Gain Access

Inductive Automation Ignition code execution | CVE-2023-50220

January 6, 2024

NAME__________Inductive Automation Ignition code executionPlatforms Affected:Inductive Automation Ignition 8.1.34Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Inductive Automation Ignition could allow a remote authenticated attacker...

Apache Axis server-side request forgery | CVE-2023-51441

January 6, 2024

NAME__________Apache Axis server-side request forgeryPlatforms Affected:Apache Axis 1.3Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Axis is vulnerable to server-side request forgery, caused by...

Kofax Power PDF code execution | CVE-2023-51565

January 5, 2024

NAME__________Kofax Power PDF code executionPlatforms Affected:Kofax Power PDFRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Kofax Power PDF could allow a remote attacker to execute...

Kofax Power PDF buffer overflow | CVE-2023-51566

January 5, 2024

NAME__________Kofax Power PDF buffer overflowPlatforms Affected:Kofax Power PDFRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Kofax Power PDF is vulnerable to a stack-based buffer overflow,...

Kofax Power PDF code execution | CVE-2023-51563

January 5, 2024

Kofax Power PDF code execution | CVE-2023-51569

January 5, 2024

New User Approve Plugin for WordPress cross-site request forgery | CVE-2023-50902

January 4, 2024

NAME__________New User Approve Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress New User Approve Plugin for WordPress 2.5.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________New...

Webba Booking Plugin for WordPress cross-site request forgery | CVE-2023-51354

January 4, 2024

NAME__________Webba Booking Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Webba Booking Plugin for WordPress 4.5.33Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Webba Booking Plugin...

Block IPs for Gravity Forms Plugin for WordPress cross-site request forgery | CVE-2023-51358

January 4, 2024

NAME__________Block IPs for Gravity Forms Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Block IPs for Gravity Forms Plugin for WordPress...

Poly devices weak security | CVE-2023-4462

January 4, 2024

NAME__________Poly devices weak securityPlatforms Affected:Risk Level:3.7Exploitability:Consequences:Gain Access DESCRIPTION__________Poly devices could provide weaker than expected security, caused by insufficiently random values...

Poly devices weak security | CVE-2023-4466

January 4, 2024

NAME__________Poly devices weak securityPlatforms Affected:Risk Level:2.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Poly devices could provide weaker than expected security, caused by protection mechanism failure...

Poly devices command execution | CVE-2023-4464

January 4, 2024

NAME__________Poly devices command executionPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Poly devices could allow a remote attacker to execute arbitrary commands on the...

Poly Trio 8800 backdoor | CVE-2023-4467

January 4, 2024

NAME__________Poly Trio 8800 backdoorPlatforms Affected:Risk Level:6.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Poly Trio 8800 contains an undocumented backdoor account, caused by a flaw in...

RRJ Nueva Ecija Engineer Online Portal file upload | CVE-2024-0185

January 4, 2024

NAME__________RRJ Nueva Ecija Engineer Online Portal file uploadPlatforms Affected:Risk Level:4.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________RRJ Nueva Ecija Engineer Online Portal could allow a...

Multiple MediaTek Chipsets code execution | CVE-2023-32874

January 4, 2024

NAME__________Multiple MediaTek Chipsets code executionPlatforms Affected:MediaTek ChipsetsRisk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Multiple MediaTek Chipsets could allow a remote attacker to execute arbitrary...

Qualcomm Snapdragon products code execution | CVE-2023-33117

January 4, 2024

NAME__________Qualcomm Snapdragon products code executionPlatforms Affected:Qualcomm SnapdragonRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Qualcomm Snapdragon products could allow a local authenticated attacker to execute...

Qualcomm Snapdragon products code execution | CVE-2023-33085

January 4, 2024

Qualcomm Snapdragon products code execution | CVE-2023-33120

January 4, 2024

Qualcomm Snapdragon products code execution | CVE-2023-33038

January 4, 2024

NAME__________Qualcomm Snapdragon products code executionPlatforms Affected:Qualcomm SnapdragonRisk Level:6.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Qualcomm Snapdragon products could allow a local authenticated attacker to execute...

Gain Access

Inductive Automation Ignition code execution | CVE-2023-50220

Apache Axis server-side request forgery | CVE-2023-51441

Kofax Power PDF code execution | CVE-2023-51565

Kofax Power PDF buffer overflow | CVE-2023-51566

Kofax Power PDF code execution | CVE-2023-51563

Kofax Power PDF code execution | CVE-2023-51569

New User Approve Plugin for WordPress cross-site request forgery | CVE-2023-50902

Webba Booking Plugin for WordPress cross-site request forgery | CVE-2023-51354

Block IPs for Gravity Forms Plugin for WordPress cross-site request forgery | CVE-2023-51358

Poly devices weak security | CVE-2023-4462

Poly devices weak security | CVE-2023-4466

Poly devices command execution | CVE-2023-4464

Poly Trio 8800 backdoor | CVE-2023-4467

RRJ Nueva Ecija Engineer Online Portal file upload | CVE-2024-0185

Multiple MediaTek Chipsets code execution | CVE-2023-32874

Qualcomm Snapdragon products code execution | CVE-2023-33117

Qualcomm Snapdragon products code execution | CVE-2023-33085

Qualcomm Snapdragon products code execution | CVE-2023-33120

Qualcomm Snapdragon products code execution | CVE-2023-33038

Qualcomm Snapdragon products code execution | CVE-2023-33110

RRJ Nueva Ecija Engineer Online Portal weak security | CVE-2024-0188

HuiRan Host Reseller System weak security | CVE-2024-0186

Qualcomm Snapdragon products code execution | CVE-2023-33118

Winter CMS local file include | CVE-2023-52085

CVE Alert: CVE-2024-53865

CVE Alert: CVE-2024-36624

CVE Alert: CVE-2024-53979

CVE Alert: CVE-2024-47193

CVE Alert: CVE-2024-49360

You may have missed