Palo Alto Networks PAN-OS cross-site scripting | CVE-2023-0010
NAME__________Palo Alto Networks PAN-OS cross-site scriptingPlatforms Affected:Palo Alto Networks PAN-OS 8.1 Palo Alto Networks PAN-OS 9.1.0 Palo Alto Networks PAN-OS...
CVE
Jenkins Checkmarx Plugin man-in-the-middle | CVE-2023-35142
NAME__________Jenkins Checkmarx Plugin man-in-the-middlePlatforms Affected:Jenkins Checkmarx Plugin 2022.4.3Risk Level:5.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Checkmarx Plugin is vulnerable to a man-in-the-middle attack, caused...
Grav cross-site scripting | CVE-2023-34452
NAME__________Grav cross-site scriptingPlatforms Affected:Grav Grav 1.7.42Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Grav is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
X.Org libX11 denial of service | CVE-2023-3138
NAME__________X.Org libX11 denial of servicePlatforms Affected:X.Org libX11 1.8.5Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________X.Org libX11 is vulnerable to a denial of service,...
Palo Alto Networks GlobalProtect App for Windows privilege escalation | CVE-2023-0009
NAME__________Palo Alto Networks GlobalProtect App for Windows privilege escalationPlatforms Affected:Palo Alto Networks GlobalProtect app for Windows 5.2 Palo Alto Networks...
Jenkins Dimensions Plugin information disclosure | CVE-2023-32261
NAME__________Jenkins Dimensions Plugin information disclosurePlatforms Affected:Jenkins Dimensions Plugin 0.9.3Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Dimensions Plugin could allow a remote authenticated attacker...
WP Abstracts Plugin for WordPress cross-site scripting | CVE-2023-29385
NAME__________WP Abstracts Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WP Abstracts Plugin for WordPress 2.6.2Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WP Abstracts Plugin for...
Synology DiskStation Manager information disclosure | CVE-2023-2729
NAME__________Synology DiskStation Manager information disclosurePlatforms Affected:Synology DiskStation Manager (DSM) 6.2 Synology DiskStation Manager (DSM) 7.0 Synology DiskStation Manager (DSM) 7.1...
Fortinet FortiOS, FortiProxy and Fortiweb denial of service | CVE-2023-33305
NAME__________Fortinet FortiOS, FortiProxy and Fortiweb denial of servicePlatforms Affected:Fortinet FortiWeb 6.3.0 Fortinet FortiProxy 2.0.0 Fortinet FortiProxy 1.1 Fortinet FortiOS 7.0.0...
Keystone open redirect | CVE-2023-34247
NAME__________Keystone open redirectPlatforms Affected:Keystone KeystoneRisk Level:6.1Exploitability:UnprovenConsequences:Other DESCRIPTION__________Keystone could allow a remote authenticated attacker to conduct phishing attacks, caused by an...
Fortinet FortiOS and FortiProxy code execution | CVE-2022-43953
NAME__________Fortinet FortiOS and FortiProxy code executionPlatforms Affected:Fortinet FortiOS 6.4.0 Fortinet FortiOS 7.0.0 Fortinet FortiProxy 7.0.0 Fortinet FortiOS 7.2.0 Fortinet FortiProxy...
Schneider Electric EcoStruxure Foxboro DCS Control Core Services execution | CVE-2023-2569
NAME__________Schneider Electric EcoStruxure Foxboro DCS Control Core Services executionPlatforms Affected:Schneider Electric EcoStruxure Foxboro DCS Control Core ServicesRisk Level:7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Schneider...
Shipyaari Shipping Management plugin for WordPress cross-site scripting | CVE-2023-26528
NAME__________Shipyaari Shipping Management plugin for WordPress cross-site scriptingPlatforms Affected:WordPress UTM Tracker Plugin for WordPress 1.3.1 WordPress Shipyaari Shipping Management Plugin...
Call Now Accessibility Button plugin for WordPress cross-site scripting | CVE-2023-28933
NAME__________Call Now Accessibility Button plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Call Now Accessibility Button plugin for WordPress 1.1Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting...
Contact Forms by Cimatti plugin for WordPress cross-site request forgery | CVE-2023-2563
NAME__________Contact Forms by Cimatti plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Contact Forms by Cimatti Plugin for WordPress 1.5.7Risk Level:4.3Exploitability:UnprovenConsequences:Gain...
WeÂ’re Open plugin for WordPress cross-site scripting | CVE-2023-25964
NAME__________WeÂ’re Open plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WeÂ’re Open! Plugin for WordPress 1.46Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WeÂ’re Open plugin for...
Microsoft Windows Server iSCSI Target WMI Provider code execution | CVE-2023-29367
NAME__________Microsoft Windows Server iSCSI Target WMI Provider code executionPlatforms Affected:Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows...
Protected Posts Logout Button plugin for WordPress cross-site scripting | CVE-2023-25978
NAME__________Protected Posts Logout Button plugin for WordPress cross-site scriptingPlatforms Affected:WordPress UTM Tracker Plugin for WordPress 1.3.1 WordPress Protected Posts Logout...
Chat Bee plugin for WordPress cross-site scripting | CVE-2023-26538
NAME__________Chat Bee plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Chat Bee Plugin for WordPress 1.1.0Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Chat Bee plugin for...
Apache Traffic Server information disclosure | CVE-2022-47184
NAME__________Apache Traffic Server information disclosurePlatforms Affected:Apache Traffic Server 8.0.0 Apache Traffic Server 9.0.0 Apache Traffic Server 8.1.4 Apache Traffic Server...
Discourse information disclosure | CVE-2023-31142
NAME__________Discourse information disclosurePlatforms Affected:Discourse Discourse stable 3.0.3 Discourse Discourse beta 3.1.0.beta4 Discourse Discourse tests-passed 3.1.0.beta4Risk Level:2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Discourse could allow...
Siemens POWER METER SICAM Q200 family cross-site request forgery | CVE-2023-30901
NAME__________Siemens POWER METER SICAM Q200 family cross-site request forgeryPlatforms Affected:Siemens POWER METER SICAM Q200 familyRisk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens POWER METER...
Schneider Electric IGSS Dashboard code execution | CVE-2023-3001
NAME__________Schneider Electric IGSS Dashboard code executionPlatforms Affected:Schneider Electric IGSS Dashboard 16.0.0.23130Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Schneider Electric IGSS Dashboard could allow a...
HotelDruid cross-site scripting | CVE-2023-34537
NAME__________HotelDruid cross-site scriptingPlatforms Affected:HotelDruid HotelDruid 3.0.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________HotelDruid is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
