Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
dts_electronics -- redline_router | Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue affects Redline Router: before 7.17. | 2023-04-14 | 10 | CVE-2023-1803 MISC |
dts_electronics -- redline_router | Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue affects Redline Router: before 7.17. | 2023-04-14 | 10 | CVE-2023-1833 MISC |
safe-eval_project -- safe-eval | All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content. | 2023-04-11 | 10 | CVE-2023-26121 MISC MISC MISC |
wordpress -- wordpress | A vulnerability was found in HD FLV PLayer Plugin up to 1.7. It has been rated as critical. Affected by this issue is the function hd_add_media/hd_update_media of the file functions.php. The manipulation of the argument name leads to sql injection. The attack may be launched remotely. Upgrading to version 1.8 is able to address this issue. The name of the patch is 34d66b9f3231a0e2dc0e536a6fe615d736e863f7. It is recommended to upgrade the affected component. VDB-225350 is the identifier assigned to this vulnerability. | 2023-04-09 | 9.8 | CVE-2012-10011 MISC MISC MISC |
wordpress -- wordpress | A vulnerability, which was classified as critical, has been found in Dynamic Widgets Plugin up to 1.5.10. This issue affects some unknown processing of the file classes/dynwid_class.php. The manipulation leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.5.11 is able to address this issue. The name of the patch is d0a19c6efcdc86d7093b369bc9e29a0629e57795. It is recommended to upgrade the affected component. The identifier VDB-225353 was assigned to this vulnerability. | 2023-04-10 | 9.8 | CVE-2015-10100 MISC MISC MISC MISC |
apple -- iphone_os | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges | 2023-04-10 | 9.8 | CVE-2022-46709 MISC |
wordpress -- wordpress | The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module. | 2023-04-10 | 9.8 | CVE-2023-1478 MISC |
tcpdump -- tcpdump | The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. | 2023-04-07 | 9.8 | CVE-2023-1801 MISC MISC |
eskom_computer -- water_metering_software | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eskom Computer Water Metering Software allows Command Line Execution through SQL Injection.This issue affects Water Metering Software: before 23.04.06. | 2023-04-14 | 9.8 | CVE-2023-1863 MISC |
sourcecodester -- simple_and_beautiful_shopping_cart_system | A vulnerability, which was classified as critical, has been found in SourceCodester Simple and Beautiful Shopping Cart System 1.0. This issue affects some unknown processing of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225317 was assigned to this vulnerability. | 2023-04-07 | 9.8 | CVE-2023-1941 MISC MISC MISC |
sourcecodester -- online_computer_and_laptop_store | A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/?page=user of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225319. | 2023-04-07 | 9.8 | CVE-2023-1942 MISC MISC MISC |
sourcecodester -- online_computer_and_laptop_store | A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this issue is the function delete_brand of the file /admin/maintenance/brand.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-225338 is the identifier assigned to this vulnerability. | 2023-04-08 | 9.8 | CVE-2023-1951 MISC MISC MISC |
sourcecodester -- online_computer_and_laptop_store | A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as critical. This affects an unknown part of the file /?p=products of the component Product Search. The manipulation of the argument search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225339. | 2023-04-08 | 9.8 | CVE-2023-1952 MISC MISC MISC |
sourcecodester -- online_computer_and_laptop_store | A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is an unknown function of the file login.php of the component User Registration. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225342 is the identifier assigned to this vulnerability. | 2023-04-08 | 9.8 | CVE-2023-1955 MISC MISC MISC |
sourcecodester -- online_computer_and_laptop_store | A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /classes/Master.php?f=delete_sub_category. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225345 was assigned to this vulnerability. | 2023-04-08 | 9.8 | CVE-2023-1958 MISC MISC MISC |
sourcecodester -- -- online_eyewear_shop | A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file /admin/inventory/manage_stock.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-225406 is the identifier assigned to this vulnerability. | 2023-04-10 | 9.8 | CVE-2023-1969 MISC MISC MISC |
microsoft -- multiple_products | Microsoft Message Queuing Remote Code Execution Vulnerability | 2023-04-11 | 9.8 | CVE-2023-21554 MISC |
dlink -- dir-882_a1_firmware | D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack overflow in the sub_48AC20 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-24797 MISC MISC |
dlink -- dir-878_firmware | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-24798 MISC MISC |
dlink -- dir-878_firmware | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-24799 MISC MISC |
dlink -- dir-878_firmware | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-24800 MISC MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25210 MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25211 MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25212 MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the check_param_changed function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25213 MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25214 MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25215 MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25216 MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formWifiBasicSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25217 MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25218 MISC MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25219 MISC |
tenda -- ac5_firmware | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the add_white_node function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-25220 MISC MISC |
totolink -- a7100ru_firmware | TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules. | 2023-04-07 | 9.8 | CVE-2023-26848 MISC |
totolink -- a7100ru_firmware | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg. | 2023-04-07 | 9.8 | CVE-2023-26978 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27012 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27013 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_46AC38 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27014 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_4A75C0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27015 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27016 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45DC58 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27017 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45EC1C function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27018 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_458FBC function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27019 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27020 MISC |
tenda -- ac10_firmware | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-07 | 9.8 | CVE-2023-27021 MISC |
cdesigner_project -- cdesigner | Prestashop cdesigner v3.1.3 to v3.1.8 was discovered to contain a code injection vulnerability via the component CdesignerSaverotateModuleFrontController::initContent(). | 2023-04-07 | 9.8 | CVE-2023-27033 MISC MISC |
tenda -- g103_firmware | Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter. | 2023-04-10 | 9.8 | CVE-2023-27076 MISC |
gdidees -- gdidees_cms | An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file. | 2023-04-10 | 9.8 | CVE-2023-27178 MISC MISC MISC MISC |
apache -- linkis | In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions <=1.3.1, we suggest turning on the file path check switch in linkis.properties `wds.linkis.workspace.filesystem.owner.check=true` `wds.linkis.workspace.filesystem.path.check=true` | 2023-04-10 | 9.8 | CVE-2023-27602 MISC MISC |
apache -- linkis | In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2. | 2023-04-10 | 9.8 | CVE-2023-27603 MISC MISC |
apusapps -- launcher | An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute arbitrary code via the FONT_FILE parameter. | 2023-04-10 | 9.8 | CVE-2023-27650 MISC MISC MISC |
dlink -- dir-878_firmware | D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-09 | 9.8 | CVE-2023-27720 MISC MISC |
microsoft -- windows_server_2008 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 2023-04-11 | 9.8 | CVE-2023-28250 MISC |
siemens -- multiple_products | A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation” is enabled. The parameter is disabled by default. The vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device. | 2023-04-11 | 9.8 | CVE-2023-28489 MISC |
apache -- airflow_hive_provider | Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0. | 2023-04-07 | 9.8 | CVE-2023-28706 MISC MISC MISC |
sap -- businessobjects_business_intelligence | An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user, the attacker can perform operations that can completely compromise the application. | 2023-04-11 | 9.8 | CVE-2023-28765 MISC MISC |
apache -- linkis | In Apache Linkis <=1.3.1, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.2. | 2023-04-10 | 9.8 | CVE-2023-29215 MISC MISC |
apache -- linkis | In Apache Linkis <=1.3.1, because the parameters are not effectively filtered, the attacker uses the MySQL data source and malicious parameters to configure a new data source to trigger a deserialization vulnerability, eventually leading to remote code execution. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.2. | 2023-04-10 | 9.8 | CVE-2023-29216 MISC MISC |
progress -- sitefinity | An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector. | 2023-04-10 | 9.8 | CVE-2023-29375 MISC MISC |
bibliocraftmod -- bibliocraft | BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. This includes the Minecraft mods folder, which results in code execution. | 2023-04-07 | 9.8 | CVE-2023-29478 MISC |
simple_and_beautiful_shopping_cart_system_project -- simple_and_beautiful_shopping_cart_system | A vulnerability classified as critical was found in SourceCodester Simple and Beautiful Shopping Cart System 1.0. This vulnerability affects unknown code of the file delete_user_query.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225316. | 2023-04-07 | 9.1 | CVE-2023-1940 MISC MISC MISC |
apache -- linkis | In Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values. We recommend users upgrade the version of Linkis to version 1.3.2 And modify the default token value. You can refer to Token authorization[1] https://linkis.apache.org/docs/latest/auth/token https://linkis.apache.org/docs/latest/auth/token | 2023-04-10 | 9.1 | CVE-2023-27987 MISC MISC |
bestwebsoft -- facebook_button | A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbk_bttn_plgn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The name of the patch is 33144ae5a45ed07efe7fceca901d91365fdbf7cb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-225355. | 2023-04-10 | 8.8 | CVE-2012-10012 MISC MISC MISC |
scada-lts -- scada-lts | An privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build 2948559113 allows remote attackers, authenticated in the application as a low-privileged user to change role (e.g., to administrator) by updating their user profile. | 2023-04-10 | 8.8 | CVE-2022-41976 MISC MISC MISC |
joomunited -- wp_meta_seo | The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code execution. | 2023-04-10 | 8.8 | CVE-2023-1381 MISC MISC |
crocoblock -- jetengine_for_elementor | The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files without adequately ensuring that they are not executable, leading to a remote code execution vulnerability. | 2023-04-10 | 8.8 | CVE-2023-1406 MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/sales/index.php. The manipulation of the argument date_start/date_end leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225340. | 2023-04-08 | 8.8 | CVE-2023-1953 MISC MISC MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been rated as critical. This issue affects the function save_inventory of the file /admin/product/manage.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225341 was assigned to this vulnerability. | 2023-04-08 | 8.8 | CVE-2023-1954 MISC MISC MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_img of the component Image Handler. The manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225343. | 2023-04-08 | 8.8 | CVE-2023-1956 MISC MISC MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_sub_category of the component Subcategory Handler. The manipulation of the argument sub_category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225344. | 2023-04-08 | 8.8 | CVE-2023-1957 MISC MISC MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_category. The manipulation of the argument category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-225346 is the identifier assigned to this vulnerability. | 2023-04-08 | 8.8 | CVE-2023-1959 MISC MISC MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225347. | 2023-04-08 | 8.8 | CVE-2023-1960 MISC MISC MISC |
microsoft -- multiple_products | Remote Procedure Call Runtime Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-21727 MISC |
microsoft -- windows_server_2012 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-24884 MISC |
microsoft -- windows_server_2012 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-24886 MISC |
microsoft -- windows_server_2008 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-24887 MISC |
microsoft -- windows_server_2012 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-24924 MISC |
microsoft -- windows_server_2012 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-24925 MISC |
microsoft -- windows_server_2012 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-24926 MISC |
microsoft -- windows_server_2012 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-24927 MISC |
microsoft -- windows_server_2012 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-24928 MISC |
microsoft -- windows_server_2012 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-24929 MISC |
pgyer -- codefever | codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a remote code execution (RCE) vulnerability via the component /controllers/api/user.php. | 2023-04-07 | 8.8 | CVE-2023-26817 MISC |
save_your_carts_and_buy_later_or_send_it_project -- save_your_carts_and_buy_later_or_send_it | SQL injection vulnerability found in PrestaShop Igbudget v.1.0.3 and before allow a remote attacker to gain privileges via the LgBudgetBudgetModuleFrontController::displayAjaxGenerateBudget component. | 2023-04-10 | 8.8 | CVE-2023-26860 MISC MISC |
apple -- safari | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | 2023-04-10 | 8.8 | CVE-2023-28205 MISC MISC MISC MISC FULLDISC FULLDISC FULLDISC FULLDISC |
microsoft -- windows_server_2008 | Windows Network Load Balancing Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-28240 MISC |
microsoft -- windows_server_2012 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-28243 MISC |
microsoft -- windows_server_2008 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 2023-04-11 | 8.8 | CVE-2023-28275 MISC |
microsoft -- multiple_products | Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability | 2023-04-11 | 8.8 | CVE-2023-28297 MISC |
sap -- landscape_management | An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. It allows an authenticated SAP Landscape Management user to obtain privileged access to other systems making those other systems vulnerable to information disclosure and modification.The disclosed information is for Diagnostics Agent Connection via Java SCS Message Server of an SAP Solution Manager system and can only be accessed by authenticated SAP Landscape Management users, but they can escalate their privileges to the SAP Solution Manager system. | 2023-04-11 | 8.7 | CVE-2023-26458 MISC MISC |
apple -- ipados | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Big Sur 11.7.6, macOS Ventura 13.3.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. | 2023-04-10 | 8.6 | CVE-2023-28206 MISC MISC MISC MISC MISC FULLDISC FULLDISC FULLDISC FULLDISC FULLDISC |
microsoft -- raw_image_extension | Raw Image Extension Remote Code Execution Vulnerability | 2023-04-11 | 8.4 | CVE-2023-28291 MISC |
ibm -- sterling_order_management | IBM Sterling Order Management 10.0 could allow a user to bypass validation and perform unauthorized actions on behalf of other users. IBM X-Force ID: 229320. | 2023-04-07 | 8.1 | CVE-2022-33959 MISC MISC |
sap -- diagnostics_agent | Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP Diagnostics Agent - version 720, allows an attacker with deep knowledge of the system to execute scripts on all connected Diagnostics Agents. On successful exploitation, the attacker can completely compromise confidentiality, integrity and availability of the system. | 2023-04-11 | 8.1 | CVE-2023-27267 MISC MISC |
microsoft -- windows_server_2008 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 2023-04-11 | 8.1 | CVE-2023-28219 MISC |
microsoft -- windows_server_2008 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 2023-04-11 | 8.1 | CVE-2023-28220 MISC |
microsoft -- windows_server_2008 | Windows Kerberos Elevation of Privilege Vulnerability | 2023-04-11 | 8.1 | CVE-2023-28244 MISC |
microsoft -- windows_server | Netlogon RPC Elevation of Privilege Vulnerability | 2023-04-11 | 8.1 | CVE-2023-28268 MISC |
microsoft -- windows_server_2008 | DHCP Server Service Remote Code Execution Vulnerability | 2023-04-11 | 8 | CVE-2023-28231 MISC |
apple -- macos | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges | 2023-04-10 | 7.8 | CVE-2022-42858 MISC |
adobe -- digital_editions | Adobe Digital Editions version 4.5.11.187303 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-21582 MISC |
adobe -- incopy | InCopy versions 18.1 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-22235 MISC |
microsoft -- ole_db_driver | Microsoft ODBC and OLE DB Remote Code Execution Vulnerability | 2023-04-11 | 7.8 | CVE-2023-23375 MISC |
gnu -- screen | socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. | 2023-04-08 | 7.8 | CVE-2023-24626 CONFIRM MISC MISC |
microsoft -- visual_studio_code | Visual Studio Code Remote Code Execution Vulnerability | 2023-04-11 | 7.8 | CVE-2023-24893 MISC |
microsoft -- windows_server_2008 | Windows Graphics Component Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-24912 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26371 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26372 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26373 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26383 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26384 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26388 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26389 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26390 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26391 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26392 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26393 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26394 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26395 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26396 MISC |
adobe -- substance3d-designer | Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-13 | 7.8 | CVE-2023-26398 MISC |
adobe -- substance3d-stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26402 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26405 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26406 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26407 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26408 MISC |
adobe -- substance3d-designer | Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-13 | 7.8 | CVE-2023-26409 MISC |
adobe -- substance3d-designer | Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-13 | 7.8 | CVE-2023-26410 MISC |
adobe -- substance3d-designer | Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-13 | 7.8 | CVE-2023-26411 MISC |
adobe -- substance3d-designer | Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-13 | 7.8 | CVE-2023-26412 MISC |
adobe -- substance3d-designer | Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-13 | 7.8 | CVE-2023-26413 MISC |
adobe -- substance3d-designer | Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-13 | 7.8 | CVE-2023-26414 MISC |
adobe -- substance3d-designer | Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-13 | 7.8 | CVE-2023-26415 MISC |
adobe -- substance3d-designer | Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-13 | 7.8 | CVE-2023-26416 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26417 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26418 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26419 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26420 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Integer Underflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26421 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26422 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26423 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26424 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 7.8 | CVE-2023-26425 MISC |
pega -- synchronization_engine | A user with non-Admin access can change a configuration file on the client to modify the Server URL. | 2023-04-10 | 7.8 | CVE-2023-26466 MISC |
opendesign -- drawings_sdk | An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code. | 2023-04-10 | 7.8 | CVE-2023-26495 MISC |
chinamobileltd -- oa_mailbox_pc | An issue in China Mobile OA Mailbox PC v2.9.23 allows remote attackers to execute arbitrary commands on a victim host via user interaction with a crafted EML file sent to their OA mailbox. | 2023-04-10 | 7.8 | CVE-2023-26986 MISC MISC |
dell -- power_manager | Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit this vulnerability to elevate privileges on the system. | 2023-04-07 | 7.8 | CVE-2023-28051 MISC |
microsoft -- multiple_products | Windows NTLM Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28225 MISC |
microsoft -- multiple_products | Windows Kernel Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28236 MISC |
microsoft -- multiple_products | Windows Kernel Remote Code Execution Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28237 MISC |
microsoft -- multiple_ products | Windows Registry Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28246 MISC |
microsoft -- multiple_products | Windows Kernel Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28248 MISC |
microsoft -- multiple_products | Windows Common Log File System Driver Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28252 MISC |
microsoft -- multiple_products | .NET DLL Hijacking Remote Code Execution Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28260 MISC |
microsoft -- visual_studio | Visual Studio Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28262 MISC |
microsoft -- windows_server_2008 | Windows Kernel Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28272 MISC |
microsoft -- multiple_products | Windows Win32k Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28274 MISC |
microsoft -- multiple_products | Microsoft Office Remote Code Execution Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28285 MISC |
microsoft -- raw_image_extendion | Raw Image Extension Remote Code Execution Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28292 MISC |
microsoft -- multiple_products | Windows Kernel Elevation of Privilege Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28293 MISC |
microsoft -- visual_studio | Visual Studio Remote Code Execution Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28296 MISC |
microsoft -- multiple_products | Microsoft ODBC and OLE DB Remote Code Execution Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28304 MISC |
microsoft -- multiple_products | Microsoft Word Remote Code Execution Vulnerability | 2023-04-11 | 7.8 | CVE-2023-28311 MISC |
siemens -- multiple_products | A vulnerability has been identified in JT Open (All versions < V11.3.2.0), JT Utilities (All versions < V13.3.0.0). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. | 2023-04-11 | 7.8 | CVE-2023-29053 MISC |
linux -- linux_kernel | An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4. | 2023-04-10 | 7.8 | CVE-2023-30456 MISC MISC |
microsoft -- multiple_products
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | 2023-04-11 | 7.6 | CVE-2023-28309 MISC |
lua -- lua | In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. | 2023-04-10 | 7.5 | CVE-2021-45985 MISC MISC MISC |
ibm -- sterling_order_management | IBM Sterling Order Management 10.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 229698. | 2023-04-07 | 7.5 | CVE-2022-34333 MISC MISC |
siemens -- multiple_products | A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product. | 2023-04-11 | 7.5 | CVE-2022-43716 MISC |
siemens -- multiple_products | A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. | 2023-04-11 | 7.5 | CVE-2022-43767 MISC |
siemens -- multiple_products | A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product. | 2023-04-11 | 7.5 | CVE-2022-43768 MISC |
apple -- ipados | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. Private Relay functionality did not match system settings | 2023-04-10 | 7.5 | CVE-2022-46716 MISC MISC |
microsoft -- multiple_products | Microsoft Message Queuing Denial of Service Vulnerability | 2023-04-11 | 7.5 | CVE-2023-21769 MISC |
microsoft -- multiple_products | Microsoft Defender Denial of Service Vulnerability | 2023-04-11 | 7.5 | CVE-2023-24860 MISC |
microsoft -- multiple_products | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 2023-04-11 | 7.5 | CVE-2023-24885 MISC |
microsoft -- multiple_products | Windows Secure Channel Denial of Service Vulnerability | 2023-04-11 | 7.5 | CVE-2023-24931 MISC |
aten -- pe8108_firmware | Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated access to Telnet and SNMP credentials. | 2023-04-11 | 7.5 | CVE-2023-25413 MISC |
siteproxy_project -- siteproxy | siteproxy v1.0 was discovered to contain a path traversal vulnerability via the component index.js. | 2023-04-07 | 7.5 | CVE-2023-26820 MISC |
gdidees -- gdidees_cms | GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php. | 2023-04-07 | 7.5 | CVE-2023-27180 MISC MISC MISC |
dualspace -- super_security | An issue found in DUALSPACE Super Security v.2.3.7 allows an attacker to cause a denial of service via the SharedPreference files. | 2023-04-11 | 7.5 | CVE-2023-27191 MISC MISC MISC |
microsoft -- windows_server_2008 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28217 MISC |
microsoft -- windows_server_2008 | Windows Bluetooth Driver Remote Code Execution Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28227 MISC |
microsoft -- windows_server_2008 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28232 MISC |
microsoft -- windows_server_2022 | Windows Secure Channel Denial of Service Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28233 MISC |
microsoft -- windows_server_2022 | Windows Secure Channel Denial of Service Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28234 MISC |
microsoft -- windows_server_2008 | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28238 MISC |
microsoft -- windows_server_2008 | Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28241 MISC |
microsoft -- multiple_products | Windows Network File System Information Disclosure Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28247 MISC |
microsoft -- multiple_products | Azure Service Connector Security Feature Bypass Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28300 MISC |
microsoft -- multiple_products | Microsoft Message Queuing Denial of Service Vulnerability | 2023-04-11 | 7.5 | CVE-2023-28302 MISC |
apache -- airflow_drill_provider | Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2. | 2023-04-07 | 7.5 | CVE-2023-28707 MISC MISC MISC |
apache -- airflow_spark_provider | Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1. | 2023-04-07 | 7.5 | CVE-2023-28710 MISC MISC MISC |
siemens -- multiple_products | A vulnerability has been identified in SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.40), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MU85 (CP300) (All versions < V9.40), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.40), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.40), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.40), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.40), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.40), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.40), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.40), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.40), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.40), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.40), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.40), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions < V9.40), SIPROTEC 5 7SX82 (CP150) (All versions < V9.40), SIPROTEC 5 7SX85 (CP300) (All versions < V9.40), SIPROTEC 5 7UM85 (CP300) (All versions < V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.40), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.40), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.40), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.40), SIPROTEC 5 7VE85 (CP300) (All versions < V9.40), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.40), SIPROTEC 5 7VU85 (CP300) (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.40). Affected devices lack proper validation of http request parameters of the hosted web service. An unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device. | 2023-04-11 | 7.5 | CVE-2023-28766 MISC |
wacom -- driver | Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion vulnerability. | 2023-04-11 | 7.3 | CVE-2022-38604 MISC MISC MISC |
microsoft -- sql_server | Microsoft SQL Server Remote Code Execution Vulnerability | 2023-04-11 | 7.3 | CVE-2023-23384 MISC |
siemens -- multiple_products | A vulnerability has been identified in TIA Portal V15 (All versions), TIA Portal V16 (All versions), TIA Portal V17 (All versions), TIA Portal V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution. | 2023-04-11 | 7.3 | CVE-2023-26293 MISC |
groundhogg -- groundhogg | The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg WordPress plugin before 2.7.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins | 2023-04-10 | 7.2 | CVE-2023-1425 MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. This issue affects the function save_brand of the file /classes/Master.php?f=save_brand. The manipulation of the argument name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225533 was assigned to this vulnerability. | 2023-04-11 | 7.2 | CVE-2023-1985 MISC MISC MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function delete_order of the file /classes/master.php?f=delete_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225534 is the identifier assigned to this vulnerability. | 2023-04-11 | 7.2 | CVE-2023-1986 MISC MISC MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is the function update_order_status of the file /classes/Master.php?f=update_order_status. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225535. | 2023-04-11 | 7.2 | CVE-2023-1987 MISC MISC MISC |
aten -- pe8108_firmware | Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have read access to administrator credentials. | 2023-04-11 | 7.2 | CVE-2023-25407 MISC |
javadelight -- nashorn_sandbox | delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When allowExitFunctions is set to false, the loadWithNewGlobal function can be used to invoke the exit and quit methods to exit the Java process. | 2023-04-10 | 7.2 | CVE-2023-26919 MISC |
microsoft -- mulitple_products | Windows DNS Server Remote Code Execution Vulnerability | 2023-04-11 | 7.2 | CVE-2023-28254 MISC |
google -- android | In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | 2023-04-11 | 7.1 | CVE-2022-47338 MISC |
ibm -- tririga_application_platform | IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249975. | 2023-04-07 | 7.1 | CVE-2023-27876 MISC MISC |
microsoft -- windows_server_2008 | Windows Kernel Elevation of Privilege Vulnerability | 2023-04-11 | 7.1 | CVE-2023-28222 MISC |
microsoft -- multiple_products | Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability | 2023-04-11 | 7.1 | CVE-2023-28224 MISC |
microsoft -- windows_11_22h2 | Win32k Elevation of Privilege Vulnerability | 2023-04-11 | 7 | CVE-2023-24914 MISC |
microsoft -- windows_server_2008 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 2023-04-11 | 7 | CVE-2023-28216 MISC |
microsoft -- windows_server_2008 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 2023-04-11 | 7 | CVE-2023-28218 MISC |
microsoft -- multiple_products | Windows Error Reporting Service Elevation of Privilege Vulnerability | 2023-04-11 | 7 | CVE-2023-28221 MISC |
microsoft -- multiple_products | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | 2023-04-11 | 7 | CVE-2023-28229 MISC |
microsoft -- multiple_products | Windows Clip Service Elevation of Privilege Vulnerability | 2023-04-11 | 7 | CVE-2023-28273 MISC |
Medium Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
microsoft -- windows_server_2019 | Windows Lock Screen Security Feature Bypass Vulnerability | 2023-04-11 | 6.8 | CVE-2023-28235 MISC |
microsoft -- multiple_products | Windows Lock Screen Security Feature Bypass Vulnerability | 2023-04-11 | 6.8 | CVE-2023-28270 MISC |
siemens-- multiple_products | A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device. | 2023-04-11 | 6.7 | CVE-2023-29054 MISC |
microsoft -- multiple_products | Windows Domain Name Service Remote Code Execution Vulnerability | 2023-04-11 | 6.6 | CVE-2023-28223 MISC |
microsoft -- multiple_products | Windows DNS Server Remote Code Execution Vulnerability | 2023-04-11 | 6.6 | CVE-2023-28255 MISC |
microsoft -- multiple_products | Windows DNS Server Remote Code Execution Vulnerability | 2023-04-11 | 6.6 | CVE-2023-28256 MISC |
microsoft -- multiple_products | Windows DNS Server Remote Code Execution Vulnerability | 2023-04-11 | 6.6 | CVE-2023-28278 MISC |
microsoft -- multiple_products | Windows DNS Server Remote Code Execution Vulnerability | 2023-04-11 | 6.6 | CVE-2023-28305 MISC |
microsoft -- multiple_products | Windows DNS Server Remote Code Execution Vulnerability | 2023-04-11 | 6.6 | CVE-2023-28306 MISC |
microsoft -- multiple_products | Windows DNS Server Remote Code Execution Vulnerability | 2023-04-11 | 6.6 | CVE-2023-28307 MISC |
microsoft -- multiple_products | Windows DNS Server Remote Code Execution Vulnerability | 2023-04-11 | 6.6 | CVE-2023-28308 MISC |
ibm -- db2_mirror_for_i | The IBM Toolbox for Java (Db2 Mirror for i 7.4 and 7.5) could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could be visible in memory over an indefinite amount of time. IBM has addressed this issue by reducing the amount of time the sensitive data is visible in memory. IBM X-Force ID: 241675. | 2023-04-07 | 6.5 | CVE-2022-43928 MISC MISC |
keetrax -- wp_tiles | The WP Tiles WordPress plugin through 1.1.2 does not ensure that posts to be displayed are not draft/private, allowing any authenticated users, such as subscriber to retrieve the titles of draft and privates posts for example. AN attacker could also retrieve the title of any other type of post. | 2023-04-10 | 6.5 | CVE-2023-1426 MISC |
bp_monitoring_management_system_project -- bp_monitoring_management_system | A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225318 is the identifier assigned to this vulnerability. | 2023-04-07 | 6.5 | CVE-2023-1909 MISC MISC MISC |
microsoft -- multiple_products | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 2023-04-11 | 6.5 | CVE-2023-24883 MISC |
microsoft -- multiple_products | Remote Desktop Protocol Client Information Disclosure Vulnerability | 2023-04-11 | 6.5 | CVE-2023-28267 MISC |
microsoft -- multiple_products | Microsoft SharePoint Server Spoofing Vulnerability | 2023-04-11 | 6.5 | CVE-2023-28288 MISC |
microsoft -- azure_machine_learning_information | Azure Machine Learning Information Disclosure Vulnerability | 2023-04-11 | 6.5 | CVE-2023-28312 MISC |
zohocorp -- manageengine_applications_manager | Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack. | 2023-04-11 | 6.5 | CVE-2023-28340 MISC MISC |
sap -- netweaver_enterprise_portal | In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated attacker can attach to an open interface and make use of an open API to access a service which will enable them to access or modify server settings and data, leading to limited impact on confidentiality and integrity. | 2023-04-11 | 6.5 | CVE-2023-28761 MISC MISC |
sap -- netweaver_application_server_abap | SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it unavailable over the network without any user interaction. | 2023-04-11 | 6.5 | CVE-2023-28763 MISC MISC |
sap -- customer_relationship_management | In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote execution authorization can use a vulnerable interface to execute an application function to perform actions which they would not normally be permitted to perform. Depending on the function executed, the attack can can have limited impact on confidentiality and integrity of non-critical user or application data and application availability. | 2023-04-11 | 6.3 | CVE-2023-27897 MISC MISC |
siemens -- multiple_products | A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC647D (All versions), SIMATIC IPC647E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC847D (All versions), SIMATIC IPC847E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows). The Adaptec Maxview application on affected devices is using a non-unique TLS certificate across installations to protect the communication from the local browser to the local application. A local attacker may use this key to decrypt intercepted local traffic between the browser and the application and could perform a man-in-the-middle attack in order to modify data in transit. | 2023-04-11 | 6.2 | CVE-2023-23588 MISC |
microsoft -- malware_protection_engine | Microsoft Defender Security Feature Bypass Vulnerability | 2023-04-14 | 6.2 | CVE-2023-24934 MISC |
microsoft -- multiple_products | Windows Boot Manager Security Feature Bypass Vulnerability | 2023-04-11 | 6.2 | CVE-2023-28249 MISC |
microsoft -- multiple_products | Windows Boot Manager Security Feature Bypass Vulnerability | 2023-04-11 | 6.2 | CVE-2023-28269 MISC |
sandbox_theme_project -- sandbox_theme | A vulnerability was found in Turante Sandbox Theme up to 1.5.2. It has been classified as problematic. This affects the function sandbox_body_class of the file functions.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.6.1 is able to address this issue. The name of the patch is 8045b1e10970342f558b2c5f360e0bd135af2b10. It is recommended to upgrade the affected component. The identifier VDB-225357 was assigned to this vulnerability. | 2023-04-10 | 6.1 | CVE-2009-10004 MISC MISC MISC MISC |
fancy_gallery_project -- fancy_gallery | A vulnerability was found in Fancy Gallery Plugin 1.5.12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file class.options.php of the component Options Page. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.5.13 is able to address this issue. The name of the patch is fdf1f9e5a1ec738900f962e69c6fa4ec6055ed8d. It is recommended to upgrade the affected component. The identifier VDB-225349 was assigned to this vulnerability. | 2023-04-10 | 6.1 | CVE-2014-125096 MISC MISC MISC |
bestwebsoft -- facebook_button | A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.34 is able to address this issue. The name of the patch is b766da8fa100779409a953f0e46c2a2448cbe99c. It is recommended to upgrade the affected component. VDB-225354 is the identifier assigned to this vulnerability. | 2023-04-10 | 6.1 | CVE-2014-125097 MISC MISC MISC |
dart -- http_server | A vulnerability was found in Dart http_server up to 0.9.5 and classified as problematic. Affected by this issue is the function VirtualDirectory of the file lib/src/virtual_directory.dart of the component Directory Listing Handler. The manipulation of the argument request.uri.path leads to cross site scripting. The attack may be launched remotely. Upgrading to version 0.9.6 is able to address this issue. The name of the patch is 27c1cbd8125bb0369e675eb72e48218496e48ffb. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225356. | 2023-04-10 | 6.1 | CVE-2014-125098 MISC MISC MISC MISC MISC |
pingidentity -- self-service_account_manager | A vulnerability, which was classified as problematic, has been found in Ping Identity Self-Service Account Manager 1.1.2. Affected by this issue is some unknown functionality of the file src/main/java/com/unboundid/webapp/ssam/SSAMController.java. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.1.3 is able to address this issue. The name of the patch is f64b10d63bb19ca2228b0c2d561a1a6e5a3bf251. It is recommended to upgrade the affected component. VDB-225362 is the identifier assigned to this vulnerability. | 2023-04-10 | 6.1 | CVE-2018-25084 MISC MISC MISC MISC |
servicenow -- servicenow | ServiceNow Tokyo allows XSS. | 2023-04-10 | 6.1 | CVE-2022-39048 MISC MISC |
stylishcostcalculator -- stylish_cost_calculator | The stylish-cost-calculator-premium WordPress plugin before 7.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Stored Cross-Site Scripting which could be used against admins when viewing submissions submitted through the Email Quote Form. | 2023-04-10 | 6.1 | CVE-2023-0983 MISC |
microsoft -- edge_chromium | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2023-04-11 | 6.1 | CVE-2023-24935 MISC |
kibokolabs -- arigato_autoresponder_and_newsletter | Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions. | 2023-04-07 | 6.1 | CVE-2023-25020 MISC |
cththemes -- monolit | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Monolit theme <= 2.0.6 versions. | 2023-04-07 | 6.1 | CVE-2023-25041 MISC |
wpglobus -- wpglobus_translate_options | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPGlobus WPGlobus Translate Options plugin <= 2.1.0 versions. | 2023-04-07 | 6.1 | CVE-2023-25711 MISC |
fullworksplugins -- quick_paypal_payments | Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions. | 2023-04-07 | 6.1 | CVE-2023-25713 MISC |
sales_tracker_management_system_project -- sales_tracker_management_system | Cross Site Scripting vulnerability found in Sales Tracker Management System v.1.0 allows a remote attacker to gain privileges via the product list function in the Master.php file. | 2023-04-10 | 6.1 | CVE-2023-26773 MISC MISC MISC MISC |
veritas -- netbackup_appliance_firmware | Veritas Appliance v4.1.0.1 is affected by Host Header Injection attacks. HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address. | 2023-04-10 | 6.1 | CVE-2023-26788 MISC MISC |
microsoft -- multiple_products | Microsoft Dynamics 365 Customer Voice Cross-Site Scripting Vulnerability | 2023-04-11 | 6.1 | CVE-2023-28313 MISC |
microsoft -- multiple_products | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | 2023-04-11 | 6.1 | CVE-2023-28314 MISC |
zohocorp -- manageengine_applications_manager | Stored Cross site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager through 16340 allows an unauthenticated user to inject malicious javascript on the incorrect login details page. | 2023-04-11 | 6.1 | CVE-2023-28341 MISC MISC |
cimatti -- wordpress_contact_forms | Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.5.4 versions. | 2023-04-07 | 6.1 | CVE-2023-28781 MISC |
cimatti -- wordpress_contact_forms | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.5.4 versions. | 2023-04-07 | 6.1 | CVE-2023-28789 MISC |
i13websolution -- continuous_image_carosel_with_lightbox | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin <= 1.0.15 versions. | 2023-04-07 | 6.1 | CVE-2023-28792 MISC |
magic-post-thumbnail -- magic_post_thumbnail | Unauth. Reflected Cross-site Scripting (XSS) vulnerability in Magic Post Thumbnail plugin <= 4.1.10 versions. | 2023-04-07 | 6.1 | CVE-2023-29171 MISC |
wp-property-hive -- propertyhive | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.46 versions. | 2023-04-07 | 6.1 | CVE-2023-29172 MISC |
cththemes -- outdoor | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Outdoor theme <= 3.9.6 versions. | 2023-04-07 | 6.1 | CVE-2023-29236 MISC |
implecode -- product_catalog_simple | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in impleCode Product Catalog Simple plugin <= 1.6.17 versions. | 2023-04-07 | 6.1 | CVE-2023-29388 MISC |
wacom -- driver | Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe. | 2023-04-11 | 5.9 | CVE-2022-43293 MISC MISC MISC |
allegro -- bigflow | Allegro Tech BigFlow <1.6 is vulnerable to Missing SSL Certificate Validation. | 2023-04-10 | 5.9 | CVE-2023-25392 MISC MISC |
canonical -- ubuntu_linux | It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack. | 2023-04-07 | 5.5 | CVE-2020-11935 UBUNTU UBUNTU |
apple -- ipados | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2. An app may be able to read sensitive location information | 2023-04-10 | 5.5 | CVE-2022-46703 MISC MISC MISC |
google -- android | In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | 2023-04-11 | 5.5 | CVE-2022-47335 MISC |
google -- android | In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | 2023-04-11 | 5.5 | CVE-2022-47336 MISC |
google -- android | In media service, there is a missing permission check. This could lead to local denial of service in media service. | 2023-04-11 | 5.5 | CVE-2022-47337 MISC |
google -- android | In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | 2023-04-11 | 5.5 | CVE-2022-47362 MISC |
google -- android | In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | 2023-04-11 | 5.5 | CVE-2022-47463 MISC |
google -- android | In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | 2023-04-11 | 5.5 | CVE-2022-47464 MISC |
google -- android | In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service. | 2023-04-11 | 5.5 | CVE-2022-47465 MISC |
google -- android | In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | 2023-04-11 | 5.5 | CVE-2022-47466 MISC |
google -- android | In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | 2023-04-11 | 5.5 | CVE-2022-47467 MISC |
google -- android | In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | 2023-04-11 | 5.5 | CVE-2022-47468 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26374 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26375 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26376 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26377 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26378 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26379 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26380 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26381 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26382 MISC |
adobe -- substance_3d_stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26385 MISC |
adobe -- substance_3d_stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26386 MISC |
adobe -- substance_3d_stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26387 MISC |
adobe -- acrobat_reader | Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26397 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26400 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26401 MISC |
adobe -- substance_3d_stager | Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26403 MISC |
adobe -- dimension | Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-04-12 | 5.5 | CVE-2023-26404 MISC |
microsoft -- windows_server_2008 | Windows Spoofing Vulnerability | 2023-04-11 | 5.5 | CVE-2023-28228 MISC |
microsoft -- windows_server_2008 | Windows Kernel Information Disclosure Vulnerability | 2023-04-11 | 5.5 | CVE-2023-28253 MISC |
microsoft -- visual_studio | Visual Studio Information Disclosure Vulnerability | 2023-04-11 | 5.5 | CVE-2023-28263 MISC |
microsoft -- windows_server_2008 | Windows Common Log File System Driver Information Disclosure Vulnerability | 2023-04-11 | 5.5 | CVE-2023-28266 MISC |
microsoft -- windows_server_2008 | Windows Kernel Memory Information Disclosure Vulnerability | 2023-04-11 | 5.5 | CVE-2023-28271 MISC |
microsoft -- multiple_products | Windows Kernel Denial of Service Vulnerability | 2023-04-11 | 5.5 | CVE-2023-28298 MISC |
microsoft -- visual_studio | Visual Studio Spoofing Vulnerability | 2023-04-11 | 5.5 | CVE-2023-28299 MISC |
ibm -- tririga_application_platform | IBM TRIRIGA Application Platform 4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 241036. | 2023-04-07 | 5.4 | CVE-2022-43914 MISC MISC |
keetrax -- wp_tiles | The WP Tiles WordPress plugin through 1.1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 2023-04-10 | 5.4 | CVE-2022-4827 MISC |
nlb-creations -- scheduled_announcements_widget | The Scheduled Announcements Widget WordPress plugin before 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 2023-04-10 | 5.4 | CVE-2023-0363 MISC |
fluentforms -- contact_form | The Contact Form Plugin WordPress plugin before 4.3.25 does not properly sanitize and escape the srcdoc attribute in iframes in it's custom HTML field type, allowing a logged in user with roles as low as contributor to inject arbitrary javascript into a form which will trigger for any visitor to the form or admins previewing or editing the form. | 2023-04-10 | 5.4 | CVE-2023-0546 MISC |
prolizyazilim -- student_affairs_information_system | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user.This issue affects OBS: before 23.04.01. | 2023-04-07 | 5.4 | CVE-2023-1726 MISC |
fullworksplugins -- quick_contact_form | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Contact Form plugin <= 8.0.3.1 versions. | 2023-04-07 | 5.4 | CVE-2023-23885 MISC |
openwrt -- luci | LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /openvpn/pageswitch.htm. | 2023-04-10 | 5.4 | CVE-2023-24181 MISC MISC MISC |
liveaction -- livesp | A cross-site scripting (XSS) vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary web scripts or HTML. | 2023-04-10 | 5.4 | CVE-2023-24721 MISC MISC |
kibokolabs -- arigato_autoresponder_and_newsletter | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions. | 2023-04-07 | 5.4 | CVE-2023-25061 MISC |
opencats -- opencats | A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the city parameter at opencats/index.php?m=candidates. | 2023-04-11 | 5.4 | CVE-2023-26846 MISC MISC |
opencats -- opencats | A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates. | 2023-04-11 | 5.4 | CVE-2023-26847 MISC MISC |
robogallery -- robo_gallery | Auth. (contributor+) Stored Cross-site Scripting (XSS) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.12 versions. | 2023-04-07 | 5.4 | CVE-2023-27620 MISC |
progress -- sitefinity | An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries. | 2023-04-10 | 5.4 | CVE-2023-29376 MISC MISC |
github -- enterprise_server | An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to modify other users' secret gists by authenticating through an SSH certificate authority. To do so, a user had to know the secret gist’s URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.9 and was fixed in versions 3.4.18, 3.5.15, 3.6.11, 3.7.8, and 3.8.1. This vulnerability was reported via the GitHub Bug Bounty program. | 2023-04-07 | 5.3 | CVE-2023-23761 MISC MISC MISC MISC MISC |
github -- enterprise_server | An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff. To do so, an attacker would need write access to the repository and be able to correctly guess the target branch before it’s created by the code maintainer. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.9 and was fixed in versions 3.4.18, 3.5.15, 3.6.11, 3.7.8, and 3.8.1. This vulnerability was reported via the GitHub Bug Bounty program. | 2023-04-07 | 5.3 | CVE-2023-23762 MISC MISC MISC MISC MISC |
sap -- netweaver_as_java_for_deploy_service | SAP NetWeaver AS Java for Deploy Service - version 7.5, does not perform any access control checks for functionalities that require user identity enabling an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access a service which will enable them to access but not modify server settings and data with no effect on availability and integrity. | 2023-04-11 | 5.3 | CVE-2023-24527 MISC MISC |
aten -- pe8108_firmware | Aten PE8108 2.4.232 is vulnerable to denial of service (DOS). | 2023-04-11 | 5.3 | CVE-2023-25414 MISC |
aten -- pe8108_firmware | Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated access to Event Notification configuration. | 2023-04-11 | 5.3 | CVE-2023-25415 MISC |
siemens -- mendix_forgot_password | A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions < V3.7.1), Mendix Forgot Password (Mendix 8 compatible) (All versions < V4.1.1), Mendix Forgot Password (Mendix 9 compatible) (All versions < V5.1.1). The affected versions of the module contain an observable response discrepancy issue that could allow an attacker to retrieve sensitive information. | 2023-04-11 | 5.3 | CVE-2023-27464 MISC |
microsoft -- multiple_products | Windows Enroll Engine Security Feature Bypass Vulnerability | 2023-04-11 | 5.3 | CVE-2023-28226 MISC |
siemens -- polarion_alm | A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem. | 2023-04-11 | 5.3 | CVE-2023-28828 MISC |
updraftplus -- all-in-one_security | The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not limit what log files to display in it's settings pages, allowing an authorized user (admin+) to view the contents of arbitrary files and list directories anywhere on the server (to which the web server has access). The plugin only displays the last 50 lines of the file. | 2023-04-10 | 4.9 | CVE-2023-0156 MISC |
h3c -- magic_r100_firmware | H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2023-04-07 | 4.9 | CVE-2023-27801 MISC |
h3c -- magic_r100_firmware | H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditvsList parameter at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2023-04-07 | 4.9 | CVE-2023-27802 MISC |
h3c -- magic_r100_firmware | H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2023-04-07 | 4.9 | CVE-2023-27803 MISC |
h3c -- magic_r100_firmware | H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2023-04-07 | 4.9 | CVE-2023-27804 MISC |
h3c -- magic_r100_firmware | H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2023-04-07 | 4.9 | CVE-2023-27805 MISC |
h3c -- magic_r100_firmware | H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2023-04-07 | 4.9 | CVE-2023-27806 MISC |
h3c -- magic_r100_firmware | H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2023-04-07 | 4.9 | CVE-2023-27807 MISC |
h3c -- magic_r100_firmware | H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2023-04-07 | 4.9 | CVE-2023-27808 MISC |
h3c -- magic_r100_firmware | H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2023-04-07 | 4.9 | CVE-2023-27810 MISC |
microsoft -- multiple_products | Windows DNS Server Information Disclosure Vulnerability | 2023-04-11 | 4.9 | CVE-2023-28277 MISC |
updraftplus -- all-in-one_security | The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not escape the content of log files before outputting it to the plugin admin page, allowing an authorized user (admin+) to plant bogus log files containing malicious JavaScript code that will be executed in the context of any administrator visiting this page. | 2023-04-10 | 4.8 | CVE-2023-0157 MISC |
article_directory_project -- article_directory | The Article Directory WordPress plugin through 1.3 does not properly sanitize the `publish_terms_text` setting before displaying it in the administration panel, which may enable administrators to conduct Stored XSS attacks in multisite contexts. | 2023-04-10 | 4.8 | CVE-2023-0422 MISC |
wordpress_amazon_s3_project -- wordpress_amazon_s3 | The WordPress Amazon S3 Plugin WordPress plugin before 1.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 2023-04-10 | 4.8 | CVE-2023-0423 MISC |
auto_rename_media_on_upload_project -- auto_rename_media_on_upload | The Auto Rename Media On Upload WordPress plugin before 1.1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 2023-04-10 | 4.8 | CVE-2023-0605 MISC |
klaviyo -- klavio | The Klaviyo WordPress plugin before 3.0.10 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 2023-04-10 | 4.8 | CVE-2023-0874 MISC |
dcac -- time_sheets | The Time Sheets WordPress plugin before 1.29.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-04-10 | 4.8 | CVE-2023-0893 MISC |
ibenic -- simple_giveaways | The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-04-10 | 4.8 | CVE-2023-1120 MISC |
ibenic -- simple_giveaways | The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-04-10 | 4.8 | CVE-2023-1121 MISC |
ibenic -- simple_giveaways | The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its Giveaways options, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-04-10 | 4.8 | CVE-2023-1122 MISC |
online_computer_and_laptop_store_project -- online_computer_and_laptop_store | A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/?page=maintenance/brand. The manipulation of the argument Brand Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225536. | 2023-04-11 | 4.8 | CVE-2023-1988 MISC MISC MISC |
easy_panorama_project -- easy_panorama | Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Leonardo Giacone Easy Panorama plugin <= 1.1.4 versions. | 2023-04-07 | 4.8 | CVE-2023-23799 MISC |
auto_hide_admin_bar_project -- auto_hide_admin_bar | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin <= 1.6.1 versions. | 2023-04-07 | 4.8 | CVE-2023-23994 MISC |
snapcreek -- ezp_coming_soon_page | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap Creek Software EZP Coming Soon Page plugin <= 1.0.7.3 versions. | 2023-04-07 | 4.8 | CVE-2023-24398 MISC |
wpbookingsystem -- wp_booking_system | Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin <= 2.0.18 versions. | 2023-04-07 | 4.8 | CVE-2023-24402 MISC |
kibokolabs -- watu_quiz | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.8 versions. | 2023-04-07 | 4.8 | CVE-2023-25022 MISC |
kibokolabs -- chained_quiz | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Chained Quiz plugin <= 1.3.2.5 versions. | 2023-04-07 | 4.8 | CVE-2023-25027 MISC |
kibokolabs -- arigato_autoresponder_and_newsletter | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1 versions. | 2023-04-07 | 4.8 | CVE-2023-25031 MISC |
podlove -- podlove_podcast_publisher | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.2 versions. | 2023-04-07 | 4.8 | CVE-2023-25046 MISC |
implecode -- ecommerce_product_catalog | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.4 versions. | 2023-04-07 | 4.8 | CVE-2023-25049 MISC |
avalex -- avalex | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in avalex GmbH avalex – Automatically secure legal texts plugin <= 3.0.3 versions. | 2023-04-07 | 4.8 | CVE-2023-25059 MISC |
zeno_font_resizer_project -- zeno_font_resizer | Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Marcel Pol Zeno Font Resizer plugin <= 1.7.9 versions. | 2023-04-07 | 4.8 | CVE-2023-25442 MISC |
streamweasels -- twitch_player | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in StreamWeasels Twitch Player plugin <= 2.1.0 versions. | 2023-04-07 | 4.8 | CVE-2023-25464 MISC |
fullworksplugins -- quick_paypal_payments | Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions. | 2023-04-07 | 4.8 | CVE-2023-25702 MISC |
goprayer -- wp_prayer | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Go Prayer WP Prayer plugin <= 1.9.6 versions. | 2023-04-07 | 4.8 | CVE-2023-25705 MISC |
wp-buddy -- google_analytics_opt-out | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP-Buddy Google Analytics Opt-Out plugin <= 2.3.4 versions. | 2023-04-07 | 4.8 | CVE-2023-25712 MISC |
announce_from_the_dashboard_project -- announce_from_the_dashboard | Auth (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gqevu6bsiz Announce from the Dashboard plugin <= 1.5.1 versions. | 2023-04-07 | 4.8 | CVE-2023-25716 MISC |
piwebsolution -- product_page_shipping_calculator_for_woocommerce | Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <= 1.3.20 versions. | 2023-04-07 | 4.8 | CVE-2023-29094 MISC |
piwebsolution -- product_enquiry_for_woocommerce | Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product Enquiry for WooCommerce, WooCommerce product catalog plugin <= 2.2.12 versions. | 2023-04-07 | 4.8 | CVE-2023-29170 MISC |
microsoft -- windows_server_2008 | Windows Group Policy Security Feature Bypass Vulnerability | 2023-04-11 | 4.4 | CVE-2023-28276 MISC |
sap -- hcm_fiori_app_my_forms | SAP HCM Fiori App My Forms (Fiori 2.0) - version 605, does not perform necessary authorization checks for an authenticated user exposing the restricted header data. | 2023-04-11 | 4.3 | CVE-2023-1903 MISC MISC |
my-blog_project -- my-blog | A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-225264. | 2023-04-07 | 4.3 | CVE-2023-1937 MISC MISC MISC |
microsoft -- multiple_products | Remote Procedure Call Runtime Information Disclosure Vulnerability | 2023-04-11 | 4.3 | CVE-2023-21729 MISC |
aten -- pe8108_firmware | Aten PE8108 2.4.232 is vulnerable to Cross Site Request Forgery (CSRF). | 2023-04-11 | 4.3 | CVE-2023-25411 MISC |
opencats -- opencats | A Cross-Site Request Forgery (CSRF) in OpenCATS 0.9.7 allows attackers to force users into submitting web requests via unspecified vectors. | 2023-04-11 | 4.3 | CVE-2023-26845 MISC MISC |
microsoft -- edge_chromium | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 2023-04-11 | 4.3 | CVE-2023-28284 MISC |
silverwaregames -- silverwaregames | SilverwareGames.io versions before 1.2.19 allow users with access to the game upload panel to edit download links for games uploaded by other developers. This has been fixed in version 1.2.19. | 2023-04-10 | 4.3 | CVE-2023-29192 MISC |
microsoft -- edge_chromium | Microsoft Edge (Chromium-based) Tampering Vulnerability | 2023-04-11 | 4.2 | CVE-2023-28301 MISC |
Low Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apple -- iphone_os | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16. A person with physical access to a device may be able to use Siri to access private calendar information | 2023-04-10 | 2.4 | CVE-2022-32871 MISC |
apple -- ipados | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2. A user with physical access to a locked Apple Watch may be able to view user photos via accessibility features | 2023-04-10 | 2.4 | CVE-2022-46717 MISC |
Severity Not Yet Assigned
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
bestwebsoft -- contact_form | A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrm_settings_page of the file contact_form.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 3.22 is able to address this issue. The name of the patch is 8398d96ff0fe45ec9267d7259961c2ef89ed8005. It is recommended to upgrade the affected component. The identifier VDB-225321 was assigned to this vulnerability. | 2023-04-09 | not yet calculated | CVE-2012-10010 MISC MISC MISC |
wordpress -- wordpress | A vulnerability was found in Editorial Calendar Plugin up to 2.6. It has been declared as critical. Affected by this vulnerability is the function edcal_filter_where of the file edcal.php. The manipulation of the argument edcal_startDate/edcal_endDate leads to sql injection. The attack can be launched remotely. Upgrading to version 2.7 is able to address this issue. The name of the patch is a9277f13781187daee760b4dfd052b1b68e101cc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-225151. | 2023-04-08 | not yet calculated | CVE-2013-10023 MISC MISC MISC MISC |
wordpress -- wordpress | A vulnerability has been found in Exit Strategy Plugin 1.55 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file exitpage.php. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 1.59 is able to address this issue. The name of the patch is d964b8e961b2634158719f3328f16eda16ce93ac. It is recommended to upgrade the affected component. The identifier VDB-225265 was assigned to this vulnerability. | 2023-04-08 | not yet calculated | CVE-2013-10024 MISC MISC MISC |
wordpress -- wordpress | A vulnerability was found in Exit Strategy Plugin 1.55 and classified as problematic. Affected by this issue is the function exitpageadmin of the file exitpage.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 1.59 is able to address this issue. The name of the patch is d964b8e961b2634158719f3328f16eda16ce93ac. It is recommended to upgrade the affected component. VDB-225266 is the identifier assigned to this vulnerability. | 2023-04-08 | not yet calculated | CVE-2013-10025 MISC MISC MISC |
bestwebsoft -- contact_form | A vulnerability was found in BestWebSoft Contact Form Plugin 1.3.4 and classified as problematic. Affected by this issue is the function bws_add_menu_render of the file bws_menu/bws_menu.php. The manipulation of the argument bwsmn_form_email leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.3.7 is able to address this issue. The name of the patch is 4d531f74b4a801c805dc80360d4ea1312e9a278f. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225320. | 2023-04-09 | not yet calculated | CVE-2014-125095 MISC MISC MISC |
wordpress -- wordpress | A vulnerability was found in Broken Link Checker Plugin up to 1.10.5. It has been rated as problematic. Affected by this issue is the function print_module_list/show_warnings_section_notice/status_text/ui_get_action_links. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.10.6 is able to address this issue. The name of the patch is f30638869e281461b87548e40b517738b4350e47. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225152. | 2023-04-08 | not yet calculated | CVE-2015-10098 MISC MISC MISC MISC |
wordpress -- wordpress | A vulnerability classified as critical has been found in CP Appointment Calendar Plugin up to 1.1.5. This affects the function dex_process_ready_to_go_appointment of the file dex_appointments.php. The manipulation of the argument itemnumber leads to sql injection. It is possible to initiate the attack remotely. The name of the patch is e29a9cdbcb0f37d887dd302a05b9e8bf213da01d. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-225351. | 2023-04-10 | not yet calculated | CVE-2015-10099 MISC MISC MISC |
wordpress -- wordpress | A vulnerability classified as problematic was found in Google Analytics Top Content Widget Plugin up to 1.5.6 on WordPress. Affected by this vulnerability is an unknown functionality of the file class-tgm-plugin-activation.php. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.5.7 is able to address this issue. The name of the patch is 25bb1dea113716200a6f0f3135801d84a7a65540. It is recommended to upgrade the affected component. The identifier VDB-226117 was assigned to this vulnerability. | 2023-04-15 | not yet calculated | CVE-2015-10101 MISC MISC MISC |
gitlab -- community/enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. The diff formatter using rouge can block for a long time in Sidekiq jobs without any timeout. | 2023-04-15 | not yet calculated | CVE-2018-15472 MISC CONFIRM |
gitlab -- community/enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Remote attackers could obtain sensitive information about issues, comments, and project titles via events API insecure direct object reference. | 2023-04-15 | not yet calculated | CVE-2018-17449 MISC CONFIRM |
gitlab -- community/enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via the Kubernetes integration, leading (for example) to disclosure of a GCP service token. | 2023-04-15 | not yet calculated | CVE-2018-17450 MISC CONFIRM |
gitlab -- community/enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Cross Site Request Forgery (CSRF) in the Slack integration for issuing slash commands. | 2023-04-15 | not yet calculated | CVE-2018-17451 MISC CONFIRM |
gitlab -- community/enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via a loopback address to the validate_localhost function in url_blocker.rb. | 2023-04-15 | not yet calculated | CVE-2018-17452 MISC CONFIRM |
gitlab -- community/enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers may have been able to obtain sensitive access-token data from Sentry logs via the GRPC::Unknown exception. | 2023-04-15 | not yet calculated | CVE-2018-17453 MISC CONFIRM |
gitlab -- community/enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is stored XSS on the issue details screen. | 2023-04-15 | not yet calculated | CVE-2018-17454 MISC CONFIRM |
gitlab -- community/enterprise_edition | An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers could obtain sensitive information about group names, avatars, LDAP settings, and descriptions via an insecure direct object reference to the "merge request approvals" feature. | 2023-04-15 | not yet calculated | CVE-2018-17455 MISC CONFIRM |
gitlab -- community/enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is stored XSS on the merge request page via project import. | 2023-04-15 | not yet calculated | CVE-2018-17536 MISC CONFIRM |
lilypond -- lilypond | LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used. | 2023-04-15 | not yet calculated | CVE-2020-17354 MISC MISC MISC CONFIRM MISC MISC |
milken -- doyocms | File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type parameter. | 2023-04-11 | not yet calculated | CVE-2020-19802 MISC |
milken -- doyocms | Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the background system settings. | 2023-04-11 | not yet calculated | CVE-2020-19803 MISC MISC |
sqlite3 -- sqlite3 | Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script. | 2023-04-11 | not yet calculated | CVE-2020-24736 MISC |
score -- score | The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles (potentially including unauthenticated anonymous users) to execute arbitrary Scheme or shell code by using crafted {{Image data to generate musical scores containing malicious code. | 2023-04-15 | not yet calculated | CVE-2020-29007 MISC MISC MISC MISC MISC |
tailor_mangement_system -- tailor_mangement_system | SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the customer parameter of the orderadd.php file | 2023-04-10 | not yet calculated | CVE-2020-36077 MISC MISC |
cs-cart -- shipstation | The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database (via action=shipnotify) because access to this endpoint is completely unchecked. The attacker must guess an order number. | 2023-04-11 | not yet calculated | CVE-2020-9009 MISC MISC |
visualeditor -- visualeditor | An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2. . When using VisualEditor to edit a MediaWiki user page belonging to an existing, but hidden, user, VisualEditor will disclose that the user exists. (It shouldn't because they are hidden.) This is related to ApiVisualEditor. | 2023-04-15 | not yet calculated | CVE-2021-30153 CONFIRM CONFIRM MISC |
mailman_core -- mailman_core | An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces. | 2023-04-15 | not yet calculated | CVE-2021-34337 MISC MISC MISC |
openbmc -- openbmc | In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface. | 2023-04-15 | not yet calculated | CVE-2021-39295 MISC MISC CONFIRM MISC MISC MISC |
lldpd -- lldpd | In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets. | 2023-04-15 | not yet calculated | CVE-2021-43612 MISC CONFIRM CONFIRM |
kvmtool -- kvmtool | kvmtool through 39181fc allows an out-of-bounds write, related to virtio/balloon.c and virtio/pci.c. This allows a guest OS user to execute arbitrary code on the host machine. | 2023-04-15 | not yet calculated | CVE-2021-45464 MISC MISC MISC MISC |
fluent -- treasure_data_fluent_bit | An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in flb_pack_msgpack_to_json_format leads to type confusion bug that interprets whatever is on the stack as msgpack maps and arrays, leading to use-after-free. This can be used by an attacker to craft a specially craft file and trick the victim opening it using the affect software, triggering use-after-free and execute arbitrary code on the target system. | 2023-04-11 | not yet calculated | CVE-2021-46878 MISC MISC |
fluent -- treasure_data_fluent_bit | An issue was discovered in Treasure Data Fluent Bit 1.7.1, a wrong variable is used to get the msgpack data resulting in a heap overflow in flb_msgpack_gelf_value_ext. An attacker can craft a malicious file and tick the victim to open the file with the software, triggering a heap overflow and execute arbitrary code on the target system. | 2023-04-11 | not yet calculated | CVE-2021-46879 MISC MISC |
libressl/openbsd -- libressl/openbsd | x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded. | 2023-04-15 | not yet calculated | CVE-2021-46880 MISC MISC MISC |
insyde -- kernel | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. Specially formatted buffer contents used for software SMI could cause SMRAM corruption, leading to escalation of privilege. | 2023-04-12 | not yet calculated | CVE-2022-24350 MISC MISC |
calibre-web -- calibre-web | Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20. | 2023-04-15 | not yet calculated | CVE-2022-2525 CONFIRM MISC |
qualcomm -- snapdragon | Memory correction in modem due to buffer overwrite during coap connection | 2023-04-13 | not yet calculated | CVE-2022-25678 MISC |
qualcomm -- snapdragon | Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet | 2023-04-13 | not yet calculated | CVE-2022-25726 MISC |
qualcomm -- snapdragon | Information disclosure in modem due to improper check of IP type while processing DNS server query | 2023-04-13 | not yet calculated | CVE-2022-25730 MISC |
qualcomm -- snapdragon | Information disclosure in modem due to buffer over-read while processing packets from DNS server | 2023-04-13 | not yet calculated | CVE-2022-25731 MISC |
qualcomm -- snapdragon | Information disclosure in modem due to missing NULL check while reading packets received from local network | 2023-04-13 | not yet calculated | CVE-2022-25737 MISC |
qualcomm -- snapdragon | Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call | 2023-04-13 | not yet calculated | CVE-2022-25739 MISC |
qualcomm -- snapdragon | Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface | 2023-04-13 | not yet calculated | CVE-2022-25740 MISC |
qualcomm -- snapdragon | Memory corruption in modem due to improper input validation while handling the incoming CoAP message | 2023-04-13 | not yet calculated | CVE-2022-25745 MISC |
qualcomm -- snapdragon | Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message | 2023-04-13 | not yet calculated | CVE-2022-25747 MISC |
fortinet -- fortisandbox | A improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-89] in Fortinet FortiSandbox version 4.2.0, 4.0.0 through 4.0.2, 3.2.0 through 3.2.3, 3.1.x and 3.0.x allows a remote and authenticated attacker with read permission to retrieve arbitrary files from the underlying Linux system via a crafted HTTP request. | 2023-04-11 | not yet calculated | CVE-2022-27485 MISC |
fortinet -- fortisandbox | A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS requests. | 2023-04-11 | not yet calculated | CVE-2022-27487 MISC |
qualcomm -- snapdragon | memory corruption in modem due to improper check while calculating size of serialized CoAP message | 2023-04-13 | not yet calculated | CVE-2022-33211 MISC |
qualcomm -- snapdragon | Information disclosure due to buffer over-read while parsing DNS response packets in Modem. | 2023-04-13 | not yet calculated | CVE-2022-33222 MISC |
qualcomm -- snapdragon | Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding. | 2023-04-13 | not yet calculated | CVE-2022-33223 MISC |
qualcomm -- snapdragon | Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header. | 2023-04-13 | not yet calculated | CVE-2022-33228 MISC |
qualcomm -- snapdragon | Memory corruption due to double free in core while initializing the encryption key. | 2023-04-13 | not yet calculated | CVE-2022-33231 MISC |
qualcomm -- snapdragon | Information disclosure due to buffer over-read in modem while reading configuration parameters. | 2023-04-13 | not yet calculated | CVE-2022-33258 MISC |
qualcomm -- snapdragon | Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received. | 2023-04-13 | not yet calculated | CVE-2022-33259 MISC |
qualcomm -- snapdragon | Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment. | 2023-04-13 | not yet calculated | CVE-2022-33269 MISC |
qualcomm -- snapdragon | Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message. | 2023-04-13 | not yet calculated | CVE-2022-33270 MISC |
qualcomm -- snapdragon | Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback. | 2023-04-13 | not yet calculated | CVE-2022-33282 MISC |
qualcomm -- snapdragon | Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet. | 2023-04-13 | not yet calculated | CVE-2022-33287 MISC |
qualcomm -- snapdragon | Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. | 2023-04-13 | not yet calculated | CVE-2022-33288 MISC |
qualcomm -- snapdragon | Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | 2023-04-13 | not yet calculated | CVE-2022-33289 MISC |
qualcomm -- snapdragon | Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length. | 2023-04-13 | not yet calculated | CVE-2022-33291 MISC |
qualcomm -- snapdragon | Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message. | 2023-04-13 | not yet calculated | CVE-2022-33294 MISC |
qualcomm -- snapdragon | Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length. | 2023-04-13 | not yet calculated | CVE-2022-33295 MISC |
qualcomm -- snapdragon | Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | 2023-04-13 | not yet calculated | CVE-2022-33296 MISC |
qualcomm -- snapdragon | Information disclosure due to buffer overread in Linux sensors | 2023-04-13 | not yet calculated | CVE-2022-33297 MISC |
qualcomm -- snapdragon | Memory corruption due to use after free in Modem while modem initialization. | 2023-04-13 | not yet calculated | CVE-2022-33298 MISC |
qualcomm -- snapdragon | Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM. | 2023-04-13 | not yet calculated | CVE-2022-33301 MISC |
qualcomm -- snapdragon | Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | 2023-04-13 | not yet calculated | CVE-2022-33302 MISC |
fortinet -- fortiauthenticator | An improper neutralization of script-related HTML tags in a web page vulnerability [CWE-80] in FortiAuthenticator versions 6.4.0 through 6.4.4, 6.3.0 through 6.3.3, all versions of 6.2 and 6.1 may allow a remote unauthenticated attacker to trigger a reflected cross site scripting (XSS) attack via the "reset-password" page. | 2023-04-11 | not yet calculated | CVE-2022-35850 MISC |
hitachi_vantara -- pentaho_business_analytics_server | Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.3.0.0, 9.2.0.4 and 8.3.0.27 allow a malicious URL to inject content into a dashboard when the CDE plugin is present. | 2023-04-11 | not yet calculated | CVE-2022-3695 MISC |
upstream_works -- agent_desktop_for_cisco_finesse | A stored Cross-Site Scripting (XSS) vulnerability in the Chat gadget in Upstream Works Agent Desktop for Cisco Finesse through 4.2.12 and 5.0 allows remote attackers to inject arbitrary web script or HTML via AttachmentId in the file-upload details. | 2023-04-10 | not yet calculated | CVE-2022-37462 MISC MISC |
forgerock_inc -- access_management | Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication Bypass.This issue affects Access Management: from 6.5.0 through 7.2.0. | 2023-04-14 | not yet calculated | CVE-2022-3748 MISC MISC MISC |
qualcomm -- snapdragon | Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. | 2023-04-13 | not yet calculated | CVE-2022-40503 MISC |
qualcomm -- snapdragon | Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | 2023-04-13 | not yet calculated | CVE-2022-40532 MISC |
fortinet -- fortiadc/fortiddos | An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 5.x all versions, 6.0 all versions, 6.1 all versions, 6.2.0 through 6.2.4, 7.0.0 through 7.0.3, 7.1.0; FortiDDoS 4.x all versions, 5.0 all versions, 5.1 all versions, 5.2 all versions, 5.3 all versions, 5.4 all versions, 5.5 all versions, 5.6 all versions and FortiDDoS-F 6.4.0, 6.3.0 through 6.3.3, 6.2.0 through 6.2.2, 6.1.0 through 6.1.4 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | 2023-04-11 | not yet calculated | CVE-2022-40679 MISC |
fortinet -- forticlient_for_windows | A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe. | 2023-04-11 | not yet calculated | CVE-2022-40682 MISC |
fortinet -- fortios/fortiproxy | An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests. | 2023-04-11 | not yet calculated | CVE-2022-41330 MISC |
fortinet -- fortipresence | A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests. | 2023-04-11 | not yet calculated | CVE-2022-41331 MISC |
fortinet -- fortigate | A permissive list of allowed inputs vulnerability [CWE-183] in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal. | 2023-04-11 | not yet calculated | CVE-2022-42469 MISC |
fortinet -- forticlient_for_windows | A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe. | 2023-04-11 | not yet calculated | CVE-2022-42470 MISC |
fortinet -- fortianalyzer | An improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries. | 2023-04-11 | not yet calculated | CVE-2022-42477 MISC |
supermicro -- x11sl-cf_hw | Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions. | 2023-04-07 | not yet calculated | CVE-2022-43309 MISC MISC MISC |
open-xchange -- ox_app_suite | OX App Suite before 7.10.6-rev20 allows XSS via upsell ads. | 2023-04-15 | not yet calculated | CVE-2022-43696 MISC MISC |
open-xchange -- ox_app_suite | OX App Suite before 7.10.6-rev30 allows XSS via an activity tracking adapter defined by jslob. | 2023-04-15 | not yet calculated | CVE-2022-43697 MISC MISC |
open-xchange -- ox_app_suite | OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list. | 2023-04-15 | not yet calculated | CVE-2022-43698 MISC MISC |
open-xchange -- ox_app_suite | OX App Suite before 7.10.6-rev30 allows SSRF because e-mail account discovery disregards the deny-list and thus can be attacked by an adversary who controls the DNS records of an external domain (found in the host part of an e-mail address). | 2023-04-15 | not yet calculated | CVE-2022-43699 MISC MISC |
hitachi_vantara -- pentaho_business_analytics_server | Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.4 and 8.3.0.27 does not correctly perform an authorization check in the dashboard editor plugin API. | 2023-04-11 | not yet calculated | CVE-2022-43770 MISC |
fortinet -- forticlient_for_windows | Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute commands via writing data into a windows pipe. | 2023-04-11 | not yet calculated | CVE-2022-43946 MISC |
fortinet -- fortios/fortiproxy | An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions. | 2023-04-11 | not yet calculated | CVE-2022-43947 MISC |
fortinet -- fortiadc/fortiweb | A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7.0.0 through 7.0.3, FortiADC version 7.1.0 through 7.1.1, FortiADC version 7.0.0 through 7.0.3, FortiADC 6.2 all versions, FortiADC 6.1 all versions, FortiADC 6.0 all versions, FortiADC 5.4 all versions, FortiADC 5.3 all versions, FortiADC 5.2 all versions, FortiADC 5.1 all versions allows attacker to execute unauthorized code or commands via specifically crafted arguments to existing commands. | 2023-04-11 | not yet calculated | CVE-2022-43948 MISC |
fortinet -- fortinac | An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below may allow an unauthenticated attacker to access sensitive information via crafted HTTP requests. | 2023-04-11 | not yet calculated | CVE-2022-43951 MISC |
fortinet -- fortiadc | An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests. | 2023-04-11 | not yet calculated | CVE-2022-43952 MISC |
fortinet -- fortiweb | An improper neutralization of input during web page generation [CWE-79] in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross site scripting attack (XSS) via injecting malicious payload in log entries used to build report. | 2023-04-11 | not yet calculated | CVE-2022-43955 MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting') vulnerability in Zephilou Cyklodev WP Notify plugin <= 1.2.1 versions. | 2023-04-13 | not yet calculated | CVE-2022-44625 MISC |
rconfig -- rconfig | A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (this may interact with secure-file-priv). | 2023-04-15 | not yet calculated | CVE-2022-45030 MISC MISC |
oracle -- apache_sling_engine | The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API resulting in a generic type of include-based cross-site scripting issues on the Apache Sling level. The vulnerability is exploitable by an attacker that is able to include a resource with specific content-type and control the include path (i.e. writing content). The impact of a successful attack is privilege escalation to administrative power. Please update to Apache Sling Engine >= 2.14.0 and enable the "Check Content-Type overrides" configuration option. | 2023-04-13 | not yet calculated | CVE-2022-45064 MISC |
livebox -- collaboration_vdesk | An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malicious user, logged into a victim's account, is able to decipher a file without knowing the key set by the user. | 2023-04-14 | not yet calculated | CVE-2022-45170 MISC |
livebox -- collaboration_vdesk | An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /api/v1/vdeskintegration/challenge endpoint. Because only the client-side verifies whether a check was successful, an attacker can modify the response, and fool the application into concluding that the TOTP was correct. | 2023-04-14 | not yet calculated | CVE-2022-45173 MISC |
livebox -- collaboration_vdesk | An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication for SAML Users can occur under the /login/backup_code endpoint and the /api/v1/vdeskintegration/challenge endpoint. The correctness of the TOTP is not checked properly, and can be bypassed by passing any string as the backup code. | 2023-04-14 | not yet calculated | CVE-2022-45174 MISC |
livebox -- collaboration_vdesk | An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/{ID-FILE]/c/{N]/{C]/websocket endpoint. A malicious unauthenticated user can access cached files in the OnlyOffice backend of other users by guessing the file ID of a target file. | 2023-04-14 | not yet calculated | CVE-2022-45175 MISC |
livebox -- collaboration_vdesk | An issue was discovered in LIVEBOX Collaboration vDesk through v018. Broken Access Control exists under the /api/v1/vdeskintegration/saml/user/createorupdate endpoint, the /settings/guest-settings endpoint, the /settings/samlusers-settings endpoint, and the /settings/users-settings endpoint. A malicious user (already logged in as a SAML User) is able to achieve privilege escalation from a low-privilege user (FGM user) to an administrative user (GGU user), including the administrator, or create new users even without an admin role. | 2023-04-14 | not yet calculated | CVE-2022-45178 MISC |
livebox -- collaboration_vdesk | An issue was discovered in LIVEBOX Collaboration vDesk through v018. Broken Access Control exists under the /api/v1/vdesk_{DOMAIN]/export endpoint. A malicious user, authenticated to the product without any specific privilege, can use the API for exporting information about all users of the system (an operation intended to only be available to the system administrator). | 2023-04-14 | not yet calculated | CVE-2022-45180 MISC |
wordpress -- wordpress | Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Silkalns Activello theme <= 1.4.4 versions. | 2023-04-13 | not yet calculated | CVE-2022-45358 MISC |
arm -- mali_kernel | An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0. | 2023-04-11 | not yet calculated | CVE-2022-46396 MISC |
servicenow -- servicenow | There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain. | 2023-04-14 | not yet calculated | CVE-2022-46886 MISC |
timmystudios -- fast_typing_keyboard | Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary files in its internal storage via a dictionary traversal vulnerability and achieve arbitrary code execution. | 2023-04-14 | not yet calculated | CVE-2022-47027 MISC MISC MISC |
dnn_corp -- dotnetnuke | An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file. | 2023-04-12 | not yet calculated | CVE-2022-47053 MISC MISC |
oracle -- apache_ofbiz | Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a pre-authentication attack. This issue affects Apache OFBiz: before 18.12.07. | 2023-04-14 | not yet calculated | CVE-2022-47501 MISC MISC MISC |
ieee_802.11 -- ieee_802.11 | The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key. | 2023-04-15 | not yet calculated | CVE-2022-47522 MISC MISC MISC |
wordpress -- wordpress | Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404 Pro plugin <= 3.7.0 versions. | 2023-04-12 | not yet calculated | CVE-2022-47605 MISC |
x2crm_open_source_sales_crm -- x2crm_open_source_sales_crm | X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the adin/importModels Import Records Model field (model parameter). This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user's browser. | 2023-04-15 | not yet calculated | CVE-2022-48177 MISC MISC |
x2crm_open_source_sales_crm -- x2crm_open_source_sales_crm | X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Create Action function, aka an index.php/actions/update URI. | 2023-04-15 | not yet calculated | CVE-2022-48178 MISC MISC |
libressl/openbsd -- libressl/openbsd | An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed verification callback that instructs the verifier to continue upon detecting an invalid certificate. | 2023-04-12 | not yet calculated | CVE-2022-48437 MISC MISC MISC |
protobuf-c -- protobuf-c | protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. | 2023-04-13 | not yet calculated | CVE-2022-48468 MISC MISC MISC MISC |
palo_alto_networks -- pan-os | A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software. | 2023-04-12 | not yet calculated | CVE-2023-0004 MISC |
palo_alto_networks -- pan-os | A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys. | 2023-04-12 | not yet calculated | CVE-2023-0005 MISC |
palo_alto_networks -- globalprotect | A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition. | 2023-04-12 | not yet calculated | CVE-2023-0006 MISC |
libjxl -- libjxl | An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 | 2023-04-11 | not yet calculated | CVE-2023-0645 MISC MISC |
mitsubishi_electric_india -- gc-enet-com | Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in Ethernet communication by sending a large number of specially crafted packets to any UDP port when GC-ENET-COM is configured as a Modbus TCP Server. The communication resumes only when the power of the main unit is turned off and on or when the GC-ENET-COM is hot-swapped from the main unit. | 2023-04-14 | not yet calculated | CVE-2023-1285 MISC MISC |
canonical_ltd -- apport_for_linux | A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit. | 2023-04-13 | not yet calculated | CVE-2023-1326 MISC |
ge_gas_power -- toolboxst | ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an untrusted configuration file. Two CVSS scores have been provided to capture the differences between the two aforementioned attack vectors. Customers are advised to update to ToolboxST 7.10 which can be found in ControlST 7.10. If unable to update at this time customers should ensure they are following the guidance laid out in GE Gas Power's Secure Deployment Guide (GEH-6839). Customers should ensure they are not running ToolboxST as an Administrative user. | 2023-04-11 | not yet calculated | CVE-2023-1552 MISC |
b&r_ industrial_automation -- b&r_vc4 | Improper Authentication vulnerability in B&R Industrial Automation B&R VC4 (VNC-Server modules). This vulnerability may allow an unauthenticated network-based attacker to bypass the authentication mechanism of the VC4 visualization on affected devices. The impact of this vulnerability depends on the functionality provided in the visualization. This issue affects B&R VC4: from 3.* through 3.96.7, from 4.0* through 4.06.7, from 4.1* through 4.16.3, from 4.2* through 4.26.8, from 4.3* through 4.34.6, from 4.4* through 4.45.1, from 4.5* through 4.45.3, from 4.7* through 4.72.9. | 2023-04-14 | not yet calculated | CVE-2023-1617 MISC |
openvswitch -- openvswitch | A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow. | 2023-04-10 | not yet calculated | CVE-2023-1668 MISC MISC DEBIAN |
linux -- kernel | A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28. | 2023-04-12 | not yet calculated | CVE-2023-1829 MISC MISC |
linux -- kernel | A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8. | 2023-04-12 | not yet calculated | CVE-2023-1872 MISC MISC |
wordpress -- wordpress | The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiple_roles_update function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wpda_role[]' parameter during a profile update. This requires the 'Enable role management' setting to be enabled for the site. | 2023-04-12 | not yet calculated | CVE-2023-1874 MISC MISC MISC MISC MISC |
imagemagick -- magickcore | A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. | 2023-04-12 | not yet calculated | CVE-2023-1906 MISC MISC MISC MISC MISC |
tiffcrop -- libtiff | A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. | 2023-04-10 | not yet calculated | CVE-2023-1916 MISC MISC |
devolutions -- remote_desktop_manager | No access control for the OTP key on OTP entries in Devolutions Remote Desktop Manager Windows 2022.3.33.0 and prior versions and Remote Desktop Manager Linux 2022.3.2.0 and prior versions allows non admin users to see OTP keys via the user interface. | 2023-04-11 | not yet calculated | CVE-2023-1939 MISC |
sourcecodester -- survey_application_system | A vulnerability was found in SourceCodester Survey Application System 1.0 and classified as problematic. This issue affects some unknown processing of the component Add New Handler. The manipulation of the argument Title with the input <script>prompt(document.domain)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225329 was assigned to this vulnerability. | 2023-04-07 | not yet calculated | CVE-2023-1946 MISC MISC |
tao_interactive-- taocms | A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225330 is the identifier assigned to this vulnerability. | 2023-04-07 | not yet calculated | CVE-2023-1947 MISC MISC MISC |
phpgurukul -- bp_monitoring_management_system | A vulnerability, which was classified as problematic, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file add-family-member.php of the component Add New Family Member Handler. The manipulation of the argument Member Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225335. | 2023-04-08 | not yet calculated | CVE-2023-1948 MISC MISC MISC |
phpgurukul -- bp_monitoring_management_system | A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file change-password.php of the component Change Password Handler. The manipulation of the argument password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225336. | 2023-04-08 | not yet calculated | CVE-2023-1949 MISC MISC MISC |
phpgurukul -- bp_monitoring_management_system | A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file password-recovery.php of the component Password Recovery. The manipulation of the argument emailid/contactno leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225337 was assigned to this vulnerability. | 2023-04-08 | not yet calculated | CVE-2023-1950 MISC MISC MISC |
sourcecodester -- online_computer_and_laptop_store | A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/?page=system_info. The manipulation of the argument System Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225348. | 2023-04-08 | not yet calculated | CVE-2023-1961 MISC MISC MISC |
sourcecodester -- best_online_news_portal | A vulnerability classified as critical was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225361 was assigned to this vulnerability. | 2023-04-09 | not yet calculated | CVE-2023-1962 MISC MISC MISC |
phpgurukul -- bp_monitoring_management_system | A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php of the component Search. The manipulation of the argument searchinput leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225359. | 2023-04-09 | not yet calculated | CVE-2023-1963 MISC MISC MISC |
phpgurukul -- bp_monitoring_management_system | A vulnerability classified as critical has been found in PHPGurukul Bank Locker Management System 1.0. Affected is an unknown function of the file recovery.php of the component Password Reset. The manipulation of the argument uname/mobile leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225360. | 2023-04-09 | not yet calculated | CVE-2023-1964 MISC MISC MISC |
answerdev -- answer | Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8. | 2023-04-11 | not yet calculated | CVE-2023-1974 MISC CONFIRM |
answerdev -- answer | Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8. | 2023-04-11 | not yet calculated | CVE-2023-1975 MISC CONFIRM |
answerdev -- answer | Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6. | 2023-04-11 | not yet calculated | CVE-2023-1976 MISC CONFIRM |
devolutions -- remote_desktop_manager | Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries. | 2023-04-11 | not yet calculated | CVE-2023-1980 MISC |
sourcecodester -- sales_tracker_management_system | A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/products/manage_product.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-225530 is the identifier assigned to this vulnerability. | 2023-04-11 | not yet calculated | CVE-2023-1983 MISC MISC MISC |
sourcecodester -- complaint_management_system | A vulnerability classified as critical was found in SourceCodester Complaint Management System 1.0. This vulnerability affects unknown code of the file /users/check_availability.php of the component POST Parameter Handler. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225532. | 2023-04-11 | not yet calculated | CVE-2023-1984 MISC MISC MISC |
linux -- kernel | A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices. | 2023-04-11 | not yet calculated | CVE-2023-1989 MISC |
linux -- kernel | A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem. | 2023-04-12 | not yet calculated | CVE-2023-1990 MISC |
wireshark_foundation -- wireshark | RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file | 2023-04-12 | not yet calculated | CVE-2023-1992 MISC CONFIRM MISC |
wireshark_foundation -- wireshark | LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file | 2023-04-12 | not yet calculated | CVE-2023-1993 MISC CONFIRM MISC |
wireshark_foundation -- wireshark | GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file | 2023-04-12 | not yet calculated | CVE-2023-1994 CONFIRM MISC MISC |
freetype -- freetype | An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c. | 2023-04-14 | not yet calculated | CVE-2023-2004 MISC MISC MISC MISC FEDORA |
linux -- kernel | A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. | 2023-04-14 | not yet calculated | CVE-2023-2008 MISC MISC MISC |
cisco -- small_business_routers | A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not and will not release software updates that address this vulnerability. | 2023-04-13 | not yet calculated | CVE-2023-20118 MISC |
microweber -- microweber | Cross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber prior to 1.3.3. | 2023-04-13 | not yet calculated | CVE-2023-2014 CONFIRM MISC |
nilsteampassnet -- teampass | Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3. | 2023-04-13 | not yet calculated | CVE-2023-2021 MISC CONFIRM |
wordpress -- wordpress | The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.2. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username. | 2023-04-15 | not yet calculated | CVE-2023-2027 MISC MISC |
google -- chrome | Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-04-14 | not yet calculated | CVE-2023-2033 MISC MISC MISC |
froxlor -- froxlor | Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14. | 2023-04-14 | not yet calculated | CVE-2023-2034 MISC CONFIRM |
campcodes -- video_sharing_website | A vulnerability has been found in Campcodes Video Sharing Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file signup.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225913 was assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2035 MISC MISC MISC |
campcodes -- video_sharing_website | A vulnerability was found in Campcodes Video Sharing Website 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file upload.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-225914 is the identifier assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2036 MISC MISC MISC |
campcodes -- video_sharing_website | A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been classified as critical. This affects an unknown part of the file watch.php. The manipulation of the argument code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225915. | 2023-04-14 | not yet calculated | CVE-2023-2037 MISC MISC MISC |
campcodes -- video_sharing_website | A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin_class.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225916. | 2023-04-14 | not yet calculated | CVE-2023-2038 MISC MISC MISC |
novel-plus -- novel-plus | A vulnerability was found in novel-plus 3.6.2. It has been rated as critical. This issue affects some unknown processing of the file /author/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225917 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-04-14 | not yet calculated | CVE-2023-2039 MISC MISC MISC |
novel-plus -- novel-plus | A vulnerability classified as critical has been found in novel-plus 3.6.2. Affected is an unknown function of the file /news/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225918 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-04-14 | not yet calculated | CVE-2023-2040 MISC MISC MISC |
novel-plus -- novel-plus | A vulnerability classified as critical was found in novel-plus 3.6.2. Affected by this vulnerability is an unknown functionality of the file /category/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-04-14 | not yet calculated | CVE-2023-2041 MISC MISC MISC |
datagear -- datagear | A vulnerability, which was classified as problematic, has been found in DataGear up to 4.5.1. Affected by this issue is some unknown functionality of the component JDBC Server Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225920. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-04-14 | not yet calculated | CVE-2023-2042 MISC MISC MISC |
control_id -- control_id | A vulnerability, which was classified as problematic, was found in Control iD 23.3.19.0. This affects an unknown part of the file /v2/customerdb/operator.svc/a of the component Edit Handler. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-225921 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-04-14 | not yet calculated | CVE-2023-2043 MISC MISC |
control_id – id_secure | A vulnerability has been found in Control iD iDSecure 4.7.29.1 and classified as problematic. This vulnerability affects unknown code of the component Dispositivos Page. The manipulation of the argument IP-DNS leads to cross site scripting. The attack can be initiated remotely. VDB-225922 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-04-14 | not yet calculated | CVE-2023-2044 MISC MISC |
campcodes -- advanced_online_voting_system | A vulnerability was found in Campcodes Advanced Online Voting System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument voter leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225932. | 2023-04-14 | not yet calculated | CVE-2023-2047 MISC MISC MISC |
campcodes -- advanced_online_voting_system | A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/voters_row.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225933 was assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2048 MISC MISC MISC |
campcodes -- advanced_online_voting_system | A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ballot_up.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-225934 is the identifier assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2049 MISC MISC MISC |
campcodes -- advanced_online_voting_system | A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/positions_add.php. The manipulation of the argument description leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225935. | 2023-04-14 | not yet calculated | CVE-2023-2050 MISC MISC MISC |
campcodes -- advanced_online_voting_system | A vulnerability classified as critical has been found in Campcodes Advanced Online Voting System 1.0. Affected is an unknown function of the file /admin/positions_row.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225936. | 2023-04-14 | not yet calculated | CVE-2023-2051 MISC MISC MISC |
campcodes -- advanced_online_voting_system | A vulnerability classified as critical was found in Campcodes Advanced Online Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ballot_down.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225937 was assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2052 MISC MISC MISC |
campcodes -- advanced_online_voting_system | A vulnerability, which was classified as critical, has been found in Campcodes Advanced Online Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/candidates_row.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-225938 is the identifier assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2053 MISC MISC MISC |
campcodes -- advanced_online_voting_system | A vulnerability, which was classified as critical, was found in Campcodes Advanced Online Voting System 1.0. This affects an unknown part of the file /admin/positions_delete.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225939. | 2023-04-14 | not yet calculated | CVE-2023-2054 MISC MISC MISC |
campcodes -- advanced_online_voting_system | A vulnerability has been found in Campcodes Advanced Online Voting System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/config_save.php. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225940. | 2023-04-14 | not yet calculated | CVE-2023-2055 MISC MISC MISC |
dedecms -- dedecms | A vulnerability was found in DedeCMS up to 5.7.87 and classified as critical. This issue affects the function GetSystemFile of the file module_main.php. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225941 was assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2056 MISC MISC MISC |
eyoucms -- eyoucms | A vulnerability was found in EyouCms 1.5.4. It has been classified as problematic. Affected is an unknown function of the file login.php?m=admin&c=Arctype&a=edit of the component New Picture Handler. The manipulation of the argument litpic_loca leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225942 is the identifier assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2057 MISC MISC MISC |
eyoucms -- eyoucms | A vulnerability was found in EyouCms up to 1.6.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /yxcms/index.php?r=admin/extendfield/mesedit&tabid=12&id=4 of the component HTTP POST Request Handler. The manipulation of the argument web_ico leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225943. | 2023-04-14 | not yet calculated | CVE-2023-2058 MISC MISC MISC |
dedecms -- dedecms | A vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/select_templets.php. The manipulation leads to path traversal: '..\filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225944. | 2023-04-14 | not yet calculated | CVE-2023-2059 MISC MISC MISC |
campcodes -- online_traffic_offense_management_system | A vulnerability was found in Campcodes Online Traffic Offense Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Login.php. The manipulation of the argument password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-226051. | 2023-04-14 | not yet calculated | CVE-2023-2073 MISC MISC MISC |
campcodes -- online_traffic_offense_management_system | A vulnerability was found in Campcodes Online Traffic Offense Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226052. | 2023-04-14 | not yet calculated | CVE-2023-2074 MISC MISC MISC |
campcodes -- online_traffic_offense_management_system | A vulnerability classified as critical has been found in Campcodes Online Traffic Offense Management System 1.0. This affects an unknown part of the file /admin/offenses/view_details.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226053 was assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2075 MISC MISC MISC |
campcodes -- online_traffic_offense_management_system | A vulnerability classified as problematic was found in Campcodes Online Traffic Offense Management System 1.0. This vulnerability affects unknown code of the file /classes/Users.phpp. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-226054 is the identifier assigned to this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-2076 MISC MISC MISC |
campcodes -- online_traffic_offense_management_system | A vulnerability, which was classified as problematic, has been found in Campcodes Online Traffic Offense Management System 1.0. This issue affects some unknown processing of the file /admin/offenses/view_details.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-226055. | 2023-04-14 | not yet calculated | CVE-2023-2077 MISC MISC MISC |
spring -- framework | In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. | 2023-04-13 | not yet calculated | CVE-2023-20863 MISC |
spring -- session | In Spring Session version 3.0.0, the session id can be logged to the standard output stream. This vulnerability exposes sensitive information to those who have access to the application logs and can be used for session hijacking. Specifically, an application is vulnerable if it is using HeaderHttpSessionIdResolver. | 2023-04-13 | not yet calculated | CVE-2023-20866 MISC |
sourcecodester -- complaint_management_system | A vulnerability was found in SourceCodester Complaint Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/userprofile.php of the component GET Parameter Handler. The manipulation of the argument uid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226097 was assigned to this vulnerability. | 2023-04-15 | not yet calculated | CVE-2023-2089 MISC MISC MISC |
sourcecodester -- employee_and_visitor_gate_pass_logging_system | A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is an unknown function of the file /admin/maintenance/view_designation.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-226098 is the identifier assigned to this vulnerability. | 2023-04-15 | not yet calculated | CVE-2023-2090 MISC MISC MISC |
kylinsoft -- youker-assistant | A vulnerability classified as critical was found in KylinSoft youker-assistant. Affected by this vulnerability is the function adjust_cpufreq_scaling_governer. The manipulation leads to os command injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.4.13 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-226099. | 2023-04-15 | not yet calculated | CVE-2023-2091 MISC MISC MISC |
sourcecodester -- vehicle_service_management_system | A vulnerability, which was classified as critical, has been found in SourceCodester Vehicle Service Management System 1.0. Affected by this issue is some unknown functionality of the file view_service.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226100. | 2023-04-15 | not yet calculated | CVE-2023-2092 MISC MISC MISC |
sourcecodester -- vehicle_service_management_system | A vulnerability, which was classified as critical, was found in SourceCodester Vehicle Service Management System 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226101 was assigned to this vulnerability. | 2023-04-15 | not yet calculated | CVE-2023-2093 MISC MISC MISC |
sourcecodester -- vehicle_service_management_system | A vulnerability has been found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/mechanics/manage_mechanic.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-226102 is the identifier assigned to this vulnerability. | 2023-04-15 | not yet calculated | CVE-2023-2094 MISC MISC MISC |
sourcecodester -- vehicle_service_management_system | A vulnerability was found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/maintenance/manage_category.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-226103. | 2023-04-15 | not yet calculated | CVE-2023-2095 MISC MISC MISC |
sourcecodester -- vehicle_service_management_system | A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/service_requests/manage_inventory.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226104. | 2023-04-15 | not yet calculated | CVE-2023-2096 MISC MISC MISC |
sourcecodester -- vehicle_service_management_system | A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226105 was assigned to this vulnerability. | 2023-04-15 | not yet calculated | CVE-2023-2097 MISC MISC MISC |
sourcecodester -- vehicle_service_management_system | A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /inc/topBarNav.php. The manipulation of the argument search leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-226106 is the identifier assigned to this vulnerability. | 2023-04-15 | not yet calculated | CVE-2023-2098 MISC MISC MISC |
sourcecodester -- vehicle_service_management_system | A vulnerability classified as problematic has been found in SourceCodester Vehicle Service Management System 1.0. This affects an unknown part of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-226107. | 2023-04-15 | not yet calculated | CVE-2023-2099 MISC MISC MISC |
sourcecodester -- vehicle_service_management_system | A vulnerability classified as problematic was found in SourceCodester Vehicle Service Management System 1.0. This vulnerability affects unknown code of the file /admin/report/index.php. The manipulation of the argument date_end leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226108. | 2023-04-15 | not yet calculated | CVE-2023-2100 MISC MISC MISC |
mogu_blog -- mogu_blog | A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226109 was assigned to this vulnerability. | 2023-04-15 | not yet calculated | CVE-2023-2101 MISC MISC MISC MISC |
easyappointments -- easyappointments | Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | 2023-04-15 | not yet calculated | CVE-2023-2102 CONFIRM MISC |
easyappointments -- easyappointments | Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | 2023-04-15 | not yet calculated | CVE-2023-2103 MISC CONFIRM |
easyappointments -- easyappointments | Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | 2023-04-15 | not yet calculated | CVE-2023-2104 CONFIRM MISC |
easyappointments -- easyappointments | Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | 2023-04-15 | not yet calculated | CVE-2023-2105 MISC CONFIRM |
calibre-web -- calibre-web | Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20. | 2023-04-15 | not yet calculated | CVE-2023-2106 CONFIRM MISC |
ibos -- ibos | A vulnerability, which was classified as critical, was found in IBOS 4.5.5. Affected is an unknown function of the file file/personal/del&op=recycle. The manipulation of the argument fids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-226110 is the identifier assigned to this vulnerability. | 2023-04-15 | not yet calculated | CVE-2023-2107 MISC MISC MISC |
qualcom -- snapdragon | Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal. | 2023-04-13 | not yet calculated | CVE-2023-21630 MISC |
elecom -- wab-mat | WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service. | 2023-04-11 | not yet calculated | CVE-2023-22282 MISC MISC |
wolt -- wolt_delivery | Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials (API key for an external service), which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary. | 2023-04-11 | not yet calculated | CVE-2023-22429 MISC MISC |
insyde -- insydeh2o | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM. | 2023-04-11 | not yet calculated | CVE-2023-22612 MISC MISC MISC |
insyde -- insydeh2o | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption. | 2023-04-11 | not yet calculated | CVE-2023-22613 MISC MISC MISC |
insyde -- insydeh2o | An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler. | 2023-04-11 | not yet calculated | CVE-2023-22614 MISC MISC MISC |
insyde -- insydeh2o | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM. | 2023-04-11 | not yet calculated | CVE-2023-22615 MISC MISC |
insyde -- insydeh2o | An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM. | 2023-04-12 | not yet calculated | CVE-2023-22616 MISC MISC MISC |
securepoint -- utm | An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface. | 2023-04-12 | not yet calculated | CVE-2023-22620 MISC MISC |
fortinet -- forticlientmac | A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade. | 2023-04-11 | not yet calculated | CVE-2023-22635 MISC |
fortinet -- fortios/fortiproxy | A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests. | 2023-04-11 | not yet calculated | CVE-2023-22641 MISC |
fortinet -- fortianalyzer/fortimanager | An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4.8 through 6.4.10 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and the remote FortiGuard server hosting outbreakalert ressources. | 2023-04-11 | not yet calculated | CVE-2023-22642 MISC |
open_design_alliance -- drawings_sdk | Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. | 2023-04-15 | not yet calculated | CVE-2023-22669 MISC |
open_design_alliance -- drawings_sdk | A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK before 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. | 2023-04-15 | not yet calculated | CVE-2023-22670 MISC |
arm -- mali_gpu_kernel | An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0. | 2023-04-11 | not yet calculated | CVE-2023-22808 MISC |
securepoint -- utm | An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used. | 2023-04-12 | not yet calculated | CVE-2023-22897 MISC MISC |
tigergraph -- enterprise_free_edition | An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access to an SSH private key. Any code that runs as the tigergraph user is able to read the SSH private key. With this, an attacker is granted password-less SSH access to all machines in the TigerGraph cluster. | 2023-04-13 | not yet calculated | CVE-2023-22948 MISC MISC |
tigergraph -- enterprise_free_edition | An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is logging of user credentials. All authenticated GSQL access requests are logged by TigerGraph in multiple places. Each request includes both the username and password of the user in an easily decodable base64 form. That could allow a TigerGraph administrator to effectively harvest usernames/passwords. | 2023-04-14 | not yet calculated | CVE-2023-22949 MISC MISC |
tigergraph -- enterprise_free_edition | An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations. | 2023-04-13 | not yet calculated | CVE-2023-22950 MISC MISC |
tigergraph -- enterprise_free_edition | An issue was discovered in TigerGraph Enterprise Free Edition 3.x. It creates an authentication token for internal systems use. This token can be read from the configuration file. Using this token on the REST API provides an attacker with anonymous admin-level privileges on all REST API endpoints. | 2023-04-13 | not yet calculated | CVE-2023-22951 MISC MISC |
snippet_box -- snippet_box | Snippet-box 1.0.0 is vulnerable to Cross Site Scripting (XSS). Remote attackers can render arbitrary web script or HTML from the "Snippet code" form field. | 2023-04-11 | not yet calculated | CVE-2023-23277 MISC MISC MISC |
seiko_espon -- multiple_products | Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers/network interface via a web browser. According to SEIKO EPSON CORPORATION, it is also called as Remote Manager in some products. Web Config is pre-installed in some printers/network interface provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor. | 2023-04-11 | not yet calculated | CVE-2023-23572 MISC MISC |
contec --conprosys_iot_gateway_products | Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131). | 2023-04-11 | not yet calculated | CVE-2023-23575 MISC MISC MISC MISC MISC |
terminalfour -- terminalfour | The Logback component in Terminalfour before 8.3.14.1 allows OS administrators to obtain sensitive information from application server logs when debug logging is enabled. The fixed versions are 8.2.18.7, 8.2.18.2.2, 8.3.11.1, and 8.3.14.1. | 2023-04-12 | not yet calculated | CVE-2023-23591 MISC MISC |
lucl -- lucl | LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js. | 2023-04-11 | not yet calculated | CVE-2023-24182 MISC MISC MISC MISC |
buffalo -- bs_gs_series | Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier | 2023-04-11 | not yet calculated | CVE-2023-24464 MISC MISC |
arista -- eos | On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability. | 2023-04-13 | not yet calculated | CVE-2023-24509 MISC |
arista -- eos | On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system. | 2023-04-12 | not yet calculated | CVE-2023-24511 MISC |
arista -- cloudeos | On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic. | 2023-04-12 | not yet calculated | CVE-2023-24513 MISC |
buffalo -- bs_gs_series | Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier | 2023-04-11 | not yet calculated | CVE-2023-24544 MISC MISC |
arista -- cloudeos | On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic. | 2023-04-12 | not yet calculated | CVE-2023-24545 MISC |
qt -- qt | Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3. | 2023-04-15 | not yet calculated | CVE-2023-24607 MISC MISC MISC MISC MISC MISC MISC |
aten -- pe8108 | Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have access to other users' outlets. | 2023-04-11 | not yet calculated | CVE-2023-25409 MISC |
mitel -- micollab | A vulnerability in the web conferencing component of Mitel MiCollab through 9.6.2.9 could allow an unauthenticated attacker to download a shared file via a crafted request - including the exact path and filename - due to improper authentication control. A successful exploit could allow access to sensitive information. | 2023-04-14 | not yet calculated | CVE-2023-25597 CONFIRM |
jtekt_electronics_corporation -- screen_creator_advance_2 | Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer (CWE-119) due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project file, information may be disclosed and/or arbitrary code may be executed. | 2023-04-11 | not yet calculated | CVE-2023-25755 MISC MISC |
haproxy -- haproxy | HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition. | 2023-04-11 | not yet calculated | CVE-2023-25950 MISC MISC MISC |
kyocera -- mobile_print | KYOCERA Mobile Print' v3.2.0.230119 and earlier, 'UTAX/TA MobilePrint' v3.2.0.230119 and earlier, and 'Olivetti Mobile Print' v3.2.0.230119 and earlier are vulnerable to improper intent handling. When a malicious app is installed on the victim user's Android device, the app may send an intent and direct the affected app to download malicious files or apps to the device without notification. | 2023-04-13 | not yet calculated | CVE-2023-25954 MISC MISC MISC MISC MISC |
ministry_of land_infrastructure_transport_and_tourism_japan -- national_land_numerical _information_data_conversion | National land numerical information data conversion tool all versions improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker. | 2023-04-11 | not yet calculated | CVE-2023-25955 MISC MISC |
lexmark -- multiple_products | Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type. | 2023-04-10 | not yet calculated | CVE-2023-26063 MISC MISC |
lexmark -- multiple_products | Certain Lexmark devices through 2023-02-19 have an Out-of-bounds Write. | 2023-04-10 | not yet calculated | CVE-2023-26064 MISC MISC |
lexmark -- multiple_products | Certain Lexmark devices through 2023-02-19 have an Integer Overflow. | 2023-04-10 | not yet calculated | CVE-2023-26065 MISC MISC |
lexmark -- multiple_products | Certain Lexmark devices through 2023-02-19 have Improper Validation of an Array Index. | 2023-04-10 | not yet calculated | CVE-2023-26066 MISC MISC |
lexmark -- multiple_products | Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4). | 2023-04-10 | not yet calculated | CVE-2023-26067 MISC MISC |
lexmark -- multiple_products | Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4). | 2023-04-10 | not yet calculated | CVE-2023-26068 MISC MISC |
lexmark -- multiple_products | Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4). | 2023-04-10 | not yet calculated | CVE-2023-26069 MISC MISC |
lexmark -- multiple_products | Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4). | 2023-04-10 | not yet calculated | CVE-2023-26070 MISC MISC |
xxl-job-admin -- xxl-job-admin | This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update. | 2023-04-10 | not yet calculated | CVE-2023-26120 MISC |
safe-eval -- safe-eval | All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution ("RCE"). **Vulnerable functions:** __defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf(). | 2023-04-11 | not yet calculated | CVE-2023-26122 MISC MISC MISC MISC MISC MISC MISC MISC |
raylib_for_web_platform -- raylib_for_web_platform | Versions of the package raysan5/raylib before 4.5.0 are vulnerable to Cross-site Scripting (XSS) such that the SetClipboardText API does not properly escape the ' character, allowing attacker-controlled input to break out of the string and execute arbitrary JavaScript via emscripten_run_script function. **Note:** This vulnerability is present only when compiling raylib for PLATFORM_WEB. All the other Desktop/Mobile/Embedded platforms are not affected. | 2023-04-14 | not yet calculated | CVE-2023-26123 MISC MISC MISC MISC |
oxid_esales -- eshop | OXID eShop 6.2.x before 6.4.4 and 6.5.x before 6.5.2 allows session hijacking, leading to partial access of a customer's account by an attacker, due to an improper check of the user agent. | 2023-04-11 | not yet calculated | CVE-2023-26260 MISC |
talend -- data_catalog | All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML External Entity (XXE) attacks in the /MIMBWebServices/license endpoint of the remote harvesting server. | 2023-04-13 | not yet calculated | CVE-2023-26263 MISC MISC |
talend -- data_catalog | All versions of Talend Data Catalog before 8.0-20220907 are potentially vulnerable to XML External Entity (XXE) attacks in the license parsing code. | 2023-04-13 | not yet calculated | CVE-2023-26264 MISC MISC |
strongswan -- strongswan | strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrusted client certificate during EAP-TLS. A server is affected only if it loads plugins that implement TLS-based EAP methods (EAP-TLS, EAP-TTLS, EAP-PEAP, or EAP-TNC). This is fixed in 5.9.10. | 2023-04-15 | not yet calculated | CVE-2023-26463 MISC MISC |
pegasystems -- rpa_synchronization_engine | A man in the middle can redirect traffic to a malicious server in a compromised configuration. | 2023-04-10 | not yet calculated | CVE-2023-26467 MISC |
libntp/mstolfp.c -- libntp/mstolfp.c | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | 2023-04-11 | not yet calculated | CVE-2023-26551 MISC MISC |
libntp/mstolfp.c -- libntp/mstolfp.c | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | 2023-04-11 | not yet calculated | CVE-2023-26552 MISC MISC |
libntp/mstolfp.c -- libntp/mstolfp.c | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | 2023-04-11 | not yet calculated | CVE-2023-26553 MISC MISC |
libntp/mstolfp.c -- libntp/mstolfp.c | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | 2023-04-11 | not yet calculated | CVE-2023-26554 MISC MISC |
ntpd/refclock_palisade.c -- ntpd/refclock_palisade.c | praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver. | 2023-04-11 | not yet calculated | CVE-2023-26555 MISC MISC |
oxygen -- xml_web_author | A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. (XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build 2023021715 are also fixed versions.) | 2023-04-14 | not yet calculated | CVE-2023-26559 MISC MISC |
buffalo -- bs_gsl_and _bs_gs_series | Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier | 2023-04-11 | not yet calculated | CVE-2023-26588 MISC MISC |
yokogawa_electric_corporation -- centun_series | CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. If an attacker who can login or access the computer where the affected product is installed tampers the password file stored in the computer, the user privilege which CENTUM managed may be escalated. As a result, the control system may be operated with the escalated user privilege. To exploit this vulnerability, the following prerequisites must be met: (1)An attacker has obtained user credentials where the affected product is installed, (2)CENTUM Authentication Mode is used for user authentication when CENTUM VP is used. The affected products and versions are as follows: CENTUM CS 1000, CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class) R2.01.00 to R3.09.50, CENTUM VP (Including CENTUM VP Entry Class) R4.01.00 to R4.03.00, R5.01.00 to R5.04.20, and R6.01.00 and later, B/M9000 CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R7.04.51 and R8.01.01 and later | 2023-04-11 | not yet calculated | CVE-2023-26593 MISC MISC |
revive -- adserver | The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. | 2023-04-14 | not yet calculated | CVE-2023-26756 MISC MISC |
sourcecodester -- sales_tracker_management_system | An issue found in Sales Tracker Management System v.1.0 allows a remote attacker to access sensitive information via sales.php component of the admin/reports endpoint. | 2023-04-10 | not yet calculated | CVE-2023-26774 MISC MISC MISC MISC |
textpattern -- textpattern | An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows attackers to execute arbitrary code by uploading a crafted PHP file. | 2023-04-12 | not yet calculated | CVE-2023-26852 MISC MISC MISC |
libyang -- libyang | libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c. | 2023-04-11 | not yet calculated | CVE-2023-26917 MISC |
diasoft -- file_replication_pro | Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access. | 2023-04-14 | not yet calculated | CVE-2023-26918 MISC MISC |
hyper_http2_rst_stream_frames -- hyper_http2_rst_stream_frames | An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS). | 2023-04-11 | not yet calculated | CVE-2023-26964 MISC |
atropim -- atropim | Atropim 1.5.26 is vulnerable to Directory Traversal. | 2023-04-14 | not yet calculated | CVE-2023-26969 MISC |
pax_technology --pax_a920_prodroid | PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process. | 2023-04-14 | not yet calculated | CVE-2023-26980 MISC MISC MISC |
pretashop -- advancedpopupcreator | Prestashop advancedpopupcreator v1.1.21 to v1.1.24 was discovered to contain a SQL injection vulnerability via the component AdvancedPopup::getPopups(). | 2023-04-12 | not yet calculated | CVE-2023-27032 MISC MISC |
gdidees -- cms | GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php. | 2023-04-11 | not yet calculated | CVE-2023-27179 MISC MISC MISC |
dualspace -- super_security | An issue found in DUALSPACE Super Security v.2.3.7 allows an attacker to cause a denial of service via the key_wifi_safe_net_check_url, KEY_Cirus_scan_whitelist and KEY_AD_NEW_USER_AVOID_TIME parameters. | 2023-04-11 | not yet calculated | CVE-2023-27192 MISC MISC MISC |
dualspace -- dualspace | An issue found in DUALSPACE v.1.1.3 allows a local attacker to gain privileges via the key_ad_new_user_avoid_time field. | 2023-04-14 | not yet calculated | CVE-2023-27193 MISC MISC MISC |
d-link -- dsl-3782 | An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page. | 2023-04-12 | not yet calculated | CVE-2023-27216 MISC MISC MISC |
contec --conprosys_iot_gateway_products | Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131). | 2023-04-11 | not yet calculated | CVE-2023-27389 MISC MISC MISC MISC MISC |
sap -- solution_manager_diagnostics_agent | Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows. On successful exploitation, the attacker can completely compromise confidentiality, integrity and availability of the system. | 2023-04-11 | not yet calculated | CVE-2023-27497 MISC MISC |
sap -- gui_for_html | SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user's browser. The information from the victim's web browser can either be modified or read and sent to the attacker. | 2023-04-11 | not yet calculated | CVE-2023-27499 MISC MISC |
seiko_epson -- multiple_products | Cross-site request forgery (CSRF) vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers/network interface via a web browser. According to SEIKO EPSON CORPORATION, it is also called as Remote Manager in some products. Web Config is pre-installed in some printers/network interface provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor. | 2023-04-11 | not yet calculated | CVE-2023-27520 MISC MISC |
commscope_arris -- dg3450 | An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The troubleshooting_logs_download.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files. | 2023-04-15 | not yet calculated | CVE-2023-27571 MISC MISC MISC |
commscope_arris -- dg3450 | An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability was discovered in the https_redirect.php web page via the page parameter. | 2023-04-15 | not yet calculated | CVE-2023-27572 MISC MISC MISC |
poweramp -- audioplayer | An issue found in POWERAMP 925-bundle-play and Poweramp 954-uni allows a remote attacker to cause a denial of service via the Rescan button in Queue and Select Folders button in Library | 2023-04-14 | not yet calculated | CVE-2023-27643 MISC MISC MISC |
poweramp -- audioplayer | An issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQ preset parameters. | 2023-04-11 | not yet calculated | CVE-2023-27645 MISC MISC MISC |
dualspace -- lock_master | An issue found in DUALSPACE Lock Master v.2.2.4 allows a local attacker to cause a denial of service or gain sensitive information via the com.ludashi.superlock.util.pref.SharedPrefProviderEntryMethod: insert of the android.net.Uri.insert method. | 2023-04-14 | not yet calculated | CVE-2023-27647 MISC MISC MISC |
t-me studios -- change_color_of_keypad | Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage. | 2023-04-14 | not yet calculated | CVE-2023-27648 MISC MISC MISC |
trusted_tools -- free_music | SQL injection vulnerability found in Trusted Tools Free Music v.2.1.0.47, v.2.0.0.46, v.1.9.1.45, v.1.8.2.43 allows a remote attacker to cause a denial of service via the search history table | 2023-04-14 | not yet calculated | CVE-2023-27649 MISC MISC MISC |
ego_studio -- superclean | An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges via the update_info field of the _default_.xml file. | 2023-04-14 | not yet calculated | CVE-2023-27651 MISC MISC MISC |
who_app -- who_app | An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a denial of service via the SharedPreference files. | 2023-04-14 | not yet calculated | CVE-2023-27653 MISC MISC MISC |
who_app -- who_app | An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a escalation of privileges via the TTMultiProvider component. | 2023-04-14 | not yet calculated | CVE-2023-27654 MISC MISC MISC |
sourcecodester -- auto_dealer_management_system | Auto Dealer Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the name parameter at /classes/SystemSettings.php?f=update_settings. | 2023-04-14 | not yet calculated | CVE-2023-27666 MISC MISC MISC |
sourcecodester -- auto_dealer_management_system | Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability. | 2023-04-13 | not yet calculated | CVE-2023-27667 MISC MISC MISC |
pikpak_for_android -- pikpak_for_android | The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug interface. | 2023-04-12 | not yet calculated | CVE-2023-27703 MISC MISC |
void_tools -- void_tools | Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service (ReDoS). | 2023-04-12 | not yet calculated | CVE-2023-27704 MISC MISC MISC |
d-link -- dir878 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-09 | not yet calculated | CVE-2023-27718 MISC MISC |
d-link -- dir878 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | 2023-04-09 | not yet calculated | CVE-2023-27719 MISC MISC |
nginx -- njs | Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h. | 2023-04-09 | not yet calculated | CVE-2023-27727 MISC |
nginx -- njs | Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c. | 2023-04-09 | not yet calculated | CVE-2023-27728 MISC |
nginx -- njs | Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njs_vmcode_return at src/njs_vmcode.c. | 2023-04-09 | not yet calculated | CVE-2023-27729 MISC |
nginx -- njs | Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c. | 2023-04-09 | not yet calculated | CVE-2023-27730 MISC |
blackvue -- dr750-2ch | BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted. | 2023-04-13 | not yet calculated | CVE-2023-27746 MISC MISC MISC MISC |
blackvue -- dr750-2ch | BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authentication in its web server. This vulnerability allows attackers to access sensitive information such as configurations and recordings. | 2023-04-13 | not yet calculated | CVE-2023-27747 MISC MISC MISC MISC |
blackvue -- dr750-2ch | BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded firmware. This can allow attackers to upload crafted firmware which contains backdoors and enables arbitrary code execution. | 2023-04-13 | not yet calculated | CVE-2023-27748 MISC MISC MISC MISC |
libiec61850 -- libiec61850 | libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c. | 2023-04-13 | not yet calculated | CVE-2023-27772 MISC MISC |
liveaction -- livesp | A stored HTML injection vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary code via a crafted payload. | 2023-04-12 | not yet calculated | CVE-2023-27775 MISC MISC MISC |
alo -- am_presencia | AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user parameter in the login form. | 2023-04-13 | not yet calculated | CVE-2023-27779 MISC MISC MISC MISC |
bloofox -- bloofox | bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the delete_file() function. | 2023-04-13 | not yet calculated | CVE-2023-27812 MISC MISC MISC MISC |
seowonintech -- multiple_products | SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem() function. | 2023-04-12 | not yet calculated | CVE-2023-27826 MISC MISC MISC |
tightvnc -- tightvnc | TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the backend as a high-privileges account. | 2023-04-12 | not yet calculated | CVE-2023-27830 MISC MISC MISC |
autodesk -- autocad | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process. | 2023-04-14 | not yet calculated | CVE-2023-27912 MISC |
autodesk -- autocad | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process. | 2023-04-14 | not yet calculated | CVE-2023-27913 MISC |
autodesk -- autocad | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process. | 2023-04-14 | not yet calculated | CVE-2023-27914 MISC |
autodesk -- autocad | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | 2023-04-14 | not yet calculated | CVE-2023-27915 MISC |
contec --conprosys_iot_gateway_products | OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131). | 2023-04-11 | not yet calculated | CVE-2023-27917 MISC MISC MISC MISC MISC |
fortinet -- fortisoar | A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via a crafted payload. | 2023-04-11 | not yet calculated | CVE-2023-27995 MISC |
dell -- ppdm | Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions. | 2023-04-11 | not yet calculated | CVE-2023-28062 MISC |
hewlett_packard_enterprise -- oneview_global_dashboard | An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials | 2023-04-14 | not yet calculated | CVE-2023-28085 MISC |
hewlett_packard_enterprise -- oneview_virtual_appliance | HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump | 2023-04-14 | not yet calculated | CVE-2023-28091 MISC |
pegasystems -- rpa:_synchronization_engine | A user with a compromised configuration can start an unsigned binary as a service. | 2023-04-10 | not yet calculated | CVE-2023-28093 MISC |
wordpress -- wordpress | An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated. | 2023-04-12 | not yet calculated | CVE-2023-28121 MISC |
tp-link_corporation_limited -- t2600g-28sq | TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential information for the affected device may be obtained. | 2023-04-11 | not yet calculated | CVE-2023-28368 MISC MISC |
connman -- connman | client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process. | 2023-04-12 | not yet calculated | CVE-2023-28488 MISC MISC |
hikvision -- hybrid_san/cluster_storage_products | Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices. | 2023-04-11 | not yet calculated | CVE-2023-28808 MISC |
flask-appbuilder -- flask-appbuilder | Flask-AppBuilder versions before 4.3.0 lack rate limiting which can allow an attacker to brute-force user credentials. Version 4.3.0 includes the ability to enable rate limiting using `AUTH_RATE_LIMITED = True`, `RATELIMIT_ENABLED = True`, and setting an `AUTH_RATE_LIMIT`. | 2023-04-10 | not yet calculated | CVE-2023-29005 MISC MISC |
go -- go | Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of service. This issue has been patched in versions 2.9.10 and 2.10.0-rc2. | 2023-04-14 | not yet calculated | CVE-2023-29013 MISC MISC MISC MISC |
open-feature -- open-feature-operator | The OpenFeature Operator allows users to expose feature flags to applications. Assuming the pre-existence of a vulnerability that allows for arbitrary code execution, an attacker could leverage the lax permissions configured on `open-feature-operator-controller-manager` to escalate the privileges of any SA in the cluster. The increased privileges could be used to modify cluster state, leading to DoS, or read sensitive data, including secrets. Version 0.2.32 mitigates this issue by restricting the resources the `open-feature-operator-controller-manager` can modify. | 2023-04-14 | not yet calculated | CVE-2023-29018 MISC MISC |
autodesk -- autocad | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | 2023-04-14 | not yet calculated | CVE-2023-29067 MISC |
zoho -- manageengine_admanager_plus | Zoho ManageEngine ADManager Plus through 7180 allows for authenticated users to exploit command injection via Proxy settings. | 2023-04-13 | not yet calculated | CVE-2023-29084 MISC MISC |
exynos -- multiple_products | An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line. | 2023-04-14 | not yet calculated | CVE-2023-29085 MISC |
exynos -- multiple_products | An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header. | 2023-04-14 | not yet calculated | CVE-2023-29086 MISC |
exynos -- multiple_products | An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After header. | 2023-04-14 | not yet calculated | CVE-2023-29087 MISC |
exynos -- multiple_products | An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Session-Expires header. | 2023-04-14 | not yet calculated | CVE-2023-29088 MISC |
exynos -- multiple_products | An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages. | 2023-04-14 | not yet calculated | CVE-2023-29089 MISC |
exynos -- multiple_products | An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Via header. | 2023-04-14 | not yet calculated | CVE-2023-29090 MISC |
exynos -- multiple_products | An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI. | 2023-04-14 | not yet calculated | CVE-2023-29091 MISC |
sap -- abap_platform/sap_web_dispatcher | The IP filter in ABAP Platform and SAP Web Dispatcher - versions WEBDISP 7.85, 7.89, KERNEL 7.85, 7.89, 7.91, may be vulnerable by erroneous IP netmask handling. This may enable access to backend applications from unwanted sources. | 2023-04-11 | not yet calculated | CVE-2023-29108 MISC MISC |
sap -- application_interface_framework | The SAP Application Interface Framework (Message Dashboard) - versions AIF 703, AIFX 702, S4CORE 101, SAP_BASIS 755, 756, SAP_ABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints List. Once the victim opens the downloaded Excel document, the formula will be executed. As a result, an attacker can cause limited impact on the confidentiality and integrity of the application. | 2023-04-11 | not yet calculated | CVE-2023-29109 MISC MISC |
sap -- application_interface_framework | The SAP Application Interface (Message Dashboard) - versions AIF 703, AIFX 702, S4CORE 100, 101, SAP_BASIS 755, 756, SAP_ABA 75C, 75D, 75E, application allows the usage HTML tags. An authorized attacker can use some of the basic HTML codes such as heading, basic formatting and lists, then an attacker can inject images from the foreign domains. After successful exploitations, an attacker can cause limited impact on the confidentiality and integrity of the application. | 2023-04-11 | not yet calculated | CVE-2023-29110 MISC MISC |
sap -- application_interface_framework | The SAP AIF (ODATA service) - versions 755, 756, discloses more detailed information than is required. An authorized attacker can use the collected information possibly to exploit the component. As a result, an attacker can cause a low impact on the confidentiality of the application. | 2023-04-11 | not yet calculated | CVE-2023-29111 MISC MISC |
sap -- application_interface_framework | The SAP Application Interface (Message Monitoring) - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limited impact on the confidentiality and integrity of the application. | 2023-04-11 | not yet calculated | CVE-2023-29112 MISC MISC |
irssi -- irssi | Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line. | 2023-04-14 | not yet calculated | CVE-2023-29132 MISC MISC |
sap -- netweaver_as_for_abap | SAP NetWeaver AS for ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters in certain circumstances which can consume the server's resources sufficiently to make it unavailable over the network without any user interaction. | 2023-04-11 | not yet calculated | CVE-2023-29185 MISC MISC |
sap -- netweaver | In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files can be overwritten making the system unavailable. | 2023-04-11 | not yet calculated | CVE-2023-29186 MISC MISC |
sap -- sapsetup | A Windows user with basic user authorization can exploit a DLL hijacking attack in SapSetup (Software Installation Program) - version 9.0, resulting in a privilege escalation running code as administrator of the very same Windows PC. A successful attack depends on various preconditions beyond the attacker's control. | 2023-04-11 | not yet calculated | CVE-2023-29187 MISC MISC |
sap -- crm | SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This application is exposed over the network and successful exploitation can lead to exposure of form fields | 2023-04-11 | not yet calculated | CVE-2023-29189 MISC MISC |
spicedb -- spicedb | SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. The `spicedb serve` command contains a flag named `--grpc-preshared-key` which is used to protect the gRPC API from being accessed by unauthorized requests. The values of this flag are to be considered sensitive, secret data. The `/debug/pprof/cmdline` endpoint served by the metrics service (defaulting running on port `9090`) reveals the command-line flags provided for debugging purposes. If a password is set via the `--grpc-preshared-key` then the key is revealed by this endpoint along with any other flags provided to the SpiceDB binary. This issue has been fixed in version 1.19.1. ### Impact All deployments abiding by the recommended best practices for production usage are **NOT affected**: - Authzed's SpiceDB Serverless - Authzed's SpiceDB Dedicated - SpiceDB Operator Users configuring SpiceDB via environment variables are **NOT affected**. Users **MAY be affected** if they expose their metrics port to an untrusted network and are configuring `--grpc-preshared-key` via command-line flag. ### Patches TODO ### Workarounds To workaround this issue you can do one of the following: - Configure the preshared key via an environment variable (e.g. `SPICEDB_GRPC_PRESHARED_KEY=yoursecret spicedb serve`) - Reconfigure the `--metrics-addr` flag to bind to a trusted network (e.g. `--metrics-addr=localhost:9090`) - Disable the metrics service via the flag (e.g. `--metrics-enabled=false`) - Adopt one of the recommended deployment models: [Authzed's managed services](https://authzed.com/pricing) or the [SpiceDB Operator](https://github.com/authzed/spicedb-operator) ### References - [GitHub Security Advisory issued for SpiceDB](https://github.com/authzed/spicedb/security/advisories/GHSA-cjr9-mr35-7xh6) - [Go issue #22085](https://github.com/golang/go/issues/22085) for documenting the risks of exposing pprof to the internet - [Go issue #42834](https://github.com/golang/go/issues/42834) discusses preventing pprof registration to the default serve mux - [semgrep rule go.lang.security.audit.net.pprof.pprof-debug-exposure](https://semgrep.dev/r?q=go.lang.security.audit.net.pprof) checks for a variation of this issue ### Credit We'd like to thank Amit Laish, a security researcher at GE Vernova for responsibly disclosing this vulnerability. | 2023-04-14 | not yet calculated | CVE-2023-29193 MISC MISC MISC |
vitessio -- vitess | Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing `/` characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces using `vtctldclient GetKeyspaces` will also return an error. Note that all other keyspaces can still be administered using the CLI (vtctldclient). This issue is fixed in version 16.0.1. As a workaround, delete the offending keyspace using a CLI client (vtctldclient). | 2023-04-14 | not yet calculated | CVE-2023-29194 MISC MISC MISC |
vm2_project -- vm2 | There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass `handleException()` and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.16` of `vm2`. | 2023-04-14 | not yet calculated | CVE-2023-29199 MISC MISC MISC MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. The "restricted" mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1, only escaped `<script>` and `<style>`-tags but neither attributes that can be used to inject scripts nor other dangerous HTML tags like `<iframe>`. As a consequence, any code relying on this "restricted" mode for security is vulnerable to JavaScript injection ("cross-site scripting"/XSS). When a privileged user with programming rights visits such a comment in XWiki, the malicious JavaScript code is executed in the context of the user session. This allows server-side code execution with programming rights, impacting the confidentiality, integrity and availability of the XWiki instance. This problem has been patched in XWiki 14.6 RC1 with the introduction of a filter with allowed HTML elements and attributes that is enabled in restricted mode. There are no known workarounds apart from upgrading to a version including the fix. | 2023-04-15 | not yet calculated | CVE-2023-29201 MISC MISC MISC MISC MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. The RSS macro that is bundled in XWiki included the content of the feed items without any cleaning in the HTML output when the parameter `content` was set to `true`. This allowed arbitrary HTML and in particular also JavaScript injection and thus cross-site scripting (XSS) by specifying an RSS feed with malicious content. With the interaction of a user with programming rights, this could be used to execute arbitrary actions in the wiki, including privilege escalation, remote code execution, information disclosure, modifying or deleting content and sabotaging the wiki. The issue has been patched in XWiki 14.6 RC1, the content of the feed is now properly cleaned before being displayed. As a workaround, if the RSS macro isn't used in the wiki, the macro can be uninstalled by deleting `WEB-INF/lib/xwiki-platform-rendering-macro-rss-XX.jar`, where `XX` is XWiki's version, in the web application's directory. | 2023-04-15 | not yet calculated | CVE-2023-29202 MISC MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. It's possible to list some users who are normally not viewable from subwiki by requesting users on a subwiki which allows only global users with `uorgsuggest.vm`. This issue only concerns hidden users from main wiki. Note that the disclosed information are the username and the first and last name of users, no other information is leaked. The problem has been patched on XWiki 13.10.8, 14.4.3 and 14.7RC1. | 2023-04-15 | not yet calculated | CVE-2023-29203 MISC MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. It is possible to bypass the existing security measures put in place to avoid open redirect by using a redirect such as `//mydomain.com` (i.e. omitting the `http:`). It was also possible to bypass it when using URL such as `http:/mydomain.com`. The problem has been patched on XWiki 13.10.10, 14.4.4 and 14.8RC1. | 2023-04-15 | not yet calculated | CVE-2023-29204 MISC MISC MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be particularly dangerous since in a standard wiki, any user is able to use the html macro directly in their own user profile page. The problem has been patched in XWiki 14.8RC1. The patch involves the HTML macros and are systematically cleaned up whenever the user does not have the script correct. | 2023-04-15 | not yet calculated | CVE-2023-29205 MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. There was no check in the author of a JavaScript xobject or StyleSheet xobject added in a XWiki document, so until now it was possible for a user having only Edit Right to create such object and to craft a script allowing to perform some operations when executing by a user with appropriate rights. This has been patched in XWiki 14.9-rc-1 by only executing the script if the author of it has Script rights. | 2023-04-15 | not yet calculated | CVE-2023-29206 MISC MISC MISC MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. The Livetable Macro wasn't properly sanitizing column names, thus allowing the insertion of raw HTML code including JavaScript. This vulnerability was also exploitable via the Documents Macro that is included since XWiki 3.5M1 and doesn't require script rights, this can be demonstrated with the syntax `{{documents id="example" count="5" actions="false" columns="doc.title, before<script>alert(1)</script>after"/}}`. Therefore, this can also be exploited by users without script right and in comments. With the interaction of a user with more rights, this could be used to execute arbitrary actions in the wiki, including privilege escalation, remote code execution, information disclosure, modifying or deleting content. This has been patched in XWiki 14.9, 14.4.6, and 13.10.10. | 2023-04-15 | not yet calculated | CVE-2023-29207 MISC MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. Rights added to a document are not taken into account for viewing it once it's deleted. Note that this vulnerability only impact deleted documents that where containing view rights: the view rights provided on a space of a deleted document are properly checked. The problem has been patched in XWiki 14.10 by checking the rights of current user: only admin and deleter of the document are allowed to view it. | 2023-04-15 | not yet calculated | CVE-2023-29208 MISC MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents including the legacy notification activity macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the macro parameters of the legacy notification activity macro. This macro is installed by default in XWiki. The vulnerability can be exploited via every wiki page that is editable including the user's profile, but also with just view rights using the HTMLConverter that is part of the CKEditor integration which is bundled with XWiki. The vulnerability has been patched in XWiki 13.10.11, 14.4.7 and 14.10. | 2023-04-15 | not yet calculated | CVE-2023-29209 MISC MISC MISC |
xwiki -- xwiki_platform | XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents including the notification preferences macros can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the user parameter of the macro that provide the notification filters. These macros are used in the user profiles and thus installed by default in XWiki. The vulnerability has been patched in XWiki 13.10.11, 14.4.7 and 14.10. | 2023-04-15 | not yet calculated | CVE-2023-29210 MISC MISC MISC |
shadow -- shadow | In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account. | 2023-04-14 | not yet calculated | CVE-2023-29383 MISC MISC MISC MISC |
ncurses -- ncurses | ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. | 2023-04-14 | not yet calculated | CVE-2023-29491 MISC MISC MISC |
novi_survey -- novi_survey | Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data. | 2023-04-11 | not yet calculated | CVE-2023-29492 CONFIRM |
matrix_org -- matrix_js_sdk | matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker will not appear to be participating in the call. This attack is possible because matrix-js-sdk's group call implementation accepts incoming direct calls from other users, even if they have not yet declared intent to participate in the group call, as a means of resolving a race condition in call setup. Affected versions do not restrict access to the user's outbound media in this case. Legacy 1:1 calls are unaffected. This is fixed in matrix-js-sdk 24.1.0. As a workaround, users may hold group calls in private rooms where only the exact users who are expected to participate in the call are present. | 2023-04-14 | not yet calculated | CVE-2023-29529 MISC MISC MISC |
cesanta_mjs -- cesanta_mjs | Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS). | 2023-04-14 | not yet calculated | CVE-2023-29569 MISC MISC |
cesanta_mjs -- cesanta_mjs | Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS). | 2023-04-12 | not yet calculated | CVE-2023-29571 MISC MISC |
bento -- bento | Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component. | 2023-04-13 | not yet calculated | CVE-2023-29573 MISC MISC |
bento -- bento | Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component. | 2023-04-12 | not yet calculated | CVE-2023-29574 MISC MISC |
bento -- bento | Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h. | 2023-04-11 | not yet calculated | CVE-2023-29576 MISC MISC |
yasm -- yasm | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c. | 2023-04-12 | not yet calculated | CVE-2023-29580 MISC MISC |
yasm -- yasm | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function delete_Token at /nasm/nasm-pp.c. | 2023-04-12 | not yet calculated | CVE-2023-29581 MISC MISC |
mp4v2 -- mp4v2 | mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp. | 2023-04-14 | not yet calculated | CVE-2023-29584 MISC MISC |
bloofox -- bloofox | bloofox v0.5.2 was discovered to contain a SQL injection vulnerability via the component /index.php?mode=content&page=pages&action=edit&eid=1. | 2023-04-13 | not yet calculated | CVE-2023-29597 MISC |
lmxcms -- lmxcms | lmxcms v1.4.1 was discovered to contain a SQL injection vulnerability via the setbook parameter at index.php. | 2023-04-13 | not yet calculated | CVE-2023-29598 MISC |
purchase_order_management -- purchase_order_management | Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | 2023-04-14 | not yet calculated | CVE-2023-29621 MISC MISC |
purchase_order_management -- purchase_order_management | Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php. | 2023-04-14 | not yet calculated | CVE-2023-29622 MISC MISC |
purchase_order_management -- purchase_order_management | Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php. | 2023-04-14 | not yet calculated | CVE-2023-29623 MISC MISC |
employee_performance_evaluation_system -- employee_performance_evaluation_system | Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | 2023-04-14 | not yet calculated | CVE-2023-29625 MISC |
sourcecodester -- yoga_class_registration_system | Yoga Class Registration System 1.0 was discovered to contain a SQL injection vulnerability via the cid parameter at /admin/login.php. | 2023-04-14 | not yet calculated | CVE-2023-29626 MISC |
sourcecodester -- online_pizza_ordering | Online Pizza Ordering v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | 2023-04-14 | not yet calculated | CVE-2023-29627 MISC MISC |
totolink -- x18 | TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function. | 2023-04-14 | not yet calculated | CVE-2023-29798 MISC |
totolink -- x18 | TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function. | 2023-04-14 | not yet calculated | CVE-2023-29799 MISC |
totolink -- x18 | TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function. | 2023-04-14 | not yet calculated | CVE-2023-29800 MISC |
totolink -- x18 | TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain multiple command injection vulnerabilities via the rtLogEnabled and rtLogServer parameters in the setSyslogCfg function. | 2023-04-14 | not yet calculated | CVE-2023-29801 MISC |
totolink -- x18 | TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function. | 2023-04-14 | not yet calculated | CVE-2023-29802 MISC |
totolink -- x18 | TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the pid parameter in the disconnectVPN function. | 2023-04-14 | not yet calculated | CVE-2023-29803 MISC |
iodata -- wfs-sr03 | WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the sys_smb_pwdmod function. | 2023-04-14 | not yet calculated | CVE-2023-29804 MISC |
iodata -- wfs-sr03 | WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the pro_stor_canceltrans_handler_part_19 function. | 2023-04-14 | not yet calculated | CVE-2023-29805 MISC |
aerocms -- aerocms | AeroCMS v0.0.1 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the comment_author and comment_content parameters at /post.php. These vulnerabilities allow attackers to execute arbitrary web scripts or HTML via a crafted payload. | 2023-04-14 | not yet calculated | CVE-2023-29847 MISC |
slims -- bulian | SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user's geolocation and device information. | 2023-04-14 | not yet calculated | CVE-2023-29850 MISC |
redpanda -- rpk | rpk in Redpanda before 23.1.2 mishandles the redpanda.rpc_server_tls field, leading to (for example) situations in which there is a data type mismatch that cannot be automatically fixed by rpk, and instead a user must reconfigure (while a cluster is turned off) in order to have TLS on broker RPC ports. NOTE: the fix was also backported to the 22.2 and 22.3 branches. | 2023-04-08 | not yet calculated | CVE-2023-30450 MISC MISC MISC MISC MISC |
smartptt -- scada | SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default). | 2023-04-14 | not yet calculated | CVE-2023-30459 MISC MISC |
apache -- inlong | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the "orderType" parameter and the ordering of the returned content using an SQL injection attack, an attacker can extract the username of the user with ID 1 from the "user" table, one character at a time. Users are advised to upgrade to Apache InLong's 1.6.0 or cherry-pick [1] to solve it. https://programmer.help/blogs/jdbc-deserialization-vulnerability-learning.html [1] https://github.com/apache/inlong/issues/7529 https://github.com/apache/inlong/issues/7529 | 2023-04-11 | not yet calculated | CVE-2023-30465 MISC MISC |
cubefs -- cubefs | CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret. | 2023-04-12 | not yet calculated | CVE-2023-30512 MISC |
jenkins -- kubernetes_plugin | Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 2023-04-12 | not yet calculated | CVE-2023-30513 MISC MISC |
jenkins -- azure_key_vault_plugin | Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 2023-04-12 | not yet calculated | CVE-2023-30514 MISC MISC |
jenkins -- thycotic_devops_secrets_vault_plugin | Jenkins Thycotic DevOps Secrets Vault Plugin 1.0.0 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 2023-04-12 | not yet calculated | CVE-2023-30515 MISC MISC |
jenkins -- image_tag_parameter_plugin | Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image Tag Parameters that were created before 2.0 having SSL/TLS certificate validation disabled by default. | 2023-04-12 | not yet calculated | CVE-2023-30516 MISC MISC |
jenkins -- neuvector_vulnerability_scanner_plugin | Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner server. | 2023-04-12 | not yet calculated | CVE-2023-30517 MISC MISC |
jenkins -- thycotic_secret_server_plugin | A missing permission check in Jenkins Thycotic Secret Server Plugin 1.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 2023-04-12 | not yet calculated | CVE-2023-30518 MISC MISC |
jenkins -- quay.io_trigger_plugin | A missing permission check in Jenkins Quay.io trigger Plugin 0.1 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository. | 2023-04-12 | not yet calculated | CVE-2023-30519 MISC MISC |
jenkins -- quay.io_trigger_plugin | Jenkins Quay.io trigger Plugin 0.1 and earlier does not limit URL schemes for repository homepage URLs submitted via Quay.io trigger webhooks, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted Quay.io trigger webhook payloads. | 2023-04-12 | not yet calculated | CVE-2023-30520 MISC MISC |
jenkins -- assembla_merge_request_builder_plugin | A missing permission check in Jenkins Assembla merge request builder Plugin 1.1.13 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository. | 2023-04-12 | not yet calculated | CVE-2023-30521 MISC MISC |
jenkins -- fogbugz_plugin | A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter. | 2023-04-12 | not yet calculated | CVE-2023-30522 MISC MISC |
jenkins -- report_portal_plugin | Jenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | 2023-04-12 | not yet calculated | CVE-2023-30523 MISC MISC |
jenkins -- report_portal_plugin | Jenkins Report Portal Plugin 0.5 and earlier does not mask ReportPortal access tokens displayed on the configuration form, increasing the potential for attackers to observe and capture them. | 2023-04-12 | not yet calculated | CVE-2023-30524 MISC MISC |
jenkins -- report_portal_plugin | A cross-site request forgery (CSRF) vulnerability in Jenkins Report Portal Plugin 0.5 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified bearer token authentication. | 2023-04-12 | not yet calculated | CVE-2023-30525 MISC MISC |
jenkins -- report_portal_plugin | A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication. | 2023-04-12 | not yet calculated | CVE-2023-30526 MISC MISC |
jenkins -- wso2_oauth_plugin | Jenkins WSO2 Oauth Plugin 1.0 and earlier stores the WSO2 Oauth client secret unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 2023-04-12 | not yet calculated | CVE-2023-30527 MISC MISC |
jenkins -- wso2_oauth_plugin | Jenkins WSO2 Oauth Plugin 1.0 and earlier does not mask the WSO2 Oauth client secret on the global configuration form, increasing the potential for attackers to observe and capture it. | 2023-04-12 | not yet calculated | CVE-2023-30528 MISC MISC |
jenkins -- lucene_serach_plugin | Jenkins Lucene-Search Plugin 387.v938a_ecb_f7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database. | 2023-04-12 | not yet calculated | CVE-2023-30529 MISC MISC |
jenkins -- consul_kv_builder_plugin | Jenkins Consul KV Builder Plugin 2.0.13 and earlier stores the HashiCorp Consul ACL Token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 2023-04-12 | not yet calculated | CVE-2023-30530 MISC MISC |
jenkins -- consul_kv_builder_plugin | Jenkins Consul KV Builder Plugin 2.0.13 and earlier does not mask the HashiCorp Consul ACL Token on the global configuration form, increasing the potential for attackers to observe and capture it. | 2023-04-12 | not yet calculated | CVE-2023-30531 MISC MISC |
jenkins -- turboscript_plugin | A missing permission check in Jenkins TurboScript Plugin 1.3 and earlier allows attackers with Item/Read permission to trigger builds of jobs corresponding to the attacker-specified repository. | 2023-04-12 | not yet calculated | CVE-2023-30532 MISC MISC |
snowflake_jdbc -- snowflake_jdbc | Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. The vulnerability was patched on March 17, 2023 as part of Snowflake JDBC driver Version 3.13.29. All users should immediately upgrade the Snowflake JDBC driver to the latest version: 3.13.29. | 2023-04-14 | not yet calculated | CVE-2023-30535 MISC MISC |
dmidecode -- dmidecode | Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. | 2023-04-13 | not yet calculated | CVE-2023-30630 MISC MISC MISC MISC |
tikv -- tikv | TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error) upon an attempt to get a timestamp from the Placement Driver. | 2023-04-13 | not yet calculated | CVE-2023-30635 MISC |
tikv -- tikv | TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error, with RpcStatus UNAVAILABLE for "not leader") upon an attempt to start a node in a situation where the context deadline is exceeded | 2023-04-13 | not yet calculated | CVE-2023-30636 MISC |
baidu -- braft | Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. NOTE: installations with brpc-0.14.0 and later are unaffected. | 2023-04-13 | not yet calculated | CVE-2023-30637 MISC |
atos -- unify_openscape_sbc | Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands. | 2023-04-14 | not yet calculated | CVE-2023-30638 MISC MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.