. | 2023-10-03 | 7.5 | CVE-2023-3349 MISC |
ibermatica — ibermatica_rps | A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By firstly downloading the log file, an attacker could retrieve the SQL query sent to the application in plaint text. This log file contains the password hashes coded with AES-CBC-128 bits algorithm, which can be decrypted with a .NET function, obtaining the username’s password in plain text. | 2023-10-03 | 7.5 | CVE-2023-3350 MISC |
ibm — disconnected_log_collector | IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security misconfigurations that could disclose unintended information. IBM X-Force ID: 224648. | 2023-10-04 | 7.5 | CVE-2022-22447 MISC MISC MISC |
ibm — observability_with_instana | IBM Observability with Instana 1.0.243 through 1.0.254 could allow an attacker on the network to execute arbitrary code on the host after a successful DNS poisoning attack. IBM X-Force ID: 259789. | 2023-10-04 | 9.8 | CVE-2023-37404 MISC MISC |
icpdas — et-7060_firmware | This vulnerability allows an authenticated attacker to upload malicious files by bypassing the restrictions of the upload functionality, compromising the entire device. | 2023-10-03 | 8.8 | CVE-2023-4817 MISC |
ingeteam — ingepac_da3451_firmware | Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services. | 2023-10-02 | 7.5 | CVE-2023-3768 MISC |
ingeteam — ingepac_fc5066_firmware | Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services. | 2023-10-02 | 7.5 | CVE-2023-3769 MISC |
jorani — jorani | An SQL Injection vulnerability has been found on Jorani version 1.0.0. This vulnerability allows an authenticated remote user, with low privileges, to send queries with malicious SQL code on the “/leaves/validate” path and the “id” parameter, managing to extract arbritary information from the database. | 2023-10-03 | 8.8 | CVE-2023-2681 MISC |
libvpx — libvpx | VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. | 2023-09-30 | 7.5 | CVE-2023-44488 MISC MISC MISC MISC MLIST MLIST MISC GENTOO DEBIAN |
linux — kernel | An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in ceph_decode_32. | 2023-09-29 | 8.8 | CVE-2023-44466 MISC MISC MISC MISC |
linux — kernel | An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel. | 2023-10-04 | 8.2 | CVE-2023-39191 MISC MISC MISC |
linux — kernel | A use-after-free vulnerability in the Linux kernel’s fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705. | 2023-10-03 | 7.8 | CVE-2023-5345 MISC MISC MISC MISC MISC |
mediatek,_inc. — lr11 | In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003. | 2023-10-02 | 9.8 | CVE-2023-20819 MISC |
mediatek,_inc. — multiple_products | In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637. | 2023-10-02 | 7.5 | CVE-2023-32820 MISC |
microweber — microweber | Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0. | 2023-09-30 | 7.5 | CVE-2023-5318 MISC MISC |
mojoportal — mojoportal | File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the File Manager function. | 2023-10-02 | 9.8 | CVE-2023-44008 MISC |
mojoportal — mojoportal | File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function. | 2023-10-02 | 9.8 | CVE-2023-44009 MISC MISC |
mojoportal — mojoportal | An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component. | 2023-10-02 | 9.8 | CVE-2023-44011 MISC |
moxa — nport_5150ai-m12-ct-t_firmware | All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices. | 2023-10-03 | 8.8 | CVE-2023-4929 MISC |
netis_systems — n3m_firmware | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. This vulnerability is exploited via a crafted payload. | 2023-10-02 | 9.8 | CVE-2023-43891 MISC |
netis_systems — n3m_firmware | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings. This vulnerability is exploited via a crafted payload. | 2023-10-02 | 9.8 | CVE-2023-43892 MISC |
netis_systems — n3m_firmware | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. This vulnerability is exploited via a crafted payload. | 2023-10-02 | 9.8 | CVE-2023-43893 MISC |
netis_systems — n3m_firmware | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. This vulnerability is exploited via a crafted HTTP request. | 2023-10-02 | 8.8 | CVE-2023-43890 MISC |
nodebb_inc. — nodebb | Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively. | 2023-09-29 | 7.5 | CVE-2023-30591 MISC MISC MISC MISC |
nokia — wavelite_metro_200_and_fan_firmware | If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative privileges by manipulating a web request. This affects (for example) WaveLite Metro 200 and Fan, WaveLite Metro 200 OPS and Fans, WaveLite Metro 200 and F2B fans, WaveLite Metro 200 OPS and F2B fans, WaveLite Metro 200 NE and F2B fans, and WaveLite Metro 200 NE OPS and F2B fans. | 2023-10-04 | 7.8 | CVE-2023-22618 MISC MISC |
open5gs — open5gs | DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. This action could trigger the args_assets() function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash. | 2023-10-03 | 7.5 | CVE-2023-4882 MISC |
open5gs — open5gs | Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF (Virtual Network Function) and triggering the ogs_sbi_message_free function, which could cause a service outage. | 2023-10-03 | 7.5 | CVE-2023-4883 MISC |
open5gs — open5gs | An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication. | 2023-10-03 | 7.5 | CVE-2023-4884 MISC |
optipng — optipng | OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the ‘buffer’ variable at gifread.c. | 2023-10-01 | 7.8 | CVE-2023-43907 MISC MISC MISC |
oracle — apache_avro | When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro version 1.11.3 which addresses this issue. | 2023-09-29 | 7.5 | CVE-2023-39410 MISC MISC |
pandora_fms — pandora_fms | A Cross-site Request Forgery (CSRF) vulnerability in Pandora FMS allows an attacker to force authenticated users to send a request to a web application they are currently authenticated against. This issue affects Pandora FMS version 767 and earlier versions on all platforms. | 2023-10-03 | 7.1 | CVE-2023-24518 MISC |
personal_management_system — personal_management_system | An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile’s avatar. | 2023-10-04 | 7.8 | CVE-2023-43838 MISC MISC MISC MISC MISC MISC |
phpipam — phpipam | Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request. | 2023-10-02 | 7.5 | CVE-2023-41580 MISC MISC |
phpmyfaq — phpmyfaq | Unrestricted Upload of File with Dangerous Type in GitHub repository thorsten/phpmyfaq prior to 3.1.8. | 2023-09-30 | 9.8 | CVE-2023-5227 MISC MISC |
pjsip — pjsip | PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability’s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch. | 2023-10-06 | 9.8 | CVE-2023-38703 MISC MISC |
prestashop — prestashop | SQL injection vulnerability in KnowBand Module One Page Checkout, Social Login & Mailchimp (supercheckout) v.8.0.3 and before allows a remote attacker to execute arbitrary code via a crafted request to the updateCheckoutBehaviour function in the supercheckout.php component. | 2023-10-05 | 9.8 | CVE-2023-44024 MISC |
prestashop — prestashop | Improper neutralization of SQL parameter in Theme Volty CMS Payment Icon module for PrestaShop. In the module “Theme Volty CMS Payment Icon” (tvcmspaymenticon) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions. | 2023-10-03 | 9.8 | CVE-2023-39645 MISC |
prestashop — prestashop | Improper neutralization of SQL parameter in Theme Volty CMS Category Chain Slider module for PrestaShop. In the module “Theme Volty CMS Category Chain Slide”(tvcmscategorychainslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions. | 2023-10-03 | 9.8 | CVE-2023-39646 MISC |
prestashop — prestashop | Improper neutralization of SQL parameter in Theme Volty CMS Category Product module for PrestaShop. In the module “Theme Volty CMS Category Product” (tvcmscategoryproduct) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions. | 2023-10-03 | 9.8 | CVE-2023-39647 MISC |
prestashop — prestashop | Improper neutralization of SQL parameter in Theme Volty CMS Testimonial module for PrestaShop. In the module “Theme Volty CMS Testimonial” (tvcmstestimonial) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions. | 2023-10-03 | 9.8 | CVE-2023-39648 MISC |
prestashop — prestashop | Improper neutralization of SQL parameter in Theme Volty CMS Category Slider module for PrestaShop. In the module “Theme Volty CMS Category Slider” (tvcmscategoryslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions. | 2023-10-03 | 9.8 | CVE-2023-39649 MISC |
prestashop — prestashop | Improper neutralization of SQL parameter in Theme Volty CMS BrandList module for PrestaShop In the module “Theme Volty CMS BrandList” (tvcmsbrandlist) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions. | 2023-10-03 | 9.8 | CVE-2023-39651 MISC |
presto_changeo — attribute_grid | Presto Changeo attributegrid up to 2.0.3 was discovered to contain a SQL injection vulnerability via the component disable_json.php. | 2023-10-05 | 9.8 | CVE-2023-43983 MISC |
presto_changeo — test_site_creator | Presto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization vulnerability via the component delete_excluded_folder.php. | 2023-10-05 | 9.8 | CVE-2023-43981 MISC |
presto_changeo — testsitecreator | Presto Changeo testsitecreator up to v1.1.1 was discovered to contain a SQL injection vulnerability via the component disable_json.php. | 2023-10-02 | 9.8 | CVE-2023-43980 MISC MISC |
pretix — pretix | pretix before 2023.7.2 allows Pillow to parse EPS files. | 2023-09-29 | 7.8 | CVE-2023-44464 MISC MISC MISC MISC CONFIRM |
prointegra — uptime_dc | Improper authorisation of regular users in ProIntegra Uptime DC software (versions below 2.0.0.33940) allows them to change passwords of all other users including administrators leading to a privilege escalation. | 2023-10-04 | 8.8 | CVE-2023-4997 MISC MISC |
puppet — puppet_server | For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. | 2023-10-03 | 7.5 | CVE-2023-5255 MISC |
pure_storage — flasharray_purity | A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation. | 2023-10-03 | 8.8 | CVE-2023-36628 MISC |
qsige — qsige | The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username. | 2023-10-03 | 8.8 | CVE-2023-4097 MISC |
qsige — qsige | It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application. | 2023-10-03 | 8.8 | CVE-2023-4098 MISC |
qsige — qsige | Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other actions. | 2023-10-03 | 8.2 | CVE-2023-4100 MISC |
qualcomm — 315_5g_iot_modem_firmware | Memory Corruption in Data Modem while making a MO call or MT VOLTE call. | 2023-10-03 | 9.8 | CVE-2023-22385 MISC |
qualcomm — 315_5g_iot_modem_firmware | Transient DOS in Modem while triggering a camping on an 5G cell. | 2023-10-03 | 7.5 | CVE-2023-24843 MISC |
qualcomm — 315_5g_iot_modem_firmware | Transient DOS in Modem while allocating DSM items. | 2023-10-03 | 7.5 | CVE-2023-24847 MISC |
qualcomm — 315_5g_iot_modem_firmware | Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. | 2023-10-03 | 7.5 | CVE-2023-24848 MISC |
qualcomm — 315_5g_iot_modem_firmware | Information Disclosure in data Modem while parsing an FMTP line in an SDP message. | 2023-10-03 | 7.5 | CVE-2023-24849 MISC |
qualcomm — 315_5g_iot_modem_firmware | Cryptographic issue in Data Modem due to improper authentication during TLS handshake. | 2023-10-03 | 7.5 | CVE-2023-28540 MISC |
qualcomm — 315_5g_iot_modem_firmware | Transient DOS in WLAN Firmware while parsing rsn ies. | 2023-10-03 | 7.5 | CVE-2023-33027 MISC |
qualcomm — apq8017_firmware | Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. | 2023-10-03 | 7.8 | CVE-2023-24850 MISC |
qualcomm — apq8064au_firmware | Weak configuration in Automotive while VM is processing a listener request from TEE. | 2023-10-03 | 8.2 | CVE-2023-22382 MISC |
qualcomm — aqt1000_firmware | Improper Access to the VM resource manager can lead to Memory Corruption. | 2023-10-03 | 7.8 | CVE-2023-21673 MISC |
qualcomm — ar8035_firmware | Memory corruption in Modem while processing security related configuration before AS Security Exchange. | 2023-10-03 | 9.8 | CVE-2023-24855 MISC |
qualcomm — ar8035_firmware | Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. | 2023-10-03 | 9.8 | CVE-2023-33028 MISC |
qualcomm — ar8035_firmware | Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range. | 2023-10-03 | 7.8 | CVE-2023-24844 MISC |
qualcomm — ar8035_firmware | Memory Corruption in HLOS while registering for key provisioning notify. | 2023-10-03 | 7.8 | CVE-2023-24853 MISC |
qualcomm — ar8035_firmware | Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. | 2023-10-03 | 7.8 | CVE-2023-28539 MISC |
qualcomm — ar8035_firmware | Memory corruption in DSP Service during a remote call from HLOS to DSP. | 2023-10-03 | 7.8 | CVE-2023-33029 MISC |
qualcomm — ar8035_firmware | Memory corruption while invoking callback function of AFE from ADSP. | 2023-10-03 | 7.8 | CVE-2023-33035 MISC |
qualcomm — ar8035_firmware | Transient DOS in WLAN Firmware while parsing a NAN management frame. | 2023-10-03 | 7.5 | CVE-2023-33026 MISC |
qualcomm — csra6620_firmware | Memory corruption while parsing the ADSP response command. | 2023-10-03 | 7.8 | CVE-2023-33034 MISC |
qualcomm — qam8295p_firmware | Memory corruption in Automotive Display while destroying the image handle created using connected display driver. | 2023-10-03 | 7.8 | CVE-2023-33039 MISC |
qualcomm — qca6574au_firmware | Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ). | 2023-10-03 | 7.8 | CVE-2023-22384 MISC |
rdiffweb — rdiffweb | Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4. | 2023-09-29 | 8.8 | CVE-2023-5289 MISC MISC |
red_hat — openshift | A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra notebook pipeline editor as Python DSL or YAML, it reads S3 credentials from the cluster (ds pipeline server) and saves them in plain text in the generated output instead of an ID for a Kubernetes secret. | 2023-10-04 | 7.5 | CVE-2023-3361 MISC MISC MISC |
riello-ups — netman_204_firmware | All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery function. | 2023-10-03 | 8.8 | CVE-2022-47891 MISC |
riello-ups — netman_204_firmware | All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config.cgi) containing sensitive information, like credentials. | 2023-10-03 | 7.5 | CVE-2022-47892 MISC |
riello_ups — netman_204_firmware | There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root. | 2023-10-03 | 9.8 | CVE-2022-47893 MISC |
rockoa — rockoa | A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. Affected by this issue is some unknown functionality of the file api.php?m=reimplat&a=index of the component Password Handler. The manipulation leads to weak password recovery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-240926 is the identifier assigned to this vulnerability. | 2023-09-29 | 7.5 | CVE-2023-5296 MISC MISC MISC |
rockoa — rockoa | A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This affects the function start of the file task.php?m=sys|runt&a=beifen. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240927. | 2023-09-29 | 7.5 | CVE-2023-5297 MISC MISC MISC |
sage — sage_200_spain | Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation of which could allow a remote attacker to extract SQL database credentials from the DLL application. This vulnerability could be linked to known techniques to obtain remote execution of MS SQL commands and escalate privileges on Windows systems because the credentials are stored in plaintext. | 2023-10-04 | 9.8 | CVE-2023-2809 MISC |
salesagility — suitecrm | SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1. | 2023-10-03 | 9.1 | CVE-2023-5350 MISC MISC |
samsung — android | Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows attacker to perform code execution. | 2023-10-04 | 9.8 | CVE-2023-30733 MISC |
samsung — android | Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities. | 2023-10-04 | 7.8 | CVE-2023-30692 MISC |
samsung — android | Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction. | 2023-10-04 | 7.5 | CVE-2023-30727 MISC |
samsung — galaxy_book_firmware | An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption. | 2023-10-04 | 7.8 | CVE-2023-30738 MISC |
sato — cl4nx-j_plus_firmware | A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WebConfig. The manipulation leads to improper authentication. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241027. | 2023-10-01 | 8.8 | CVE-2023-5326 MISC MISC MISC |
sato — cl4nx-j_plus_firmware | A vulnerability classified as critical has been found in SATO CL4NX-J Plus 1.13.2-u455_r2. This affects an unknown part of the component Cookie Handler. The manipulation with the input auth=user,level1,settings; web=true leads to improper authentication. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-241029 was assigned to this vulnerability. | 2023-10-02 | 8.8 | CVE-2023-5328 MISC MISC MISC |
setelsa_security — conacwin | Relative path traversal vulnerability in Setelsa Security’s ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the “Download file” parameter. | 2023-10-04 | 7.5 | CVE-2023-3512 MISC MISC |
sick — sim1012-0p0g200_firmware | A remote unauthorized attacker may connect to the SIM1012, interact with the device and change configuration settings. The adversary may also reset the SIM and in the worst case upload a new firmware version to the device. | 2023-09-29 | 9.8 | CVE-2023-5288 MISC MISC MISC |
slims — slims | Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the “scrape_image.php” file in the imageURL parameter. | 2023-10-02 | 8.8 | CVE-2023-3744 MISC |
soflyy — oxygen_builder | Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Oxygen Builder plugin <= 4.4 versions. | 2023-10-03 | 8.8 | CVE-2022-46841 MISC |
sonicwall — net_extender | A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality. | 2023-10-03 | 7.8 | CVE-2023-44217 MISC MISC |
sonicwall — net_extender | A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with ‘SYSTEM’ level privileges, leading to a local privilege escalation (LPE) vulnerability. | 2023-10-03 | 7.8 | CVE-2023-44218 MISC |
sourcecodester — best_courier_management_system | A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-240882 is the identifier assigned to this vulnerability. | 2023-09-29 | 8.8 | CVE-2023-5269 MISC MISC MISC |
sourcecodester — best_courier_management_system | A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240883. | 2023-09-29 | 8.8 | CVE-2023-5270 MISC MISC MISC |
sourcecodester — best_courier_management_system | A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240884. | 2023-09-29 | 8.8 | CVE-2023-5271 MISC MISC MISC |
sourcecodester — best_courier_management_system | A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-240885 was assigned to this vulnerability. | 2023-09-29 | 8.8 | CVE-2023-5272 MISC MISC MISC |
sourcecodester — engineers_online_portal | A vulnerability classified as critical was found in SourceCodester Engineers Online Portal 1.0. This vulnerability affects unknown code of the file downloadable_student.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-240904. | 2023-09-29 | 9.8 | CVE-2023-5276 MISC MISC MISC |
sourcecodester — engineers_online_portal | A vulnerability, which was classified as critical, has been found in SourceCodester Engineers Online Portal 1.0. This issue affects some unknown processing of the file student_avatar.php. The manipulation of the argument change leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240905 was assigned to this vulnerability. | 2023-09-29 | 9.8 | CVE-2023-5277 MISC MISC MISC |
sourcecodester — engineers_online_portal | A vulnerability, which was classified as critical, was found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-240906 is the identifier assigned to this vulnerability. | 2023-09-29 | 9.8 | CVE-2023-5278 MISC MISC MISC |
sourcecodester — engineers_online_portal | A vulnerability has been found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file my_classmates.php. The manipulation of the argument teacher_class_student_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240907. | 2023-09-29 | 9.8 | CVE-2023-5279 MISC MISC MISC |
sourcecodester — engineers_online_portal | A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file my_students.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240908. | 2023-09-29 | 9.8 | CVE-2023-5280 MISC MISC MISC |
sourcecodester — engineers_online_portal | A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as critical. This affects an unknown part of the file remove_inbox_message.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240909 was assigned to this vulnerability. | 2023-09-29 | 9.8 | CVE-2023-5281 MISC MISC MISC |
sourcecodester — engineers_online_portal | A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seed_message_student.php. The manipulation of the argument teacher_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-240910 is the identifier assigned to this vulnerability. | 2023-09-29 | 9.8 | CVE-2023-5282 MISC MISC MISC |
sourcecodester — engineers_online_portal | A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teacher_signup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240911. | 2023-09-29 | 8.8 | CVE-2023-5283 MISC MISC MISC |
sourcecodester — engineers_online_portal | A vulnerability classified as critical has been found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file upload_save_student.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240912. | 2023-09-29 | 8.8 | CVE-2023-5284 MISC MISC MISC |
sourcecodester — online_computer_and_laptop_store | A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function register of the file Master.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-241254 is the identifier assigned to this vulnerability. | 2023-10-04 | 9.8 | CVE-2023-5373 MISC MISC MISC |
sourcecodester — online_computer_and_laptop_store | A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241255. | 2023-10-04 | 9.8 | CVE-2023-5374 MISC MISC MISC |
sourcecodester — simple_membership_system | A vulnerability, which was classified as critical, has been found in SourceCodester Simple Membership System 1.0. This issue affects some unknown processing of the file group_validator.php. The manipulation of the argument club_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240869 was assigned to this vulnerability. | 2023-09-29 | 9.8 | CVE-2023-5260 MISC MISC MISC |
static-server — static-server | All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js. | 2023-10-03 | 7.5 | CVE-2023-26152 MISC MISC MISC |
super_store_finder — super_store_finder | Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php content. | 2023-10-02 | 8.8 | CVE-2023-43835 MISC |
tcman — gim | TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the ‘SqlWhere’ parameter inside the function ‘BuscarESM’. The exploitation of this vulnerability might allow a remote attacker to directly interact with the database. | 2023-10-04 | 9.8 | CVE-2022-36276 MISC |
tenda — ac6_firmware | Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | 2023-10-03 | 9.8 | CVE-2023-40830 MISC |
tibco_software_inc. — nimbus | The Web Client component of TIBCO Software Inc.’s TIBCO Nimbus contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts targeting the affected system or the victim’s local system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO Nimbus: versions 10.6.0 and below. | 2023-09-29 | 9 | CVE-2023-26218 MISC |
tongda — tongda_oa | A vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240870 is the identifier assigned to this vulnerability. | 2023-09-29 | 9.8 | CVE-2023-5261 MISC MISC MISC |
tongda — tongda_oa | A vulnerability, which was classified as critical, has been found in Tongda OA 2017. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_transfer/delete.php. The manipulation of the argument TRANSFER_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240878 is the identifier assigned to this vulnerability. | 2023-09-29 | 9.8 | CVE-2023-5265 MISC MISC MISC |
tongda — tongda_oa | A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/hr_pool/delete.php. The manipulation of the argument EXPERT_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-240880. | 2023-09-29 | 9.8 | CVE-2023-5267 MISC MISC MISC |
tongda — tongda_oa | A vulnerability classified as critical was found in Tongda OA 2017. Affected by this vulnerability is an unknown functionality of the file general/hr/recruit/recruitment/delete.php. The manipulation of the argument RECRUITMENT_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-240913 was assigned to this vulnerability. | 2023-09-29 | 7.5 | CVE-2023-5285 MISC MISC MISC |
tongda — tongda_oa | A vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTS_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240938 is the identifier assigned to this vulnerability. | 2023-09-30 | 7.5 | CVE-2023-5298 MISC MISC MISC |
ttsplanning — ttsplanning | A vulnerability classified as critical has been found in TTSPlanning up to 20230925. This affects an unknown part. The manipulation of the argument uid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240939. | 2023-09-30 | 9.8 | CVE-2023-5300 MISC MISC MISC |
turna — advertising_administration_panel | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Turna Advertising Administration Panel allows SQL Injection.This issue affects Advertising Administration Panel: before 1.1. | 2023-10-06 | 9.8 | CVE-2023-4530 MISC |
unify — session_border_controller | Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users. | 2023-10-04 | 9.8 | CVE-2023-36619 CONFIRM MISC MISC |
unify — session_border_controller | Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users. | 2023-10-04 | 8.8 | CVE-2023-36618 CONFIRM MISC MISC |
vim — vim | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. | 2023-10-02 | 7.5 | CVE-2023-5344 MISC MISC MISC |
wordpress — wordpress | A vulnerability was found in Most Popular Posts Widget Plugin up to 0.8 on WordPress. It has been classified as critical. Affected is the function add_views/show_views of the file functions.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 0.9 is able to address this issue. The patch is identified as a99667d11ac8d320006909387b100e9a8b5c12e1. It is recommended to upgrade the affected component. VDB-241026 is the identifier assigned to this vulnerability. | 2023-10-02 | 9.8 | CVE-2015-10124 MISC MISC MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions. | 2023-10-04 | 8.8 | CVE-2023-25025 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy WP tell a friend popup form plugin <= 7.1 versions. | 2023-10-03 | 8.8 | CVE-2023-25463 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Update Theme and Plugins from Zip File plugin <= 2.0.0 versions. | 2023-10-04 | 8.8 | CVE-2023-25489 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Saphali Saphali Woocommerce Lite plugin <= 1.8.13 versions. | 2023-10-04 | 8.8 | CVE-2023-25788 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in CAGE Web Design | Rolf van Gelder Optimize Database after Deleting Revisions plugin <= 5.1 versions. | 2023-10-04 | 8.8 | CVE-2023-25980 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Make Paths Relative plugin <= 1.3.0 versions. | 2023-10-04 | 8.8 | CVE-2023-27433 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui HTTP Auth plugin <= 0.3.2 versions. | 2023-10-03 | 8.8 | CVE-2023-27435 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Trustindex.Io WP Testimonials plugin <= 1.4.2 versions. | 2023-10-03 | 8.8 | CVE-2023-2830 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simple Org Chart plugin <= 2.3.4 versions. | 2023-10-06 | 8.8 | CVE-2023-28791 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Fugu Maintenance Switch plugin <= 1.5.2 versions. | 2023-10-06 | 8.8 | CVE-2023-29235 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <= 0.9.4 versions. | 2023-10-03 | 8.8 | CVE-2023-32091 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin <= 2.0.4 versions. | 2023-10-03 | 8.8 | CVE-2023-37891 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Mike Perelink Pro plugin <= 2.1.4 versions. | 2023-10-03 | 8.8 | CVE-2023-37990 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Monchito.Net WP Emoji One plugin <= 0.6.0 versions. | 2023-10-03 | 8.8 | CVE-2023-37991 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions. | 2023-10-03 | 8.8 | CVE-2023-37992 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions. | 2023-10-04 | 8.8 | CVE-2023-37995 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions. | 2023-10-03 | 8.8 | CVE-2023-37996 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler plugin <= 3.0.3 versions. | 2023-10-03 | 8.8 | CVE-2023-37998 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Cyle Conoly WP-FlyBox plugin <= 6.46 versions. | 2023-10-03 | 8.8 | CVE-2023-38381 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Anshul Labs Mobile Address Bar Changer plugin <= 3.0 versions. | 2023-10-03 | 8.8 | CVE-2023-38390 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez plugin <= 3.1.2 versions. | 2023-10-03 | 8.8 | CVE-2023-38396 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Taboola plugin <= 2.0.1 versions. | 2023-10-03 | 8.8 | CVE-2023-38398 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets plugin <= 2.2.8 versions. | 2023-10-03 | 8.8 | CVE-2023-39165 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.2.6 versions. | 2023-10-03 | 8.8 | CVE-2023-39917 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Post Grid plugin <= 7.2.7 versions. | 2023-10-03 | 8.8 | CVE-2023-39923 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in 99robots Header Footer Code Manager plugin <= 1.1.34 versions. | 2023-10-03 | 8.8 | CVE-2023-39989 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab WP Like Button plugin <= 1.7.0 versions. | 2023-10-03 | 8.8 | CVE-2023-40199 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in FuturioWP Futurio Extra plugin <= 1.8.4 versions leads to activation of arbitrary plugin. | 2023-10-03 | 8.8 | CVE-2023-40201 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Hannes Etzelstorfer // codemiq WP HTML Mail plugin <= 3.4.1 versions. | 2023-10-03 | 8.8 | CVE-2023-40202 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Sean Barton (Tortoise IT) SB Child List plugin <= 4.5 versions. | 2023-10-03 | 8.8 | CVE-2023-40210 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin <= 3.3.5 versions. | 2023-10-03 | 8.8 | CVE-2023-40558 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Dynamic Pricing and Discount Rules for WooCommerce plugin <= 2.4.0 versions. | 2023-10-04 | 8.8 | CVE-2023-40559 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Enhanced Ecommerce Google Analytics for WooCommerce plugin <= 3.7.1 versions. | 2023-10-04 | 8.8 | CVE-2023-40561 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin <= 1.10.0 versions. | 2023-10-06 | 8.8 | CVE-2023-40607 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Buildfail Localize Remote Images plugin <= 1.0.9 versions. | 2023-10-03 | 8.8 | CVE-2023-41244 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in edward_plainview MyCryptoCheckout plugin <= 2.125 versions. | 2023-10-03 | 8.8 | CVE-2023-41693 MISC |
xiph — vorbis-tools | Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files. | 2023-10-02 | 7.8 | CVE-2023-43361 MISC MISC MISC MISC |
zzzcms — zzzcms | A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240872. | 2023-09-29 | 8.8 | CVE-2023-5263 MISC MISC MISC |
Medium Vulnerabilities
Primary Vendor — Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
acilia — widestand | Cross-site Scripting (XSS) reflected vulnerability on WideStand until 5.3.5 version, which generates one of the meta tags directly using the content of the queried URL, which would allow an attacker to inject HTML/Javascript code into the response. | 2023-10-04 | 6.1 | CVE-2023-4090 MISC |
acronis — agent | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 29258. | 2023-10-04 | 5.5 | CVE-2023-44210 MISC MISC |
animal-art-lab — animal-art-lab | An issue in animal-art-lab v13.6.1 allows attackers to send crafted notifications via leakage of the channel access token. | 2023-10-02 | 5.4 | CVE-2023-43297 MISC |
arm — 5th_gen_gpu_architecture_kernel_driver | A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | 2023-10-01 | 5.5 | CVE-2023-4211 MISC |
arm — mali_gpu_kernel_driver | A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. | 2023-10-03 | 4.7 | CVE-2023-33200 MISC |
arm — valhall_gpu_kernel_driver | A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory | 2023-10-03 | 4.7 | CVE-2023-34970 MISC |
broadpeak — centralized_accounts_management_auth_agent | A cross-site scripting (XSS) vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575_ee9195b0, 01.01.01.30097902_fd999e76, and 00.12.01.9565588_1254b459 allows remote attackers to inject arbitrary web script or HTML via the disconnectMessage parameter. | 2023-10-03 | 6.1 | CVE-2023-40519 MISC |
buddyboss — buddyboss | Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users’ albums. This vulnerability can be exploited by changing the album identification (id). | 2023-10-03 | 5.4 | CVE-2023-32669 MISC |
buddyboss — buddyboss | Cross-Site Scripting vulnerability in BuddyBoss 2.2.9 version , which could allow a local attacker with basic privileges to execute a malicious payload through the “[name]=image.jpg” parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is loaded. | 2023-10-03 | 5.4 | CVE-2023-32670 MISC |
capensis — canopsis | This vulnerability could allow an attacker to store a malicious JavaScript payload in the login footer and login page description parameters within the administration panel. | 2023-10-03 | 4.8 | CVE-2023-3196 MISC |
capensis — canopsis | This vulnerability could allow an attacker to store a malicious JavaScript payload in the broadcast message parameter within the admin panel. | 2023-10-03 | 4.8 | CVE-2023-4564 MISC |
concrete_cms — concrete_cms | Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects. | 2023-10-06 | 5.4 | CVE-2023-44761 MISC |
concrete_cms — concrete_cms | A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings – Tags. | 2023-10-06 | 5.4 | CVE-2023-44762 MISC |
concrete_cms — concrete_cms | A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SITE parameter from installation or in the Settings. | 2023-10-06 | 5.4 | CVE-2023-44764 MISC |
concrete_cms — concrete_cms | A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings. | 2023-10-06 | 5.4 | CVE-2023-44765 MISC |
concrete_cms — concrete_cms | A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO – Extra from Page Settings. | 2023-10-06 | 5.4 | CVE-2023-44766 MISC |
dell — smartfabric_storage_software | Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. A remote authenticated attacker could potentially exploit this vulnerability, leading to modify or write arbitrary files to arbitrary locations in the license container. | 2023-10-05 | 6.5 | CVE-2023-43070 MISC |
dell — smartfabric_storage_software | Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data. | 2023-10-05 | 6.5 | CVE-2023-43073 MISC |
dell — smartfabric_storage_software | Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to various injection type attacks. | 2023-10-05 | 5.4 | CVE-2023-43071 MISC |
dolibarr — dolibarr | Cross-site Scripting (XSS) – Generic in GitHub repository dolibarr/dolibarr prior to 18.0. | 2023-10-01 | 6.1 | CVE-2023-5323 MISC MISC |
easy_address_book_web_server — easy_address_book_web_server | Vulnerability in Easy Address Book Web Server 1.6 version, affecting the parameters (firstname, homephone, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate and workzip) of the /addrbook.ghp file, allowing an attacker to inject a JavaScript payload specially designed to run when the application is loaded. | 2023-10-04 | 6.1 | CVE-2023-4492 MISC |
easy_address_book_web_server — easy_address_book_web_server | Stored Cross-Site Scripting in Easy Address Book Web Server 1.6 version, through the users_admin.ghp file that affects multiple parameters such as (firstname, homephone, lastname, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate, workzip). This vulnerability allows a remote attacker to store a malicious JavaScript payload in the application to be executed when the page is loaded, resulting in an integrity impact. | 2023-10-04 | 5.4 | CVE-2023-4493 MISC |
easy_chat_server — easy_chat_server | Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Resume parameter. The XSS is loaded from /register.ghp. | 2023-10-04 | 6.1 | CVE-2023-4495 MISC |
easy_chat_server — easy_chat_server | Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /body2.ghp (POST method), in the mtowho parameter. | 2023-10-04 | 6.1 | CVE-2023-4496 MISC |
easy_chat_server — easy_chat_server | Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Icon parameter. The XSS is loaded from /users.ghp. | 2023-10-04 | 6.1 | CVE-2023-4497 MISC |
eclipse — mosquitto | In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. | 2023-10-02 | 5.3 | CVE-2023-0809 MISC |
ecshop — ecshop | A vulnerability, which was classified as critical, was found in ECshop 4.1.5. Affected is an unknown function of the file /admin/leancloud.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240924. | 2023-09-29 | 6.5 | CVE-2023-5293 MISC MISC MISC |
eeroos — eeroos | A vulnerability has been found in eeroOS up to 6.16.4-11 and classified as critical. This vulnerability affects unknown code of the component Ethernet Interface. The manipulation leads to denial of service. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241024. | 2023-10-01 | 6.5 | CVE-2023-5324 MISC MISC MISC |
emlog — emlog | A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title field. | 2023-10-02 | 5.4 | CVE-2023-43267 MISC MISC |
foreman — foreman | A sensitive information exposure vulnerability was found in foreman. Contents of tomcat’s server.xml file, which contain passwords to candlepin’s keystore and truststore, were found to be world readable. | 2023-10-03 | 4.4 | CVE-2023-4886 MISC MISC |
foru_cms — foru_cms | A vulnerability classified as problematic was found in ForU CMS. This vulnerability affects unknown code of the file /admin/cms_admin.php. The manipulation of the argument del leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-240868. | 2023-09-29 | 4.9 | CVE-2023-5259 MISC MISC MISC |
freebsd — freebsd | On an msdosfs filesystem, the ‘truncate’ or ‘ftruncate’ system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file). | 2023-10-04 | 6.5 | CVE-2023-5368 MISC |
furuno_systems — acera_1210_firmware | Cross-site scripting vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to inject an arbitrary script via a crafted configuration. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode. | 2023-10-03 | 5.4 | CVE-2023-39429 MISC MISC |
furuno_systems — acera_1310_firmware | Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in ST(Standalone) mode. | 2023-10-03 | 5.7 | CVE-2023-43627 MISC MISC |
gitlab — gitlab | An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration. | 2023-09-29 | 5.7 | CVE-2023-0989 MISC MISC |
gitlab — gitlab | A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects. | 2023-09-29 | 5.3 | CVE-2023-3914 MISC MISC |
gitlab — gitlab | An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to leak the owner’s Sentry instance projects. | 2023-09-29 | 4.3 | CVE-2023-2233 MISC MISC |
gitlab — gitlab | An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project repositories. | 2023-09-29 | 4.3 | CVE-2023-3115 MISC MISC |
gitlab — gitlab | An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship between existing projects contrary to the documentation. | 2023-09-29 | 4.3 | CVE-2023-3920 MISC MISC |
gitlab — gitlab | An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on your branch get permission to write to the merge request’s source branch. | 2023-09-29 | 4.3 | CVE-2023-3979 MISC MISC |
gitlab — gitlab | An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a member of. | 2023-09-29 | 4.3 | CVE-2023-4532 MISC MISC |
gitlab — gitlab | An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys. | 2023-09-29 | 4.3 | CVE-2023-5198 MISC MISC |
google — android | In video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433. | 2023-10-02 | 6.7 | CVE-2023-32821 MISC |
google — android | In ftm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07994229; Issue ID: ALPS07994229. | 2023-10-02 | 6.7 | CVE-2023-32822 MISC |
google — android | In rpmb, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912966. | 2023-10-02 | 6.7 | CVE-2023-32823 MISC |
google — android | In rpmb, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912961. | 2023-10-02 | 6.7 | CVE-2023-32824 MISC |
google — android | In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544. | 2023-10-02 | 6.7 | CVE-2023-32826 MISC |
google — android | In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539. | 2023-10-02 | 6.7 | CVE-2023-32827 MISC |
google — android | In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03802522; Issue ID: DTV03802522. | 2023-10-02 | 6.7 | CVE-2023-32830 MISC |
google — android | In display, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS08014138. | 2023-10-02 | 4.4 | CVE-2023-32819 MISC |
hashicorp — vault | A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8. | 2023-09-29 | 4.9 | CVE-2023-3775 MISC |
hitachi — ops_center_administrator | Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users to gain sensive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00. | 2023-10-03 | 5.5 | CVE-2023-3335 MISC |
ibm — content_navigator | IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 264019. | 2023-10-04 | 5.4 | CVE-2023-40684 MISC MISC |
ibm — filenet_content_manager | IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 259384. | 2023-10-04 | 5.4 | CVE-2023-35905 MISC MISC |
ibm — security_guardium | IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897. | 2023-10-04 | 5.3 | CVE-2022-43906 MISC MISC |
ibm — urbancode_deploy | IBM UrbanCode Deploy (UCD) 7.1 – 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0 under certain configurations could allow an authenticated user to make changes to environment variables due to improper authentication controls. IBM X-Force ID: 263581. | 2023-10-04 | 6.5 | CVE-2023-40376 MISC MISC |
ingeteam — ingepac_da3451_firmware | Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol (1925/UDP) to obtain device-specific information without the need for authentication. | 2023-10-02 | 4.3 | CVE-2023-3770 MISC |
inure — inure | Missing Authorization in GitHub repository hamza417/inure prior to build94. | 2023-09-30 | 5.5 | CVE-2023-5321 MISC MISC |
jfrog — artifactory | JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body. | 2023-10-03 | 6.5 | CVE-2023-42508 MISC |
jizhicms — jizhicms | There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information | 2023-10-02 | 6.5 | CVE-2023-43836 MISC MISC |
lemonldap — lemonldap | A Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1 allows authenticated remote attackers to send GET requests to arbitrary URLs through the request_uri authorization parameter. This is similar to CVE-2020-10770. | 2023-09-29 | 4.3 | CVE-2023-44469 MISC MISC MISC MLIST |
libhv — libhv | All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting (XSS) such that when a file with a name containing a malicious payload is served by the application, the filename is displayed without proper sanitization when it is rendered. | 2023-09-29 | 6.1 | CVE-2023-26146 MISC MISC |
libhv — libhv | All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n (carriage return line feeds) characters to end the HTTP response headers and inject malicious content, like for example additional headers or new response body, leading to a potential XSS vulnerability. | 2023-09-29 | 6.1 | CVE-2023-26147 MISC MISC |
libhv — libhv | All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n (carriage return line feeds) characters and inject additional headers in the request sent. | 2023-09-29 | 5.3 | CVE-2023-26148 MISC MISC |
linux — kernel | A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x. | 2023-10-03 | 4.7 | CVE-2023-4732 MISC MISC |
mattermost — mattermost | Mattermost fails to enforce character limits in all possible notification props allowing an attacker to send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users. | 2023-09-29 | 6.5 | CVE-2023-5196 MISC |
mattermost — mattermost | Mattermost fails to properly validate the permissions when soft deleting a team allowing a team member to soft delete other teams that they are not part of | 2023-09-29 | 5.4 | CVE-2023-5195 MISC |
mattermost — mattermost | Mattermost fails to check the Show Full Name option at the /api/v4/teams/TEAM_ID/top/team_members endpoint allowing a member to get the full name of another user even if the Show Full Name option was disabled | 2023-10-02 | 4.3 | CVE-2023-5160 MISC |
mattermost — mattermost | Mattermost fails to properly validate permissions when demoting and deactivating a user allowing for a system/user manager to demote / deactivate another manager | 2023-09-29 | 4.3 | CVE-2023-5194 MISC |
mediatek,_inc. — multiple_products | Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Banner Management For WooCommerce plugin <= 2.4.2 versions. | 2023-10-03 | 6.5 | CVE-2023-39158 MISC |
mediatek,_inc. — multiple_products | Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Fraud Prevention For Woocommerce plugin <= 2.1.5 versions. | 2023-10-03 | 6.5 | CVE-2023-39159 MISC |
mediatek,_inc. — multiple_products | Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Pipes plugin <= 1.4.0 versions. | 2023-10-03 | 6.5 | CVE-2023-40009 MISC |
mediatek,_inc. — multiple_products | Cross-Site Request Forgery (CSRF) vulnerability in Antsanchez Easy Cookie Law plugin <= 3.1 versions. | 2023-10-03 | 6.5 | CVE-2023-40198 MISC |
mediatek,_inc. — multiple_products | Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Product Attachment for WooCommerce plugin <= 2.1.8 versions. | 2023-10-03 | 6.5 | CVE-2023-40212 MISC |
mediatek,_inc. — multiple_products | In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767817; Issue ID: ALPS07767817. | 2023-10-02 | 6.7 | CVE-2023-32828 MISC |
mediatek,_inc. — multiple_products | In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478. | 2023-10-02 | 6.7 | CVE-2023-32829 MISC |
mhlw — fd_application | FD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker. | 2023-10-02 | 5.5 | CVE-2023-42132 MISC MISC |
mojoportal — mojoportal | Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component. | 2023-10-02 | 6.1 | CVE-2023-44012 MISC |
mosparo — mosparo | Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2. | 2023-10-04 | 6.1 | CVE-2023-5375 MISC MISC |
nothings_stb — nothings_stb | Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file. | 2023-10-03 | 5.5 | CVE-2023-43898 MISC |
nxlog — nxlog_manager | Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests. | 2023-10-03 | 6.5 | CVE-2023-32791 MISC |
nxlog — nxlog_manager | Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests. | 2023-10-03 | 6.5 | CVE-2023-32792 MISC |
nxlog — nxlog_manager | Cross-Site Scripting (XSS) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to inject a malicious JavaScript payload into the ‘Full Name’ field during a user edit, due to improper sanitization of the input parameter. | 2023-10-03 | 6.1 | CVE-2023-32790 MISC |
online_banquet_booking_system — online_banquet_booking_system | A vulnerability, which was classified as problematic, was found in Online Banquet Booking System 1.0. Affected is an unknown function of the file /view-booking-detail.php of the component Account Detail Handler. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. VDB-240942 is the identifier assigned to this vulnerability. | 2023-09-30 | 6.1 | CVE-2023-5303 MISC MISC |
online_banquet_booking_system — online_banquet_booking_system | A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument message leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-240943. | 2023-09-30 | 6.1 | CVE-2023-5304 MISC MISC |
online_banquet_booking_system — online_banquet_booking_system | A vulnerability was found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /mail.php of the component Contact Us Page. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-240944. | 2023-09-30 | 6.1 | CVE-2023-5305 MISC MISC |
open5gs — open5gs | Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information. | 2023-10-03 | 5.9 | CVE-2023-4885 MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “tracking_number” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43702 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “product_info[][name]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43703 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “title” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43704 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “translation_value[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43705 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “email_templates_key” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43706 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “CatalogsPageDescriptionForm[1][name] ” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43707 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “configuration_title[1](MODULE_PAYMENT_SAGE_PAY_SERVER_TEXT_TITLE)” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43708 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “configuration_title[1](MODULE)” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43709 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “configuration_title[1][MODULE_SHIPPING_PERCENT_TEXT_TITLE]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43710 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “admin_firstname” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43711 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “access_levels_name” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43712 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability, which allows attackers to inject JS via the “title” parameter, in the “/admin/admin-menu/add-submit” endpoint, which can lead to unauthorized execution of scripts in a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43713 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “SKIP_CART_PAGE_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43714 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “ENTRY_FIRST_NAME_MIN_LENGTH_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43715 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “MAX_DISPLAY_NEW_PRODUCTS_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43716 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “MSEARCH_HIGHLIGHT_ENABLE_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43717 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “MSEARCH_ENABLE_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43718 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “SHIPPING_GENDER_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43719 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “BILLING_GENDER_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43720 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “PACKING_SLIPS_SUMMARY_TITLE[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43721 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “orders_status_groups_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43722 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “orders_status_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43723 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “derb6zmklgtjuhh2cn5chn2qjbm2stgmfa4.oastify.comscription[1][name]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43724 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “orders_products_status_name_long[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43725 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “orders_products_status_manual_name_long[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43726 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “stock_indication_text[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43727 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “stock_delivery_terms_text[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43728 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “xsell_type_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43729 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “countries_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43730 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “zone_name” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43731 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “tax_class_title” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43732 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “company_address” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43733 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “name” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43734 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “formats_titles[7]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-43735 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “featured_type_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-5111 MISC MISC |
os_commerce — os_commerce | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “specials_type_name[1]” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser. | 2023-09-30 | 5.4 | CVE-2023-5112 MISC MISC |
ovn — open_virtual_network | A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured. | 2023-10-04 | 5.3 | CVE-2023-3153 MISC MISC MISC MISC MISC MISC |
pandorafms — pandora_fms | Cross-site Scripting (XSS) vulnerability in Syslog Section of Pandora FMS allows attacker to cause that users cookie value will be transferred to the attacker’s user’s server. This issue affects Pandora FMS v767 version and prior versions on all platforms. | 2023-10-03 | 6.1 | CVE-2023-0828 MISC |
phpmyfaq — phpmyfaq | Cross-site Scripting (XSS) – DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18. | 2023-09-30 | 6.1 | CVE-2023-5316 MISC MISC |
phpmyfaq — phpmyfaq | Cross-site Scripting (XSS) – DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18. | 2023-09-30 | 6.1 | CVE-2023-5320 MISC MISC |
phpmyfaq — phpmyfaq | Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18. | 2023-09-30 | 5.4 | CVE-2023-5317 MISC MISC |
phpmyfaq — phpmyfaq | Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18. | 2023-09-30 | 5.4 | CVE-2023-5319 MISC MISC |
pleasant_solutions — pleasant_password_server | A cross-site scripting (XSS) vulnerability in the component /framework/cron/action/humanize of Pleasant Solutions Pleasant Password Server v7.11.41.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cronString parameter. | 2023-10-04 | 6.1 | CVE-2023-27121 MISC MISC MISC |
pretix — pretix | An issue was discovered in pretix before 2023.7.1. Incorrect parsing of configuration files causes the application to trust unchecked X-Forwarded-For headers even though it has not been configured to do so. This can lead to IP address spoofing by users of the application. | 2023-10-02 | 5.3 | CVE-2023-44463 MISC MISC MISC MISC CONFIRM |
pure_storage — flasharray_purity | A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection. | 2023-10-03 | 4.9 | CVE-2023-32572 MISC |
pure_storage — purity | A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s object store protocol can impact the availability of the system’s data access and replication protocols. | 2023-10-02 | 4.3 | CVE-2023-31042 MISC |
qsige — qsige | The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application. | 2023-10-03 | 6.5 | CVE-2023-4099 MISC |
qualcomm — apq8064au_firmware | Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. | 2023-10-03 | 5.5 | CVE-2023-28571 MISC |
quick_cms — quick_cms | Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files – Description parameter in the Pages Menu component. | 2023-10-05 | 5.4 | CVE-2023-43343 MISC MISC |
red_hat — multiple_products | A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page). | 2023-10-04 | 5.9 | CVE-2022-4132 MISC MISC |
ritecms — ritecms | Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu. | 2023-10-04 | 4.8 | CVE-2023-43877 MISC |
salesagility — suitecrm | Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1. | 2023-10-03 | 6.5 | CVE-2023-5353 MISC MISC |
salesagility — suitecrm | Cross-site Scripting (XSS) – Stored in GitHub repository salesagility/suitecrm prior to 7.14.1. | 2023-10-03 | 5.4 | CVE-2023-5351 MISC MISC |
samsung — android | Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type. | 2023-10-04 | 4.6 | CVE-2023-30731 MISC |
samsung — health | Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent. | 2023-10-04 | 5.5 | CVE-2023-30734 MISC |
samsung — health | Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent. | 2023-10-04 | 5.5 | CVE-2023-30737 MISC |
samsung — samsung_assistant | Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required. | 2023-10-04 | 5.4 | CVE-2023-30736 MISC |
sato — cl4nx-j_plus_firmware | A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /rest/dir/. The manipulation of the argument full leads to path traversal. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241028. | 2023-10-01 | 6.5 | CVE-2023-5327 MISC MISC MISC |
setelsa_security — conacwin | Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter. | 2023-10-04 | 5.5 | CVE-2023-4037 MISC |
silabs — gecko_software_development_kit | Forcing the Bluetooth LE stack to segment ‘prepare write response’ packets can lead to an out-of-bounds memory access. | 2023-09-29 | 6.5 | CVE-2023-3024 MISC MISC |
small_crm — small_crm | Cross Site Scripting vulnerability in Small CRM in PHP v.3.0 allows a remote attacker to execute arbitrary code via a crafted payload to the Address parameter. | 2023-10-04 | 5.4 | CVE-2023-44075 MISC |
sourcecodester — best_courier_management_system | A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-240886 is the identifier assigned to this vulnerability. | 2023-09-29 | 5.4 | CVE-2023-5273 MISC MISC MISC |
sourcecodester — best_courier_management_system | A vulnerability, which was classified as problematic, has been found in SourceCodester Best Courier Management System 1.0. This issue affects some unknown processing of the component Manage Account Page. The manipulation of the argument First Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240941 was assigned to this vulnerability. | 2023-09-30 | 5.4 | CVE-2023-5302 MISC MISC MISC |
sourcecodester — expense_tracker | A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file add_category.php of the component Category Handler. The manipulation of the argument category_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-240914 is the identifier assigned to this vulnerability. | 2023-09-29 | 5.4 | CVE-2023-5286 MISC MISC MISC |
sourcecodester — task_management_system | A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list. | 2023-09-29 | 5.4 | CVE-2023-43944 MISC |
sscms — sscms | SSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Material Management component. | 2023-10-03 | 5.4 | CVE-2023-43952 MISC |
sscms — sscms | SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Column Management component. | 2023-10-03 | 5.4 | CVE-2023-43951 MISC |
sscms — sscms | SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Content Management component. | 2023-10-03 | 5.4 | CVE-2023-43953 MISC |
tcman — gim | The ‘sReferencia’, ‘sDescripcion’, ‘txtCodigo’ and ‘txtDescripcion’ parameters, in the frmGestionStock.aspx and frmEditServicio.aspx files in TCMAN GIM v8.0.1, could allow an attacker to perform persistent XSS attacks. | 2023-10-04 | 6.1 | CVE-2022-36277 MISC |
upv — peix | Authorization bypass vulnerability in UPV PEIX, affecting the component “pdf_curri_new.php”. Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users. | 2023-10-03 | 6.5 | CVE-2023-2544 MISC |
userfeedback — userfeedback | Unauth. Stored Cross-Site Scripting (XSS) vulnerability in UserFeedback Team User Feedback plugin <= 1.0.7 versions. | 2023-09-29 | 6.1 | CVE-2023-39308 MISC MISC |
whitehsbg — jndiexploit | A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as problematic. Affected by this issue is the function handleFileRequest of the file src/main/java/com/feihong/ldap/HTTPServer.java. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. VDB-240866 is the identifier assigned to this vulnerability. | 2023-09-29 | 5.7 | CVE-2023-5257 MISC MISC MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Photo Gallery Slideshow & Masonry Tiled Gallery plugin <= 1.0.13 versions. | 2023-09-29 | 6.1 | CVE-2023-41658 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ulf Benjaminsson WP-dTree plugin <= 4.4.5 versions. | 2023-09-29 | 6.1 | CVE-2023-41662 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin <= 1.6.9 versions. | 2023-09-29 | 6.1 | CVE-2023-41663 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Hennessey Digital Attorney theme <= 3 theme. | 2023-10-02 | 6.1 | CVE-2023-41692 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickToTweet.Com Click To Tweet plugin <= 2.0.14 versions. | 2023-10-02 | 6.1 | CVE-2023-41856 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dreamfox Payment gateway per Product for WooCommerce plugin <= 3.2.7 versions. | 2023-10-02 | 6.1 | CVE-2023-44144 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.44 versions. | 2023-10-02 | 6.1 | CVE-2023-44244 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin <= 4.0.0 versions. | 2023-10-02 | 6.1 | CVE-2023-44245 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in MD Jakir Hosen Tiger Forms – Drag and Drop Form Builder plugin <= 2.0.0 versions. | 2023-10-02 | 6.1 | CVE-2023-44474 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Stockdio Stock Quotes List plugin <= 2.9.9 versions. | 2023-09-29 | 5.4 | CVE-2023-41666 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Irina Sokolovskaya Goods Catalog plugin <= 2.4.1 versions. | 2023-09-29 | 5.4 | CVE-2023-41687 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rescue Themes Rescue Shortcodes plugin <= 2.5 versions. | 2023-10-02 | 5.4 | CVE-2023-41728 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gold Plugins Locations plugin <= 4.0 versions. | 2023-10-02 | 5.4 | CVE-2023-41797 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WEN Solutions Notice Bar plugin <= 3.1.0 versions. | 2023-10-02 | 5.4 | CVE-2023-41847 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jesweb.Dev Anchor Episodes Index (Spotify for Podcasters) plugin <= 2.1.7 versions. | 2023-10-02 | 5.4 | CVE-2023-44145 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin <= 1.3.54 versions. | 2023-10-02 | 5.4 | CVE-2023-44242 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin <= 2.2.5 versions. | 2023-10-02 | 5.4 | CVE-2023-44264 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Boxy Studio Cooked plugin <= 1.7.13 versions. | 2023-10-02 | 5.4 | CVE-2023-44477 MISC |
wordpress — wordpress | The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ‘AWL-BlogFilter’ shortcode in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-10-04 | 5.4 | CVE-2023-5291 MISC MISC MISC |
wordpress — wordpress | The WP Responsive header image slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ‘sp_responsiveslider’ shortcode in versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-10-03 | 5.4 | CVE-2023-5334 MISC MISC |
wordpress — wordpress | The Instagram for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-10-04 | 5.4 | CVE-2023-5357 MISC MISC |
wordpress — wordpress | The WP Mail SMTP Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the is_print_page function in versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to disclose potentially sensitive email information. | 2023-10-04 | 5.3 | CVE-2023-3213 MISC MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Andreas Heigl authLdap plugin <= 2.5.9 versions. | 2023-09-29 | 4.8 | CVE-2023-41655 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Groundhogg Inc. HollerBox plugin <= 2.3.2 versions. | 2023-09-29 | 4.8 | CVE-2023-41657 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions. | 2023-09-29 | 4.8 | CVE-2023-41661 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions. | 2023-10-02 | 4.8 | CVE-2023-41729 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WordPress publish post email notification plugin <= 1.0.2.2 versions. | 2023-10-02 | 4.8 | CVE-2023-41731 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in YYDevelopment Back To The Top Button plugin <= 2.1.5 versions. | 2023-10-02 | 4.8 | CVE-2023-41733 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nigauri Insert Estimated Reading Time plugin <= 1.2 versions. | 2023-10-02 | 4.8 | CVE-2023-41734 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Email posts to subscribers plugin <= 6.2 versions. | 2023-10-02 | 4.8 | CVE-2023-41736 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPGens Swifty Bar, sticky bar by WPGens plugin <= 1.2.10 versions. | 2023-10-02 | 4.8 | CVE-2023-41737 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in UniConsent UniConsent CMP for GDPR CPRA GPP TCF plugin <= 1.4.2 versions. | 2023-10-02 | 4.8 | CVE-2023-41800 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Regpacks Regpack plugin <= 0.1 versions. | 2023-10-02 | 4.8 | CVE-2023-41855 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions. | 2023-10-02 | 4.8 | CVE-2023-41859 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <= 8.1 versions. | 2023-10-02 | 4.8 | CVE-2023-44228 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions. | 2023-10-02 | 4.8 | CVE-2023-44230 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jobin Jose WWM Social Share On Image Hover plugin <= 2.2 versions. | 2023-10-02 | 4.8 | CVE-2023-44239 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Renzo Johnson Blocks plugin <= 1.6.41 versions. | 2023-10-02 | 4.8 | CVE-2023-44262 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Riyaz Social Metrics plugin <= 2.2 versions. | 2023-10-02 | 4.8 | CVE-2023-44263 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <= 7.1 versions. | 2023-10-02 | 4.8 | CVE-2023-44265 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jewel Theme WP Adminify plugin <= 3.1.6 versions. | 2023-10-02 | 4.8 | CVE-2023-44266 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jim Krill WP Jump Menu plugin <= 3.6.4 versions. | 2023-10-02 | 4.8 | CVE-2023-44479 MISC |
wordpress — wordpress | The Profile Extra Fields by BestWebSoft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the prflxtrflds_export_file function in versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to expose potentially sensitive user data, including data entered into custom fields. | 2023-10-06 | 5.3 | CVE-2023-4469 MISC MISC |
zenario_cms — zenario_cms | A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer – Spare alias. | 2023-10-06 | 5.4 | CVE-2023-44770 MISC |
zenario_cms — zenario_cms | A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout. | 2023-10-06 | 5.4 | CVE-2023-44771 MISC |
Low Vulnerabilities
Primary Vendor — Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
gitlab — gitlab | An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy. | 2023-09-29 | 3.5 | CVE-2023-3906 MISC MISC |
mattermost — mattermost | Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots. | 2023-09-29 | 2.7 | CVE-2023-5159 MISC |
mattermost — mattermost | Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation. | 2023-09-29 | 2.7 | CVE-2023-5193 MISC |
phpkobo — ajax_poll_script | A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler. The manipulation leads to improper enforcement of a single, unique action. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240949 was assigned to this vulnerability. | 2023-09-30 | 3.7 | CVE-2023-5313 MISC MISC MISC |
pure_storage — flasharray_purity | A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode. | 2023-10-03 | 2.7 | CVE-2023-28373 MISC |
pure_storage — flashblad_purity | A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock. | 2023-10-02 | 2.7 | CVE-2023-28372 MISC |
pure_storage — flashblade_purity | A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly. | 2023-10-02 | 2.7 | CVE-2023-36627 MISC |
samsung — android | Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number. | 2023-10-04 | 3.3 | CVE-2023-30732 MISC |
samsung — sassistant | Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant. | 2023-10-04 | 3.3 | CVE-2023-30735 MISC |
Severity Not Yet Assigned
Primary Vendor — Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
simple_and_nice_shopping_cart_scrip — simple_and_nice_shopping_cart_script | File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component. | 2023-10-06 | not yet calculated | CVE-2023-44061 MISC |
1e — 1e_client | 1E Client installer can perform arbitrary file deletion on protected files. A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. A hotfix is available Q23092 that forces the 1E Client to check for a symbolic link or junction and if it finds one refuses to use that path and instead creates a path involving a random GUID. | 2023-10-05 | not yet calculated | CVE-2023-45159 MISC |
1e — 1e_client | In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. This has been fixed in patch Q23094 as the 1E Client’s temporary directory is now locked down | 2023-10-05 | not yet calculated | CVE-2023-45160 MISC |
acronis — acronis_agent | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31637. | 2023-10-05 | not yet calculated | CVE-2023-44211 MISC |
acronis — acronis_agent | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31477. | 2023-10-05 | not yet calculated | CVE-2023-44212 MISC MISC |
acronis — acronis_agent | Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | 2023-10-05 | not yet calculated | CVE-2023-44214 MISC |
acronis — acronis_agent | Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | 2023-10-05 | not yet calculated | CVE-2023-45240 MISC |
acronis — acronis_agent | Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | 2023-10-05 | not yet calculated | CVE-2023-45241 MISC |
acronis — acronis_agent | Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | 2023-10-05 | not yet calculated | CVE-2023-45242 MISC |
acronis — acronis_agent | Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | 2023-10-05 | not yet calculated | CVE-2023-45243 MISC |
acronis — acronis_agent | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35895. | 2023-10-06 | not yet calculated | CVE-2023-45244 MISC |
acronis — acronis_agent | Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36119. | 2023-10-06 | not yet calculated | CVE-2023-45245 MISC |
acronis — acronis_agent | Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36343. | 2023-10-06 | not yet calculated | CVE-2023-45246 MISC |
acronis — acronis_agent_for_windows | Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Windows) before build 35739. | 2023-10-05 | not yet calculated | CVE-2023-44213 MISC |
altair-graphql — altair | Altair is a GraphQL Client. Prior to version 5.2.5, the Altair GraphQL Client Desktop Application does not sanitize external URLs before passing them to the underlying system. Moreover, Altair GraphQL Client also does not isolate the context of the renderer process. This affects versions of the software running on MacOS, Windows, and Linux. Version 5.2.5 fixes this issue. | 2023-10-04 | not yet calculated | CVE-2023-43799 MISC MISC |
ansible — ansible | A logic flaw exists in Ansible. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and availability. | 2023-10-04 | not yet calculated | CVE-2023-4380 MISC MISC MISC |
ansible_automation_platform — ansible_automation_platform | A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system’s confidentiality, integrity, and availability. | 2023-10-04 | not yet calculated | CVE-2023-4237 MISC MISC |
atlassian — confluence_data_center | Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. For more details, please review the linked advisory on this CVE. | 2023-10-04 | not yet calculated | CVE-2023-22515 MISC MISC MISC |
buddyboss — buddyboss | A stored XSS vulnerability has been found on BuddyBoss Platform affecting version 2.2.9. This vulnerability allows an attacker to store a malicious javascript payload via POST request when sending an invitation. | 2023-10-03 | not yet calculated | CVE-2023-32671 MISC |
canonical_ltd. — subiquity | Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege. | 2023-10-07 | not yet calculated | CVE-2023-5182 MISC MISC |
checkfront_inc. — checkfront_online_booking_system | Cross-Site Request Forgery (CSRF) vulnerability in Checkfront Inc. Checkfront Online Booking System plugin <= 3.6 versions. | 2023-10-06 | not yet calculated | CVE-2023-44146 MISC |
cisco — ios_xe_software | A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user. This vulnerability exists because Docker containers with the privileged runtime option are not blocked when they are in application development mode. An attacker could exploit this vulnerability by using the Docker CLI to access an affected device. The application development workflow is meant to be used only on development systems and not in production systems. | 2023-10-04 | not yet calculated | CVE-2023-20235 MISC |
cisco — unified_communications_products | A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for device management and is unlikely to be used in normal operations of the device. This vulnerability is due to improper API authentication and incomplete validation of the API request. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to high CPU utilization, which could negatively impact user traffic and management access. When the attack stops, the device will recover without manual intervention. | 2023-10-04 | not yet calculated | CVE-2023-20259 MISC |
citadel — citadel | A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user. | 2023-10-04 | not yet calculated | CVE-2023-44272 MISC MISC MISC MISC |
d-link — dir-820l | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function. | 2023-10-06 | not yet calculated | CVE-2023-44807 MISC MISC |
decidim — decidim | Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The `templates` module doesn’t enforce the correct permissions, allowing any logged-in user to access to this functionality in the administration panel. An attacker could use this vulnerability to change, create or delete templates of surveys. This issue has been patched in version 0.26.8 and 0.27.4. | 2023-10-06 | not yet calculated | CVE-2023-36465 MISC MISC MISC |
digital_china_networks — dcfw-1800-sdc | File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component. | 2023-10-04 | not yet calculated | CVE-2023-43321 MISC MISC |
discourse — discourse-jira | Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the `discourse_jira_verbose_log` site setting. A moderator user could manipulate the request path to the Jira API, allowing them to perform arbitrary GET requests using the Jira API credentials, potentially with elevated permissions, used by the application. | 2023-10-06 | not yet calculated | CVE-2023-44384 MISC MISC MISC |
extreme_networks — iq_engine | IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow. | 2023-10-04 | not yet calculated | CVE-2023-35803 MISC |
facebook — whatsapp_desktop_for_mac | A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability. | 2023-10-04 | not yet calculated | CVE-2023-38537 MISC |
facebook — whatsapp_desktop_for_mac | A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability. | 2023-10-04 | not yet calculated | CVE-2023-38538 MISC |
freebsd — freebsd | Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAP_SEEK capability. This incorrect privilege check enabled sandboxed processes with only read or write but no seek capability on a file descriptor to read data from or write data to an arbitrary location within the file corresponding to that file descriptor. | 2023-10-04 | not yet calculated | CVE-2023-5369 MISC |
freebsd — freebsd | On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0. | 2023-10-04 | not yet calculated | CVE-2023-5370 MISC |
fsevents — fsevents | fsevents before 1.2.11 depends on the https://fsevents-binaries.s3-us-west-2.amazonaws.com URL, which might allow an adversary to execute arbitrary code if any JavaScript project (that depends on fsevents) distributes code that was obtained from that URL at a time when it was controlled by an adversary. | 2023-10-06 | not yet calculated | CVE-2023-45311 MISC MISC MISC MISC MISC MISC MISC |
garuda_linux — garuda_linux | Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the ‘Garuda settings manager’, an insecure procedure is performed that keeps the created user without an assigned password during some seconds. This could allow a potential attacker to exploit this vulnerability in order to authenticate without knowing the password. | 2023-10-04 | not yet calculated | CVE-2021-3784 MISC |
gdidees_cms — gdidees_cms | GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title. | 2023-10-06 | not yet calculated | CVE-2023-44758 MISC |
geokit-rails– geokit-rails | Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the ‘geo_location’ cookie. This issue can be exploited remotely via a malicious cookie value. **Note:** An attacker can use this vulnerability to execute commands on the host system. | 2023-10-06 | not yet calculated | CVE-2023-26153 MISC MISC MISC MISC MISC |
go_toolchain — cmd/go | Line directives (“//line”) can be used to bypass the restrictions on “//go:cgo_” directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running “go build”. The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex. | 2023-10-05 | not yet calculated | CVE-2023-39323 MISC MISC MISC MISC |
google — android | In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. | 2023-10-06 | not yet calculated | CVE-2023-21244 MISC MISC MISC MISC |
google — android | In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-10-06 | not yet calculated | CVE-2023-21252 MISC MISC MISC |
google — android | In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-10-06 | not yet calculated | CVE-2023-21253 MISC MISC MISC MISC |
google — android | In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 2023-10-06 | not yet calculated | CVE-2023-21266 MISC MISC |
google — android | In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. | 2023-10-06 | not yet calculated | CVE-2023-21291 MISC MISC |
gradle — gradle | Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack (OOB-XXE), just parsing XML can lead to exfiltration of local text files to a remote server. Gradle parses XML files for several purposes. Most of the time, Gradle parses XML files it generated or were already present locally. Only Ivy XML descriptors and Maven POM files can be fetched from remote repositories and parsed by Gradle. In Gradle 7.6.3 and 8.4, resolving XML external entities has been disabled for all use cases to protect against this vulnerability. Gradle will now refuse to parse XML files that have XML external entities. | 2023-10-06 | not yet calculated | CVE-2023-42445 MISC MISC MISC |
gradle — gradle | Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to files having too much permissions given that symlinks usually are world readable and writeable. While it is unlikely this results in a direct vulnerability for the impacted build, it may open up attack vectors depending on where build artifacts end up being copied to or un-archived. In versions 7.6.3, 8.4 and above, Gradle will now properly use the permissions of the file pointed at by the symlink to set permissions of the copied or archived file. | 2023-10-05 | not yet calculated | CVE-2023-44387 MISC MISC MISC MISC |
hex_dragon — plain_craft_launcher_2 | Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information. | 2023-10-07 | not yet calculated | CVE-2023-36123 MISC MISC |
hitachi — hitachi_ops_center_common_services | An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise. | 2023-10-04 | not yet calculated | CVE-2023-3971 MISC MISC MISC MISC |
hitachi — jp1/performance_management-manager | Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation.This issue affects JP1/Performance Management – Manager: from 09-00 before 12-50-07; JP1/Performance Management – Base: from 09-00 through 10-50-*; JP1/Performance Management – Agent Option for Application Server: from 11-00 before 11-50-16; JP1/Performance Management – Agent Option for Enterprise Applications: from 09-00 before 12-00-14; JP1/Performance Management – Agent Option for HiRDB: from 09-00 before 12-00-14; JP1/Performance Management – Agent Option for IBM Lotus Domino: from 10-00 before 11-50-16; JP1/Performance Management – Agent Option for Microsoft(R) Exchange Server: from 09-00 before 12-00-14; JP1/Performance Management – Agent Option for Microsoft(R) Internet Information Server: from 09-00 before 12-00-14; JP1/Performance Management – Agent Option for Microsoft(R) SQL Server: from 09-00 before 12-50-07; JP1/Performance Management – Agent Option for Oracle: from 09-00 before 12-10-08; JP1/Performance Management – Agent Option for Platform: from 09-00 before 12-50-07; JP1/Performance Management – Agent Option for Service Response: from 09-00 before 11-50-16; JP1/Performance Management – Agent Option for Transaction System: from 11-00 before 12-00-14; JP1/Performance Management – Remote Monitor for Microsoft(R) SQL Server: from 09-00 before 12-50-07; JP1/Performance Management – Remote Monitor for Oracle: from 09-00 before 12-10-08; JP1/Performance Management – Remote Monitor for Platform: from 09-00 before 12-10-08; JP1/Performance Management – Remote Monitor for Virtual Machine: from 10-00 before 12-50-07; JP1/Performance Management – Agent Option for Domino: from 09-00 through 09-00-*; JP1/Performance Management – Agent Option for IBM WebSphere Application Server: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for IBM WebSphere MQ: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for JP1/AJS3: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for OpenTP1: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for Oracle WebLogic Server: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for uCosminexus Application Server: from 09-00 through 10-00-*; JP1/Performance Management – Agent Option for Virtual Machine: from 09-00 through 09-01-*. | 2023-10-03 | not yet calculated | CVE-2023-3440 MISC |
hotrod-client — hotrod-client | A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack. | 2023-10-04 | not yet calculated | CVE-2023-4586 MISC MISC MISC |
hp_inc. — multiple_products | Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. | 2023-10-04 | not yet calculated | CVE-2023-5113 MISC |
htmlsanitizer — htmlsanitizer | HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. The vulnerability occurs in configurations where foreign content is allowed, i.e. either `svg` or `math` are in the list of allowed elements. In the case an application sanitizes user input with a vulnerable configuration, an attacker could bypass the sanitization and inject arbitrary HTML, including JavaScript code. Note that in the default configuration the vulnerability is not present. The vulnerability has been fixed in versions 8.0.723 and 8.1.722-beta (preview version). | 2023-10-05 | not yet calculated | CVE-2023-44390 MISC MISC |
hydra — hydra | Hydra is the layer-two scalability solution for Cardano. Users of the Hydra head protocol send the UTxOs they wish to commit into the Hydra head first to the `commit` validator, where they remain until they are either collected into the `head` validator or the protocol initialisation is aborted and the value in the committed UTxOs is returned to the users who committed them. Prior to version 0.12.0, the `commit` validator contains a flawed check when the `ViaAbort` redeemer is used, which allows any user to spend any UTxO which is at the validator arbitrarily, meaning an attacker can steal the funds that users are trying to commit into the head validator. The intended behavior is that the funds must be returned to the user which committed the funds and can only be performed by a participant of the head. The `initial` validator also is similarly affected as the same flawed check is performed for the `ViaAbort` redeemer. Due to this issue, an attacker can steal any funds that user’s try to commit into a Hydra head. Also, an attacker can prevent any Hydra head from being successfully opened. It does not allow an attacker to take funds which have been successfully collected into and currently reside in the `head` validator. Version 0.12.0 contains a fix for this issue. | 2023-10-04 | not yet calculated | CVE-2023-38701 MISC MISC MISC MISC |
hydra — hydra | Hydra is the layer-two scalability solution for Cardano. Prior to version 0.13.0, the specification states that the contestation period in the datum of the UTxO at the head validator must stay unchanged as the state progresses from Open to Closed (Close transaction), but no such check appears to be performed in the `checkClose` function of the head validator. This would allow a malicious participant to modify the contestation deadline of the head to either allow them to fanout the head without giving another participant the chance to contest or prevent any participant from ever redistributing the funds locked in the head via a fan-out. Version 0.13.0 contains a patch for this issue. | 2023-10-04 | not yet calculated | CVE-2023-42448 MISC MISC MISC MISC MISC |
hydra — hydra | Hydra is the two-layer scalability solution for Cardano. Prior to version 0.13.0, it is possible for a malicious head initializer to extract one or more PTs for the head they are initializing due to incorrect data validation logic in the head token minting policy which then results in a flawed check for burning the head ST in the `initial` validator. This is possible because it is not checked in `HeadTokens.hs` that the datums of the outputs at the `initial` validator are equal to the real head ID, and it is also not checked in the `off-chain code`. During the `Initial` state of the protocol, if the malicious initializer removes a PT from the Hydra scripts it becomes impossible for any other participant to reclaim any funds they have attempted to commit into the head, as to do so the Abort transaction must burn all the PTs for the head, but they cannot burn the PT which the attacker controls and so cannot satisfy this requirement. That means the initializer can lock the other participants committed funds forever or until they choose to return the PT (ransom). The malicious initializer can also use the PT to spoof that they have committed a particular TxO when progressing the head into the `Open` state. For example, they could say they committed a TxO residing at their address containing 100 ADA, but in fact this 100 ADA was not moved into the head, and thus in order for another participant to perform the fanout they will be forced to pay the attacker the 100 ADA out of their own funds, as the fanout transaction must pay all the committed TxOs (even though the attacker did not really commit that TxO). They can do this by placing the PT in a UTxO with a well-formed `Commit` datum with whatever contents they like, then use this UTxO in the `collectCom` transaction. There may be other possible ways to abuse having control of a PT. Version 0.13.0 fixes this issue. | 2023-10-04 | not yet calculated | CVE-2023-42449 MISC MISC MISC MISC MISC |
ibm — engineering_lifecycle_management | IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version information to a user that could be used in further attacks against the system. IBM X-Force ID: 230498. | 2023-10-06 | not yet calculated | CVE-2022-34355 MISC MISC |
ibm — robotic_process_automation | IBM Robotic Process Automation 23.0.9 is vulnerable to privilege escalation that affects ownership of projects. IBM X-Force ID: 247527. | 2023-10-06 | not yet calculated | CVE-2023-43058 MISC MISC |
ibm — security_directory_suite | IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568. | 2023-10-06 | not yet calculated | CVE-2022-33160 MISC MISC |
ibm — storage_protect_client | IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246. | 2023-10-06 | not yet calculated | CVE-2023-35897 MISC MISC |
idm_sistemas_qsige — qsige | The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application. | 2023-10-03 | not yet calculated | CVE-2023-4101 MISC |
idm_sistemas_qsige — qsige | QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application. | 2023-10-03 | not yet calculated | CVE-2023-4102 MISC |
idm_sistemas_qsige — qsige | QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application. | 2023-10-03 | not yet calculated | CVE-2023-4103 MISC |
imagemagick — imagemagick | A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service. | 2023-10-04 | not yet calculated | CVE-2023-3428 MISC MISC |
keycloak — keycloak | A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as any other client, therefore, access data that belongs to other clients. | 2023-10-04 | not yet calculated | CVE-2023-2422 MISC MISC MISC MISC MISC MISC MISC |
kong — insomnia | Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLD_INSERT_LIBRARIES environment variable. | 2023-10-04 | not yet calculated | CVE-2023-40299 MISC MISC MISC MISC |
libtiff — libtiff | A memory leak flaw was found in Libtiff’s tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service. | 2023-10-04 | not yet calculated | CVE-2023-3576 MISC MISC |
libtiff — libtiff | LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. | 2023-10-05 | not yet calculated | CVE-2023-40745 MISC MISC |
libtiff — libtiff | A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. | 2023-10-05 | not yet calculated | CVE-2023-41175 MISC MISC |
linux — kernel | A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. | 2023-10-05 | not yet calculated | CVE-2023-42754 MISC MISC MISC MISC MISC MISC |
linux — kernel | A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service. | 2023-10-05 | not yet calculated | CVE-2023-42755 MISC MISC MISC |
mbed_tls — mbed_tls | Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. | 2023-10-07 | not yet calculated | CVE-2023-43615 MISC |
mbed_tls — mbed_tls | Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. | 2023-10-07 | not yet calculated | CVE-2023-45199 MISC |
meks — multiple_products | Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup. | 2023-10-03 | not yet calculated | CVE-2023-25989 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
meta — tac_plus | A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server. | 2023-10-06 | not yet calculated | CVE-2023-45239 MISC MISC MISC |
milesight — multiple_products | Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel. | 2023-10-05 | not yet calculated | CVE-2023-43260 MISC |
milesight — multiple_products | An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. | 2023-10-04 | not yet calculated | CVE-2023-43261 MISC MISC MISC MISC MISC |
misskey — misskey | Misskey is an open source, decentralized social media platform. Prior to version 2023.9.0, by editing the URL, a user can bypass the authentication of the Bull dashboard, which is the job queue management UI, and access it. Version 2023.9.0 contains a fix. There are no known workarounds. | 2023-10-04 | not yet calculated | CVE-2023-43793 MISC MISC MISC |
mozilla — common_voice | Common Voice is the web app for Mozilla Common Voice, a platform for collecting speech donations in order to create public domain datasets for training voice recognition-related tools. Version 1.88.2 is vulnerable to reflected Cross-Site Scripting given that user-controlled data flows to a path expression (path of a network request). This issue may lead to reflected Cross-Site Scripting (XSS) in the context of Common Voice’s server origin. As of time of publication, it is unknown whether any patches or workarounds exist. | 2023-10-04 | not yet calculated | CVE-2023-42808 MISC MISC MISC |
national_instruments — measurementlink | An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using version 1.1.0 of the ni-measurementlink-service Python package and all previous versions. | 2023-10-05 | not yet calculated | CVE-2023-4570 MISC |
netbsd_ftpd — netbsd_ftpd | ftpd before “NetBSD-ftpd 20230930” can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) before 20231001 is also vulnerable. | 2023-10-05 | not yet calculated | CVE-2023-45198 MISC MISC |
netis_systems — n3m_firmware | An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service via the authorization component in the HTTP request. | 2023-10-06 | not yet calculated | CVE-2023-44860 MISC |
nexkey — nexkey | Nexkey is a fork of Misskey, an open source, decentralized social media platform. Prior to version 12.121.9, incomplete URL validation can allow users to bypass authentication for access to the job queue dashboard. Version 12.121.9 contains a fix for this issue. As a workaround, it may be possible to avoid this by blocking access using tools such as Cloudflare’s WAF. | 2023-10-04 | not yet calculated | CVE-2023-43805 MISC MISC MISC |
open_mct — open_mct | In NASA Open MCT (aka openmct) 2.2.5 before 545a177, prototype pollution can occur via an import action. | 2023-10-06 | not yet calculated | CVE-2023-45282 MISC MISC |
opentelemetry — opentelemetry | OpenTelemetry, also known as OTel for short, is a vendor-neutral open-source Observability framework for instrumenting, generating, collecting, and exporting telemetry data such as traces, metrics, logs. Autoinstrumentation out of the box adds the label `http_method` that has unbound cardinality. It leads to the server’s potential memory exhaustion when many malicious requests are sent. HTTP method for requests can be easily set by an attacker to be random and long. In order to be affected program has to be instrumented for HTTP handlers and does not filter any unknown HTTP methods on the level of CDN, LB, previous middleware, etc. This issue has been patched in version 0.41b0. | 2023-10-06 | not yet calculated | CVE-2023-43810 MISC MISC MISC |
openvswitch — openvswitch | A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. | 2023-10-06 | not yet calculated | CVE-2023-5366 MISC MISC |
pigcms — pigcms | pigcms up to 7.0 was discovered to contain an arbitrary file upload vulnerability. | 2023-10-05 | not yet calculated | CVE-2023-43269 MISC |
prixan — connect | Prixan prixanconnect up to v1.62 was discovered to contain a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts(). | 2023-10-05 | not yet calculated | CVE-2023-40920 MISC |
puppet — bolt | In Puppet Bolt versions prior to 3.27.4, a path to escalate privileges was identified. | 2023-10-06 | not yet calculated | CVE-2023-5214 MISC |
qnap_systems_inc. — multiple_products | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | 2023-10-06 | not yet calculated | CVE-2023-32971 MISC |
qnap_systems_inc. — multiple_products | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | 2023-10-06 | not yet calculated | CVE-2023-32972 MISC |
qnap_systems_inc. — music_station | A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later | 2023-10-06 | not yet calculated | CVE-2023-23365 MISC |
qnap_systems_inc. — music_station | A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later | 2023-10-06 | not yet calculated | CVE-2023-23366 MISC |
qnap_systems_inc. — qvpn_windows | An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.1.0.0518 and later | 2023-10-06 | not yet calculated | CVE-2023-23370 MISC |
qnap_systems_inc. — qvpn_windows | A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.2.0.0823 and later | 2023-10-06 | not yet calculated | CVE-2023-23371 MISC |
qognify — nicevision | Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. With these credentials an attacker can retrieve information about the cameras, user information, and modify database records. | 2023-10-05 | not yet calculated | CVE-2023-2306 MISC |
quarkus_oidc — quarkus_oidc | A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provider services. Please note that passwords are not stored in access tokens. | 2023-10-04 | not yet calculated | CVE-2023-1584 MISC MISC MISC MISC MISC |
red_hat — multiple_products | A flaw was found in OpenShift API, as admission checks do not enforce “custom-host” permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied. | 2023-10-05 | not yet calculated | CVE-2022-3248 MISC MISC |
red_hat — openshift | A content spoofing flaw was found in OpenShift’s OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation. | 2023-10-05 | not yet calculated | CVE-2022-4145 MISC MISC |
redisson — redisson | Redisson is a Java Redis client that uses the Netty framework. Prior to version 3.22.0, some of the messages received from the Redis server contain Java objects that the client deserializes without further validation. Attackers that manage to trick clients into communicating with a malicious server can include especially crafted objects in its responses that, once deserialized by the client, force it to execute arbitrary code. This can be abused to take control of the machine the client is running in. Version 3.22.0 contains a patch for this issue. Some post-fix advice is available. Do NOT use `Kryo5Codec` as deserialization codec, as it is still vulnerable to arbitrary object deserialization due to the `setRegistrationRequired(false)` call. On the contrary, `KryoCodec` is safe to use. The fix applied to `SerializationCodec` only consists of adding an optional allowlist of class names, even though making this behavior the default is recommended. When instantiating `SerializationCodec` please use the `SerializationCodec(ClassLoader classLoader, Set<String> allowedClasses)` constructor to restrict the allowed classes for deserialization. | 2023-10-04 | not yet calculated | CVE-2023-42809 MISC MISC |
samsung_mobile — samsung_mobile_devices | Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities. | 2023-10-04 | not yet calculated | CVE-2023-30690 MISC |
schneider_electric — c-bus_toolkit | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could cause a path traversal issue when using the File Command. | 2023-10-04 | not yet calculated | CVE-2023-5399 MISC |
schneider_electric — c-bus_toolkit | A CWE-269: Improper Privilege Management vulnerability exists that could cause a local privilege escalation when the transfer command is used. | 2023-10-04 | not yet calculated | CVE-2023-5402 MISC |
schneider_electric — ecostruxure_power_monitoring_expert | A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker to execute arbitrary code on the targeted system by sending a specifically crafted packet to the application. | 2023-10-04 | not yet calculated | CVE-2023-5391 MISC |
silicon_labs — ember_znet | TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected | 2023-10-04 | not yet calculated | CVE-2023-41094 MISC |
snipe — snipe-it | Cross-site Scripting (XSS) – Stored in GitHub repository snipe/snipe-it prior to v6.2.2. | 2023-10-06 | not yet calculated | CVE-2023-5452 MISC MISC |
soft_serve — soft_serve | Soft Serve is a self-hostable Git server for the command line. Prior to version 0.6.2, a security vulnerability in Soft Serve could allow an unauthenticated, remote attacker to bypass public key authentication when keyboard-interactive SSH authentication is active, through the `allow-keyless` setting, and the public key requires additional client-side verification for example using FIDO2 or GPG. This is due to insufficient validation procedures of the public key step during SSH request handshake, granting unauthorized access if the keyboard-interaction mode is utilized. An attacker could exploit this vulnerability by presenting manipulated SSH requests using keyboard-interactive authentication mode. This could potentially result in unauthorized access to the Soft Serve. Users should upgrade to the latest Soft Serve version `v0.6.2` to receive the patch for this issue. To work around this vulnerability without upgrading, users can temporarily disable Keyboard-Interactive SSH Authentication using the `allow-keyless` setting. | 2023-10-04 | not yet calculated | CVE-2023-43809 MISC MISC MISC MISC |
sourcecodester — online_pizza_ordering_system | A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirm_order. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-241384. | 2023-10-05 | not yet calculated | CVE-2023-5423 MISC MISC |
thingsboard — thingboard | ThingsBoard before 3.5 allows Server-Side Template Injection if users are allowed to modify an email template, because Apache FreeMarker supports freemarker.template.utility.Execute (for content sent to the /api/admin/settings endpoint). | 2023-10-06 | not yet calculated | CVE-2023-45303 MISC MISC |
trellix_ — trellix_endpoint_security | A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code. | 2023-10-04 | not yet calculated | CVE-2023-3665 MISC |
urllib3 — urllib3 | urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn’t treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn’t disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5. | 2023-10-04 | not yet calculated | CVE-2023-43804 MISC MISC MISC MISC |
vapor — vapor | Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler closed connections when HTTP parse errors occur instead of passing them on. The issue is fixed as of Vapor release 4.84.2. | 2023-10-05 | not yet calculated | CVE-2023-44386 MISC MISC MISC |
vim — vim | NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. | 2023-10-05 | not yet calculated | CVE-2023-5441 MISC MISC |
watchguard — epdr | An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe. | 2023-10-05 | not yet calculated | CVE-2023-26236 CONFIRM |
watchguard — epdr | An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM. | 2023-10-05 | not yet calculated | CVE-2023-26237 CONFIRM |
watchguard — epdr | An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe. | 2023-10-05 | not yet calculated | CVE-2023-26238 CONFIRM |
watchguard — epdr | An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user. | 2023-10-05 | not yet calculated | CVE-2023-26239 CONFIRM |
webkit — webkit | A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability. | 2023-10-06 | not yet calculated | CVE-2023-39928 MISC MISC |
wireshark — wireshark | RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file | 2023-10-04 | not yet calculated | CVE-2023-5371 MISC MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share Boost plugin <= 4.5 versions. | 2023-10-06 | not yet calculated | CVE-2023-25033 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions. | 2023-10-06 | not yet calculated | CVE-2023-25480 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin <= 2.8.0 versions. | 2023-10-06 | not yet calculated | CVE-2023-27448 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Dipak C. Gajjar WP Super Minify plugin <= 1.5.1 versions. | 2023-10-06 | not yet calculated | CVE-2023-27615 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simple Org Chart plugin <= 2.3.4 versions. | 2023-10-06 | not yet calculated | CVE-2023-40008 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Greg Ross Schedule Posts Calendar plugin <= 5.2 versions. | 2023-10-06 | not yet calculated | CVE-2023-40556 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in ??wp DX-auto-save-images plugin <= 1.4.0 versions. | 2023-10-06 | not yet calculated | CVE-2023-40671 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Remove/hide Author, Date, Category Like Entry-Meta plugin <= 2.1 versions. | 2023-10-06 | not yet calculated | CVE-2023-41650 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Andreas Heigl authLdap plugin <= 2.5.8 versions. | 2023-10-06 | not yet calculated | CVE-2023-41654 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Jules Colle, BDWM Responsive Gallery Grid plugin <= 2.3.10 versions. | 2023-10-06 | not yet calculated | CVE-2023-41659 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Blocks plugin <= 1.0.20 versions. | 2023-10-06 | not yet calculated | CVE-2023-41732 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin <= 4.3 versions. | 2023-10-06 | not yet calculated | CVE-2023-41801 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Laposta – Roel Bousardt Laposta Signup Basic plugin <= 1.4.1 versions. | 2023-10-06 | not yet calculated | CVE-2023-41950 MISC |
wordpress — wordpress | A vulnerability classified as problematic has been found in WP Ultimate CSV Importer Plugin 3.7.2 on WordPress. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 3.7.3 is able to address this issue. The identifier of the patch is 13c30af721d3f989caac72dd0f56cf0dc40fad7e. It is recommended to upgrade the affected component. The identifier VDB-241317 was assigned to this vulnerability. | 2023-10-05 | not yet calculated | CVE-2015-10125 MISC MISC MISC MISC |
wordpress — wordpress | A vulnerability classified as critical was found in Easy2Map Photos Plugin 1.0.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The patch is identified as 503d9ee2482d27c065f78d9546f076a406189908. It is recommended to upgrade the affected component. VDB-241318 is the identifier assigned to this vulnerability. | 2023-10-06 | not yet calculated | CVE-2015-10126 MISC MISC MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in P Royal Royal Elementor Addons and Templates plugin <= 1.3.75 versions. | 2023-10-06 | not yet calculated | CVE-2022-47175 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in FooPlugins Best WordPress Gallery Plugin – FooGallery plugin <= 2.2.44 versions. | 2023-10-06 | not yet calculated | CVE-2023-44233 MISC |
wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Dylan Blokhuis Instant CSS plugin <= 1.2.1 versions. | 2023-10-06 | not yet calculated | CVE-2023-44243 MISC |
zephyr — zephyr | Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem | 2023-10-06 | not yet calculated | CVE-2023-3725 MISC |
zope_foundation — zope | Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.6 | 2023-10-04 | not yet calculated | CVE-2023-44389 MISC MISC MISC |
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.