Vulnerability Summary for the Week of May 15, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High: vulnerabilities with a CVSS base score of 7.0–10.0
Medium: vulnerabilities with a CVSS base score of 4.0–6.9
Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
PrimaryVendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
ideasoft --rental_module | Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.This issue affects Rental Module: before 23.05.15. | 2023-05-20 | 10 | CVE-2023-2712MISC |
wago -- multiple_products | In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. | 2023-05-15 | 9.8 | CVE-2023-1698MISC |
lost_and_found_information_system_project -- lost_and_found_information_system | A vulnerability was found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this issue is the function manager_category of the file admin/?page=categories/manage_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-228884. | 2023-05-12 | 9.8 | CVE-2023-2668MISCMISC |
lost_and_found_information_system_project -- lost_and_found_information_system | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as critical. This affects an unknown part of the file admin/?page=categories/view_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-228885 was assigned to this vulnerability. | 2023-05-12 | 9.8 | CVE-2023-2669MISCMISC |
lost_and_found_information_system_project -- lost_and_found_information_system | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated remotely. VDB-228886 is the identifier assigned to this vulnerability. | 2023-05-12 | 9.8 | CVE-2023-2670MISCMISC |
lost_and_found_information_system_project -- lost_and_found_information_system | A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228888. | 2023-05-12 | 9.8 | CVE-2023-2672MISCMISC |
companymaps_project -- companymaps | SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request. | 2023-05-12 | 9.8 | CVE-2023-29809MISCMISC |
judging_management_system_project -- judging_management_system | SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the contestant_id parameter. | 2023-05-12 | 9.8 | CVE-2023-30246MISCMISC |
storage_unit_rental_management_system_project -- storage_unit_rental_management_system | File Upload vulnerability found in Oretnom23 Storage Unit Rental Management System v.1.0 allows a remote attacker to execute arbitrary code via the update_settings parameter. | 2023-05-12 | 9.8 | CVE-2023-30247MISCMISC |
codesys -- multiple_products | An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47379MISC |
codesys -- multiple_products | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47380MISC |
codesys -- multiple_products | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47381MISC |
codesys -- multiple_products | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47382MISC |
codesys -- multiple_products | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47383MISC |
codesys -- multiple_products | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47384MISC |
codesys -- multiple_products | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47385MISC |
codesys -- multiple_products | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47386MISC |
codesys -- multiple_products | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47387MISC |
codesys -- multiple_products | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47388MISC |
codesys -- multiple_products | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47389MISC |
codesys -- multiple_products | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 2023-05-15 | 8.8 | CVE-2022-47390MISC |
google -- chrome | Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High) | 2023-05-12 | 8.8 | CVE-2023-2457MISCMISC |
google -- chrome | Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: High) | 2023-05-12 | 8.8 | CVE-2023-2458MISCMISC |
ideasoft -- rental_module | Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15. | 2023-05-20 | 8.8 | CVE-2023-2713MISC |
codesys -- development_system_v3 | Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application. | 2023-05-15 | 7.7 | CVE-2022-4048MISC |
codesys -- multiple_products | In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. | 2023-05-15 | 7.5 | CVE-2022-47391MISC |
rosariosis -- rosariosis | Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0. | 2023-05-12 | 7.5 | CVE-2023-2665CONFIRMMISC |
froxlor -- froxlor | Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16. | 2023-05-12 | 7.5 | CVE-2023-2666CONFIRMMISC |
Medium Vulnerabilities
PrimaryVendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
codesys -- multiple_products | Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition. | 2023-05-15 | 6.5 | CVE-2022-47378MISC |
codesys -- multiple_products | An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. | 2023-05-15 | 6.5 | CVE-2022-47392MISC |
codesys -- multiple_products | An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation. | 2023-05-15 | 6.5 | CVE-2022-47393MISC |
lost_and_found_information_system_project -- lost_and_found_information_system | A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-228883. | 2023-05-12 | 6.1 | CVE-2023-2667MISCMISC |
lost_and_found_information_system_project -- lost_and_found_information_system | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=save_inquiry of the component Contact Form. The manipulation of the argument fullname/contact/message leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228887. | 2023-05-12 | 6.1 | CVE-2023-2671MISCMISC |
companymaps_project -- companymaps | Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code. | 2023-05-12 | 6.1 | CVE-2023-29808MISCMISCMISC |
jerryscript -- jerryscript | Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c. | 2023-05-12 | 5.5 | CVE-2023-31913MISC |
jerryscript -- jerryscript | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc. | 2023-05-12 | 5.5 | CVE-2023-31914MISC |
jerryscript -- jerryscript | Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c. | 2023-05-12 | 5.5 | CVE-2023-31916MISC |
jerryscript -- jerryscript | Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c. | 2023-05-12 | 5.5 | CVE-2023-31918MISC |
jerryscript -- jerryscript | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c. | 2023-05-12 | 5.5 | CVE-2023-31919MISC |
jerryscript -- jerryscript | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c. | 2023-05-12 | 5.5 | CVE-2023-31920MISC |
jerryscript -- jerryscript | Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c. | 2023-05-12 | 5.5 | CVE-2023-31921MISC |
ibm -- planning_analytics_local | IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 250454. | 2023-05-12 | 5.4 | CVE-2023-28520MISCMISC |
ibm -- spectrum_protect | IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325. | 2023-05-12 | 4.9 | CVE-2023-27863MISCMISC |
codesolz -- easy_ad_manager | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodeSolz Easy Ad Manager plugin <= 1.0.0 versions. | 2023-05-12 | 4.8 | CVE-2023-25460MISC |
simple_tooltips_project -- simple_tooltips | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Justin Saad Simple Tooltips plugin <= 2.1.4 versions. | 2023-05-12 | 4.8 | CVE-2023-25958MISC |
apexchat -- apexchat | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ApexChat plugin <= 1.3.1 versions. | 2023-05-12 | 4.8 | CVE-2023-28414MISC |
codesys -- multiple_products | Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type. | 2023-05-15 | 4.3 | CVE-2022-22508MISC |
Low Vulnerabilities
PrimaryVendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
microsoft -- azure_arc_jumpstart | Azure Arc Jumpstart Information Disclosure Vulnerability | 2023-05-18 | 3.3 | CVE-2022-35798MISC |
Severity Not Yet Assigned
PrimaryVendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
umbraco -- cms | Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx. | 2023-05-18 | not yet calculated | CVE-2019-25137MISCMISCMISCMISC |
google -- android | Product: AndroidVersions: Android SoCAndroid ID: A-273754094 | 2023-05-15 | not yet calculated | CVE-2021-0877MISC |
moodle -- moodle | Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer. | 2023-05-16 | not yet calculated | CVE-2021-27131MISCMISC |
fastweb – fastgate_media_access | A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482_FW_230_FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462_FW_261_DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS. | 2023-05-19 | not yet calculated | CVE-2022-30114MISCMISCMISC |
western_digital -- multiple_products | An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202. | 2023-05-18 | not yet calculated | CVE-2022-36326MISCMISC |
western_digital -- multiple_products | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202. | 2023-05-18 | not yet calculated | CVE-2022-36327MISCMISC |
western_digital -- multiple_products | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This can only be exploited once an attacker gains root privileges on the devices using an authentication bypass issue or another vulnerability.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202. | 2023-05-18 | not yet calculated | CVE-2022-36328MISCMISC |
xen -- xen | Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads require SSBD active in order to coordinate it, such logic relies on using a per-core counter of threads that have SSBD active. When running on the mentioned hardware, it's possible for a guest to under or overflow the thread counter, because each write to VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that does the per-core active accounting. Underflowing the counter causes the value to get saturated, and thus attempts for guests running on the same core to set SSBD won't have effect because the hypervisor assumes it's already active. | 2023-05-17 | not yet calculated | CVE-2022-42336MISC |
acronis -- cyber_protect_home_office | Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40208. | 2023-05-18 | not yet calculated | CVE-2022-4418MISC |
algoo -- tracim | Algoo Tracim before 4.4.2 allows XSS via HTML file upload. | 2023-05-17 | not yet calculated | CVE-2022-45144MISCMISCMISC |
acronis -- multiple_products | Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984. | 2023-05-18 | not yet calculated | CVE-2022-45450MISC |
acronis -- multiple_products | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30430, Acronis Cyber Protect 15 (Windows) before build 30984. | 2023-05-18 | not yet calculated | CVE-2022-45452MISC |
acronis -- cyber_protect_15 | TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984. | 2023-05-18 | not yet calculated | CVE-2022-45453MISC |
acronis -- multiple_products | Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984. | 2023-05-18 | not yet calculated | CVE-2022-45457MISC |
acronis -- multiple_products | Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber Protect 15 (Windows, macOS, Linux) before build 30984. | 2023-05-18 | not yet calculated | CVE-2022-45458MISC |
acronis -- multiple_products | Sensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984. | 2023-05-18 | not yet calculated | CVE-2022-45459MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Bill Erickson Gallery Metabox plugin <= 1.5 versions. | 2023-05-20 | not yet calculated | CVE-2022-47134MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Don Benjamin WP Custom Fields Search plugin <= 1.2.34 versions. | 2023-05-18 | not yet calculated | CVE-2022-47157MISC |
wordpress -- wordpress | The Bit Form WordPress plugin before 1.9 does not validate the file types uploaded via it's file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server, leading to Remote Code Execution. | 2023-05-15 | not yet calculated | CVE-2022-4774MISC |
ibm -- infosphere_information_server | IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 243163. | 2023-05-19 | not yet calculated | CVE-2022-47984MISCMISC |
vinteo -- vcc | Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser. | 2023-05-12 | not yet calculated | CVE-2022-48020MISCMISCMISC |
octopus -- octopus | In affected versions of Octopus Deploy it is possible to discover network details via error message | 2023-05-18 | not yet calculated | CVE-2022-4870MISC |
wordpress -- wordpress | The ActiveCampaign WordPress plugin before 8.1.12 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 2023-05-15 | not yet calculated | CVE-2023-0233MISC |
wordpress -- wordpress | The f(x) TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 2023-05-15 | not yet calculated | CVE-2023-0490MISC |
wordpress -- wordpress | The RapidExpCart WordPress plugin through 1.0 does not sanitize and escape the url parameter in the rapidexpcart endpoint before storing it and outputting it back in the page, leading to a Stored Cross-Site Scripting vulnerability which could be used against high-privilege users such as admin, furthermore lack of csrf protection means an attacker can trick a logged in admin to perform the attack by submitting a hidden form. | 2023-05-15 | not yet calculated | CVE-2023-0520MISC |
wordpress -- wordpress | The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks. | 2023-05-15 | not yet calculated | CVE-2023-0600MISC |
wordpress -- wordpress | The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2023-05-15 | not yet calculated | CVE-2023-0644MISC |
wordpress -- wordpress | The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack | 2023-05-15 | not yet calculated | CVE-2023-0761MISC |
wordpress -- wordpress | The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack | 2023-05-15 | not yet calculated | CVE-2023-0762MISC |
wordpress -- wordpress | The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack | 2023-05-15 | not yet calculated | CVE-2023-0763MISC |
wordpress -- wordpress | The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.1 does not have proper authorization or nonce values for some POST requests, leading to unauthenticated data disclosure. | 2023-05-15 | not yet calculated | CVE-2023-0812MISC |
abb -- multiple_products | Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5. | 2023-05-17 | not yet calculated | CVE-2023-0863MISC |
abb -- multiple_products | Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5. | 2023-05-17 | not yet calculated | CVE-2023-0864MISC |
wordpress -- wordpress | The BizLibrary WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-05-15 | not yet calculated | CVE-2023-0892MISC |
silicon_labs -- gecko_platform_sdk | Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 2023-05-18 | not yet calculated | CVE-2023-0965MISCMISC |
wordpress -- wordpress | The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks. | 2023-05-15 | not yet calculated | CVE-2023-1019MISC |
netapp -- snapcenter | SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user. | 2023-05-12 | not yet calculated | CVE-2023-1096MISC |
silicon_labs -- gecko_platform_sdk | Compiler removal of buffer clearing in
sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 2023-05-18 | not yet calculated | CVE-2023-1132MISCMISC |
linux -- kernel | A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request. | 2023-05-18 | not yet calculated | CVE-2023-1195MISC |
wordpress -- wordpress | This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability. | 2023-05-15 | not yet calculated | CVE-2023-1207MISC |
wordpress -- wordpress | The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present | 2023-05-15 | not yet calculated | CVE-2023-1549MISC |
wordpress -- wordpress | The tagDiv Composer WordPress plugin before 4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 2023-05-15 | not yet calculated | CVE-2023-1596MISC |
mitshbishi_eclectric -- melsec_ws_series_wso-geth00200 | Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 all versions allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and is enabled by default when shipped from the factory. As a result, a remote attacker with unauthorized login can reset the module, and if certain conditions are met, he/she can disclose or tamper with the module's configuration or rewrite the firmware. | 2023-05-19 | not yet calculated | CVE-2023-1618MISCMISCMISC |
huawei -- multiple_products | The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality. | 2023-05-20 | not yet calculated | CVE-2023-1692MISCMISC |
huawei -- multiple_products | The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. | 2023-05-20 | not yet calculated | CVE-2023-1693MISCMISC |
huawei -- multiple_products | The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. | 2023-05-20 | not yet calculated | CVE-2023-1694MISCMISC |
huawei -- multiple_products | The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability. | 2023-05-20 | not yet calculated | CVE-2023-1696MISCMISC |
libraw -- libraw | A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. | 2023-05-15 | not yet calculated | CVE-2023-1729MISCMISCFEDORAFEDORA |
cannon -- ij_nw_toool | Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the software. | 2023-05-17 | not yet calculated | CVE-2023-1763MISCMISC |
cannon -- ij_nw_toool | Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the communication of the software. | 2023-05-17 | not yet calculated | CVE-2023-1764MISCMISC |
wordpress -- wordpress | The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 2023-05-15 | not yet calculated | CVE-2023-1835MISC |
wordpress -- wordpress | The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.6 does not sanitize and escape some of its setting fields, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup). | 2023-05-15 | not yet calculated | CVE-2023-1839MISC |
linux -- kernel | A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. | 2023-05-17 | not yet calculated | CVE-2023-1859MISC |
wordpress -- wordpress | The Tablesome WordPress plugin before 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting | 2023-05-15 | not yet calculated | CVE-2023-1890MISC |
wordpress -- wordpress | The Thumbnail carousel slider WordPress plugin before 1.1.10 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting vulnerability which could be used against high privilege users such as admin. | 2023-05-15 | not yet calculated | CVE-2023-1915MISC |
binutils -- binutils | A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. | 2023-05-17 | not yet calculated | CVE-2023-1972MISCMISC |
dassault -- 3dexperience | A reflected Cross-site Scripting (XSS) vulnerability in 3DEXPERIENCE R2018x through R2023x allows an attacker to execute arbitrary script code. | 2023-05-19 | not yet calculated | CVE-2023-1996MISC |
cisco -- business_wireless_access_points_software | A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the Guest Portal without authentication. | 2023-05-18 | not yet calculated | CVE-2023-20003CISCO |
cisco -- small_business_smart_and_managed_switches | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20024CISCO |
cisco -- identity_services_engine_software | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to download arbitrary files from the underlying filesystem of the affected device. | 2023-05-18 | not yet calculated | CVE-2023-20077CISCO |
cisco -- identity_services_engine_software | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to download arbitrary files from the underlying filesystem of the affected device. | 2023-05-18 | not yet calculated | CVE-2023-20087CISCO |
wordpress -- wordpress | Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 2023-05-15 | not yet calculated | CVE-2023-2009MISC |
cisco -- identity_services_engine_software | Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20106CISCO |
cisco -- smart_software_manager_on_prem | A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validates user input. An attacker could exploit this vulnerability by authenticating to the application as a low-privileged user and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to read sensitive data on the underlying database. | 2023-05-18 | not yet calculated | CVE-2023-20110CISCO |
cisco -- small_business_smart_and_managed_switches | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20156CISCO |
cisco -- small_business_smart_and_managed_switches | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20157CISCO |
cisco -- small_business_smart_and_managed_switches | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20158CISCO |
cisco -- small_business_smart_and_managed_switches | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20159CISCO |
cisco -- small_business_smart_and_managed_switches | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20160CISCO |
cisco -- small_business_smart_and_managed_switches | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20161CISCO |
cisco -- small_business_smart_and_managed_switches | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20162CISCO |
cisco – identity_services_engine_software | Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20163CISCO |
cisco – identity_services_engine_software | Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20164CISCO |
cisco – identity_services_engine_software | Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20166CISCO |
cisco – identity_services_engine_software | Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20167CISCO |
cisco – identity_services_engine_software | Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20171CISCO |
cisco – identity_services_engine_software | Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20172CISCO |
cisco – identity_services_engine_software | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side request forgery (SSRF) attack through an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20173CISCO |
cisco – identity_services_engine_software | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side request forgery (SSRF) attack through an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20174CISCO |
cisco -- digital_network_architecture_center | Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20182CISCO |
cisco -- digital_network_architecture_center | Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20183CISCO |
cisco -- digital_network_architecture_center | Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20184CISCO |
cisco -- small_business_smart_and_managed_switches | Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-05-18 | not yet calculated | CVE-2023-20189CISCO |
johnson_controls -- openblue_enterprise_manager_data_collector | Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances. | 2023-05-18 | not yet calculated | CVE-2023-2024MISCMISC |
johnson_controls -- openblue_enterprise_manager_data_collector | OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances. | 2023-05-18 | not yet calculated | CVE-2023-2025MISCMISC |
mediatek -- multiple_products | In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103. | 2023-05-15 | not yet calculated | CVE-2023-20673MISC |
mediatek -- multiple_products | In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only). | 2023-05-15 | not yet calculated | CVE-2023-20694MISC |
mediatek -- multiple_products | In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only). | 2023-05-15 | not yet calculated | CVE-2023-20695MISC |
mediatek -- multiple_products | In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only). | 2023-05-15 | not yet calculated | CVE-2023-20696MISC |
mediatek -- multiple_products | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148. | 2023-05-15 | not yet calculated | CVE-2023-20697MISC |
mediatek -- multiple_products | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144. | 2023-05-15 | not yet calculated | CVE-2023-20698MISC |
mediatek -- multiple_products | In adsp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07696073; Issue ID: ALPS07696073. | 2023-05-15 | not yet calculated | CVE-2023-20699MISC |
mediatek -- multiple_products | In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304. | 2023-05-15 | not yet calculated | CVE-2023-20700MISC |
mediatek -- multiple_products | In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643270; Issue ID: ALPS07643270. | 2023-05-15 | not yet calculated | CVE-2023-20701MISC |
mediatek -- multiple_products | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767853; Issue ID: ALPS07767853. | 2023-05-15 | not yet calculated | CVE-2023-20703MISC |
mediatek -- multiple_products | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767826; Issue ID: ALPS07767826. | 2023-05-15 | not yet calculated | CVE-2023-20704MISC |
mediatek -- multiple_products | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767870; Issue ID: ALPS07767870. | 2023-05-15 | not yet calculated | CVE-2023-20705MISC |
mediatek -- multiple_products | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860. | 2023-05-15 | not yet calculated | CVE-2023-20706MISC |
mediatek -- multiple_products | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628556; Issue ID: ALPS07628556. | 2023-05-15 | not yet calculated | CVE-2023-20707MISC |
mediatek -- multiple_products | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655. | 2023-05-15 | not yet calculated | CVE-2023-20708MISC |
mediatek -- multiple_products | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951. | 2023-05-15 | not yet calculated | CVE-2023-20709MISC |
mediatek -- multiple_products | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935. | 2023-05-15 | not yet calculated | CVE-2023-20710MISC |
mediatek -- multiple_products | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668. | 2023-05-15 | not yet calculated | CVE-2023-20711MISC |
mediatek -- multiple_products | In vcu, there is a possible leak of dma buffer due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645185; Issue ID: ALPS07645185. | 2023-05-15 | not yet calculated | CVE-2023-20717MISC |
mediatek -- multiple_products | In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645181; Issue ID: ALPS07645181. | 2023-05-15 | not yet calculated | CVE-2023-20718MISC |
mediatek -- multiple_products | In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583. | 2023-05-15 | not yet calculated | CVE-2023-20719MISC |
mediatek -- multiple_products | In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629586; Issue ID: ALPS07629586. | 2023-05-15 | not yet calculated | CVE-2023-20720MISC |
mediatek -- multiple_products | In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07162155; Issue ID: ALPS07162155. | 2023-05-15 | not yet calculated | CVE-2023-20721MISC |
mediatek -- multiple_products | In m4u, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07771518; Issue ID: ALPS07680084. | 2023-05-15 | not yet calculated | CVE-2023-20722MISC |
mnld -- mnld | In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only). | 2023-05-15 | not yet calculated | CVE-2023-20726MISC |
vmware -- aria_operations | VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation. | 2023-05-12 | not yet calculated | CVE-2023-20877MISC |
vmware -- aria_operations | VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. | 2023-05-12 | not yet calculated | CVE-2023-20878MISC |
vmware -- aria_operations | VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. | 2023-05-12 | not yet calculated | CVE-2023-20879MISC |
openstack -- openstack | A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality. | 2023-05-12 | not yet calculated | CVE-2023-2088MISC |
vmware -- aria_operations | VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. | 2023-05-12 | not yet calculated | CVE-2023-20880MISC |
cloud_controller_ap -- cloud_controller_api | Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user to override the private key and add or modify a certificate authority used for the connection. | 2023-05-19 | not yet calculated | CVE-2023-20881MISC |
google -- android | In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-189942529 | 2023-05-15 | not yet calculated | CVE-2023-20914MISC |
google -- android | In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-250576066 | 2023-05-15 | not yet calculated | CVE-2023-20930MISC |
google -- android | In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel | 2023-05-15 | not yet calculated | CVE-2023-21102MISC |
google -- android | In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622 | 2023-05-15 | not yet calculated | CVE-2023-21103MISC |
google -- android | In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-259938771 | 2023-05-15 | not yet calculated | CVE-2023-21104MISC |
google -- android | In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-265016072References: Upstream kernel | 2023-05-15 | not yet calculated | CVE-2023-21106MISC |
google -- android | In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259385017 | 2023-05-15 | not yet calculated | CVE-2023-21107MISC |
google -- android | In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597 | 2023-05-15 | not yet calculated | CVE-2023-21109MISC |
google -- android | In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258422365 | 2023-05-15 | not yet calculated | CVE-2023-21110MISC |
google -- android | In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769 | 2023-05-15 | not yet calculated | CVE-2023-21111MISC |
google -- android | In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252763983 | 2023-05-15 | not yet calculated | CVE-2023-21112MISC |
google -- android | In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256202273 | 2023-05-15 | not yet calculated | CVE-2023-21116MISC |
google -- android | In registerReceiverWithFeature of ActivityManagerService.java, there is a possible way for isolated processes to register a broadcast receiver due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263358101 | 2023-05-15 | not yet calculated | CVE-2023-21117MISC |
google -- android | In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004 | 2023-05-15 | not yet calculated | CVE-2023-21118MISC |
linux -- kernel | An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. | 2023-05-15 | not yet calculated | CVE-2023-2124MISC |
schneider_electric -- opc_factory_server | A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized read access to the file system when a malicious configuration file is loaded on to the software by a local user. | 2023-05-16 | not yet calculated | CVE-2023-2161MISC |
wordpress -- wordpress | The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making them paid without actually paying for them for example | 2023-05-15 | not yet calculated | CVE-2023-2179MISC |
wordpress -- wordpress | The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization (assuming they can upload a file on the server) | 2023-05-15 | not yet calculated | CVE-2023-2180MISC |
gitlab -- gitlab | An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI. | 2023-05-12 | not yet calculated | CVE-2023-2181MISCMISCCONFIRM |
jenkins -- Jenkins_code_dx_plugin | A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL. | 2023-05-16 | not yet calculated | CVE-2023-2195MISC |
jenkins -- Jenkins_code_dx_plugin | A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system. | 2023-05-16 | not yet calculated | CVE-2023-2196MISC |
red_hat -- webkitgtk | A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. | 2023-05-17 | not yet calculated | CVE-2023-2203MISCMISCMISCMISC |
checkmk -- tribe29 | Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5. | 2023-05-15 | not yet calculated | CVE-2023-22318MISC |
checkmk -- gmbh | Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs. | 2023-05-17 | not yet calculated | CVE-2023-22348MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin <= 1.5.3 versions. | 2023-05-15 | not yet calculated | CVE-2023-22684MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin <= v2.2 versions. | 2023-05-12 | not yet calculated | CVE-2023-22685MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3 versions. | 2023-05-20 | not yet calculated | CVE-2023-22689MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.775 versions. | 2023-05-15 | not yet calculated | CVE-2023-22690MISC |
wordpress -- wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin WCP Contact Form plugin <= 3.1.0 versions. | 2023-05-15 | not yet calculated | CVE-2023-22703MISC |
wordpress -- wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.48 versions. | 2023-05-15 | not yet calculated | CVE-2023-22706MISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in nCrafts FormCraft plugin <= 1.2.6 versions. | 2023-05-15 | not yet calculated | CVE-2023-22717MISC |
wordpress -- wordpress | The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.10.7. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. | 2023-05-20 | not yet calculated | CVE-2023-2276MISCMISCMISC |
ibm -- infosphere_information_server | IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 244373. | 2023-05-19 | not yet calculated | CVE-2023-22878MISCMISC |
red_hat -- libreswan | A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. | 2023-05-17 | not yet calculated | CVE-2023-2295MISCMISCMISCMISC |
red_hat -- pcs | It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2. | 2023-05-17 | not yet calculated | CVE-2023-2319MISCMISCMISC |
sick_ag -- multiple_products | Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface. | 2023-05-15 | not yet calculated | CVE-2023-23445MISCMISCMISC |
sick_ag -- multiple_products | Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface. | 2023-05-15 | not yet calculated | CVE-2023-23446MISCMISCMISC |
sick_ag -- multiple_products | Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to influence the availability of the webserver by invocing several open file requests via the REST interface. | 2023-05-15 | not yet calculated | CVE-2023-23447MISCMISCMISC |
sick_ag -- multiple_products | Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames via analysis of source code. | 2023-05-15 | not yet calculated | CVE-2023-23448MISCMISCMISC |
sick_ag -- multiple_products | Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface. | 2023-05-15 | not yet calculated | CVE-2023-23449MISCMISCMISC |
sick_ag -- multiple_products | Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to use a password hash instead of an actual password to login to a valid user account via the REST interface. | 2023-05-15 | not yet calculated | CVE-2023-23450MISCMISCMISC |
facebook -- hermes | An error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a malicious attacker to execute arbitrary code due to an out-of-bound write. Note that this bug is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | 2023-05-18 | not yet calculated | CVE-2023-23556MISCMISC |
facebook -- hermes | An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | 2023-05-18 | not yet calculated | CVE-2023-23557MISCMISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPmanage Uji Popup plugin <= 1.4.3 versions. | 2023-05-16 | not yet calculated | CVE-2023-23641MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SparkPost plugin <= 3.2.5 versions. | 2023-05-15 | not yet calculated | CVE-2023-23654MISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Richard Leishman t/a Webforward Mail Subscribe List plugin <= 2.1.9 versions. | 2023-05-16 | not yet calculated | CVE-2023-23657MISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in BeRocket Brands for WooCommerce plugin <= 3.7.0.6 versions. | 2023-05-18 | not yet calculated | CVE-2023-23667MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Harish Chouhan, Themeist I Recommend This plugin <= 3.8.3 versions. | 2023-05-16 | not yet calculated | CVE-2023-23673MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in RVOLA WP Original Media Path plugin <= 2.4.0 versions. | 2023-05-15 | not yet calculated | CVE-2023-23674MISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bruno "Aesqe" Babic File Gallery plugin <= 1.8.5.3 versions. | 2023-05-16 | not yet calculated | CVE-2023-23676MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap Creek Software EZP Maintenance Mode plugin <= 1.0.1 versions. | 2023-05-15 | not yet calculated | CVE-2023-23682MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ozan Canakli White Label Branding for Elementor Page Builder plugin <= 1.0.2 versions. | 2023-05-15 | not yet calculated | CVE-2023-23683MISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions. | 2023-05-15 | not yet calculated | CVE-2023-23688MISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Arconix Shortcodes plugin <= 2.1.7 versions. | 2023-05-16 | not yet calculated | CVE-2023-23703MISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Denis WPJAM Basic plugin <= 6.2.1 versions. | 2023-05-16 | not yet calculated | CVE-2023-23709MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin <= 2.3.13 versions. | 2023-05-16 | not yet calculated | CVE-2023-23720MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Formilla Live Chat by Formilla plugin <= 1.3 versions. | 2023-05-16 | not yet calculated | CVE-2023-23727MISC |
facebook -- fizz | There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impact is limited to denial of service). | 2023-05-18 | not yet calculated | CVE-2023-23759MISCMISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SnapOrbital Panorama plugin <= 1.5 versions. | 2023-05-12 | not yet calculated | CVE-2023-23810MISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gautam Thapar Button Builder – Buttons X plugin <= 0.8.6 versions. | 2023-05-12 | not yet calculated | CVE-2023-23867MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in LJ Apps WP Airbnb Review Slider plugin <= 3.2 versions. | 2023-05-20 | not yet calculated | CVE-2023-23890MISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in MonsterInsights plugin <= 8.14.0 versions. | 2023-05-18 | not yet calculated | CVE-2023-23999MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.11 versions. | 2023-05-20 | not yet calculated | CVE-2023-24414MISC |
openprinting -- cups-filters | cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime. | 2023-05-17 | not yet calculated | CVE-2023-24805MISCMISCMISCMISCMISC |
silicon_labs -- gecko_platform_sdk | Compiler removal of buffer clearing in
sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 2023-05-18 | not yet calculated | CVE-2023-2481MISCMISC |
facebook -- hermes | A null pointer dereference bug in Hermes prior to commit 5cae9f72975cf0e5a62b27fdd8b01f103e198708 could have been used by an attacker to crash an Hermes runtime where the EnableHermesInternal config option was set to true. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | 2023-05-18 | not yet calculated | CVE-2023-24832MISCMISC |
facebook -- hermes | A use-after-free in BigIntPrimitive addition in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by an attacker to leak raw data from Hermes VM’s heap. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | 2023-05-18 | not yet calculated | CVE-2023-24833MISCMISC |
emacs -- emacs | A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. | 2023-05-17 | not yet calculated | CVE-2023-2491MISCMISCMISCMISC |
wordpress -- wordpress | The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. This is due to insufficient verification on the user being supplied during a Google social login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. | 2023-05-16 | not yet calculated | CVE-2023-2499MISCMISCMISC |
autodesk -- infraworks | A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability. | 2023-05-12 | not yet calculated | CVE-2023-25005MISC |
autodesk -- 3ds_max_usd_plugin | A malicious actor may convince a user to open a malicious USD file that may trigger a use-after-free vulnerability which could result in code execution. | 2023-05-12 | not yet calculated | CVE-2023-25006MISC |
autodesk -- 3ds_max_usd_plugin | A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution. | 2023-05-12 | not yet calculated | CVE-2023-25007MISC |
autodesk -- 3ds_max_usd_plugin | A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds read vulnerability which could result in code execution. | 2023-05-12 | not yet calculated | CVE-2023-25008MISC |
autodesk -- 3ds_max_usd_plugin | A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds write vulnerability which could result in code execution. | 2023-05-12 | not yet calculated | CVE-2023-25009MISC |
asustor -- adm | A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to inject malicious scripts into the target applications to access any cookies or sensitive information retained by the browser and used with that application. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below, LooksGood 2.0.0.R129 and below and SoundsGood 2.3.0.r1027 and below. | 2023-05-17 | not yet calculated | CVE-2023-2509MISC |
wordpress -- wordpress | The Contact Form by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.24. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to execute AJAX actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-05-17 | not yet calculated | CVE-2023-2528MISCMISCMISC |
videostream -- videostream | Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script attempts to update Videostream every 5 hours. | 2023-05-17 | not yet calculated | CVE-2023-25394MISCMISC |
soft-o -- free_password_manager | A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows attackers to create arbitrary DLLs leading to code execution. | 2023-05-12 | not yet calculated | CVE-2023-25428MISCMISC |
wordpress -- wordpress | The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers, with administrator-level permissions and above, to change user passwords and potentially take over super-administrator accounts in multisite setup. | 2023-05-16 | not yet calculated | CVE-2023-2548MISCMISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Studio Wombat Shoppable Images plugin <= 1.2.3 versions. | 2023-05-18 | not yet calculated | CVE-2023-25698MISC |
ibm -- security_verify_access | IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635. | 2023-05-12 | not yet calculated | CVE-2023-25927MISCMISC |
facebook -- hermes | A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could have been used by a malicious attacker to execute arbitrary code via untrusted JavaScript. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | 2023-05-18 | not yet calculated | CVE-2023-25933MISCMISC |
reactphp -- http | react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impact on the default configuration, but can be exploited when explicitly using the RequestBodyBufferMiddleware with very large settings. This might lead to consuming large amounts of CPU time for processing requests and significantly delay or slow down the processing of legitimate user requests. This issue has been addressed in release 1.9.0. Users are advised to upgrade. Users unable to upgrade may keep the request body limited using RequestBodyBufferMiddleware with a sensible value which should mitigate the issue. An infrastructure or DevOps workaround could be to place a reverse proxy in front of the ReactPHP HTTP server to filter out any excessive HTTP request bodies. | 2023-05-17 | not yet calculated | CVE-2023-26044MISCMISC |
wordpress -- wordpress | The Multiple Page Generator Plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 3.3.17 due to missing nonce verification on the projects_list function and insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries leading to resource exhaustion via a forged request granted they can trick an administrator into performing an action such as clicking on a link. Version 3.3.18 addresses the SQL Injection, which drastically reduced the severity. | 2023-05-17 | not yet calculated | CVE-2023-2608MISCMISCMISCMISC |
jenkins -- code_dx_plugin | A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | 2023-05-16 | not yet calculated | CVE-2023-2631MISC |
jenkins -- code_dx_plugin | Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | 2023-05-16 | not yet calculated | CVE-2023-2632MISC |
jenkins -- code_dx_plugin | Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them. | 2023-05-16 | not yet calculated | CVE-2023-2633MISC |
snow_software -- spe_slm | Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data. | 2023-05-17 | not yet calculated | CVE-2023-2679MISC |
telegram -- telegram | Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag. | 2023-05-19 | not yet calculated | CVE-2023-26818MISCMISC |
sourcecodester -- billing_management_system | A vulnerability classified as critical was found in SourceCodester Billing Management System 1.0. This vulnerability affects unknown code of the file editproduct.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228970 is the identifier assigned to this vulnerability. | 2023-05-14 | not yet calculated | CVE-2023-2689MISCMISCMISC |
sourcecodester -- personnel_property_equipment_system | A vulnerability, which was classified as critical, has been found in SourceCodester Personnel Property Equipment System 1.0. This issue affects some unknown processing of the file admin/returned_reuse_form.php of the component GET Parameter Handler. The manipulation of the argument client_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228971. | 2023-05-14 | not yet calculated | CVE-2023-2690MISCMISCMISC |
sourcecodester -- personnel_property_equipment_system | A vulnerability, which was classified as problematic, was found in SourceCodester Personnel Property Equipment System 1.0. Affected is an unknown function of the file admin/add_item.php of the component POST Parameter Handler. The manipulation of the argument item_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228972. | 2023-05-14 | not yet calculated | CVE-2023-2691MISCMISCMISC |
sourcecodester -- ict_laboratory | A vulnerability has been found in SourceCodester ICT Laboratory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/room_info.php of the component GET Parameter Handler. The manipulation of the argument name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228973 was assigned to this vulnerability. | 2023-05-14 | not yet calculated | CVE-2023-2692MISCMISCMISC |
sourcecodester -- online_exam_system | A vulnerability was found in SourceCodester Online Exam System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /mahasiswa/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228974 is the identifier assigned to this vulnerability. | 2023-05-14 | not yet calculated | CVE-2023-2693MISCMISCMISC |
sourcecodester -- online_exam_system | A vulnerability was found in SourceCodester Online Exam System 1.0. It has been classified as critical. This affects an unknown part of the file /dosen/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228975. | 2023-05-14 | not yet calculated | CVE-2023-2694MISCMISCMISC |
sourcecodester -- online_exam_system | A vulnerability was found in SourceCodester Online Exam System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /kelas/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228976. | 2023-05-14 | not yet calculated | CVE-2023-2695MISCMISCMISC |
sourcecodester -- online_exam_system | A vulnerability was found in SourceCodester Online Exam System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /matkul/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228977 was assigned to this vulnerability. | 2023-05-14 | not yet calculated | CVE-2023-2696MISCMISCMISC |
sourcecodester -- online_exam_system | A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /jurusan/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-228978 is the identifier assigned to this vulnerability. | 2023-05-14 | not yet calculated | CVE-2023-2697MISCMISCMISC |
sourcecodester -- lost_and_found_information_system | A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=items/manage_item of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228979. | 2023-05-14 | not yet calculated | CVE-2023-2698MISCMISCMISC |
sourcecodester -- lost_and_found_information_system | A vulnerability, which was classified as critical, has been found in SourceCodester Lost and Found Information System 1.0. Affected by this issue is some unknown functionality of the file admin/?page=items/view_item of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228980. | 2023-05-14 | not yet calculated | CVE-2023-2699MISCMISCMISC |
libvrt -- libvrt | A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. | 2023-05-15 | not yet calculated | CVE-2023-2700MISCMISCMISC |
wordpress -- wordpress | The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. | 2023-05-19 | not yet calculated | CVE-2023-2704MISCMISCMISCMISC |
wordpress -- wordpress | The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. This is due to the fact that when generating OTP codes for users to use in order to login via phone number, the plugin returns these codes in an AJAX response. This makes it possible for unauthenticated attackers to obtain login codes for administrators. This does require an attacker have access to the phone number configured for an account, which can be obtained via social engineering or reconnaissance. | 2023-05-17 | not yet calculated | CVE-2023-2706MISCMISCMISC |
wordpress -- wordpress | The Video Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘search_term’ parameter in versions up to, and including, 1.0.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | 2023-05-16 | not yet calculated | CVE-2023-2708MISCMISCMISC |
wordpress -- wordpress | The video carousel slider with lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | 2023-05-16 | not yet calculated | CVE-2023-2710MISCMISCMISC |
wordpress -- wordpress | The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'check_license' functions in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change the license key and support license key, but it can only be changed to a valid license key. | 2023-05-20 | not yet calculated | CVE-2023-2714MISCMISCMISCMISC |
wordpress -- wordpress | The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submit_ticket' function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers to create a support ticket that sends the website's data to the plugin developer, and it is also possible to create an admin access with an auto login link that is also sent to the plugin developer with the ticket. It only works if the plugin is activated with a valid license. | 2023-05-20 | not yet calculated | CVE-2023-2715MISCMISCMISC |
wordpress -- wordpress | The Groundhogg plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'ajax_upload_file' function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload a file to the contact, and then lists all the other uploaded files related to the contact. | 2023-05-20 | not yet calculated | CVE-2023-2716MISCMISCMISC |
wordpress -- wordpress | The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation on the 'enable_safe_mode' function. This makes it possible for unauthenticated attackers to enable safe mode, which disables all other plugins, via a forged request if they can successfully trick an administrator into performing an action such as clicking on a link. A warning message about safe mode is displayed to the admin, which can be easily disabled. | 2023-05-20 | not yet calculated | CVE-2023-2717MISCMISCMISC |
google -- chrome | Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | 2023-05-16 | not yet calculated | CVE-2023-2721MISCMISCMISCMISCMISC |
belkin -- smart_outlet | A stack-based buffer overflow in the ChangeFriendlyName() function of Belkin Smart Outlet V2 F7c063 firmware_2.00.11420.OWRT.PVT_SNSV2 allows attackers to cause a Denial of Service (DoS) via a crafted UPNP request. | 2023-05-18 | not yet calculated | CVE-2023-27217MISC |
google -- chrome | Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-05-16 | not yet calculated | CVE-2023-2722MISCMISCMISCMISCMISC |
google -- chrome | Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-05-16 | not yet calculated | CVE-2023-2723MISCMISCMISCMISCMISC |
piwigo -- piwigo | Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order[0][dir] parameter at user_list_backend.php. | 2023-05-17 | not yet calculated | CVE-2023-27233MISCCONFIRM |
google -- chrome | Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-05-16 | not yet calculated | CVE-2023-2724MISCMISCMISCMISCMISC |
google -- chrome | Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-05-16 | not yet calculated | CVE-2023-2725MISCMISCMISCMISCMISC |
google -- chrome | Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium) | 2023-05-16 | not yet calculated | CVE-2023-2726MISCMISCMISCMISCMISC |
pimcore -- pimcore | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3. | 2023-05-16 | not yet calculated | CVE-2023-2730CONFIRMMISC |
libtiff -- libtiff | A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. | 2023-05-17 | not yet calculated | CVE-2023-2731MISCMISCMISCMISC |
wordpress -- wordpress | The Groundhogg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gh_form' shortcode in versions up to, and including, 2.7.9.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Please note this only works with legacy contact forms. | 2023-05-20 | not yet calculated | CVE-2023-2735MISCMISCMISCMISC |
wordpress -- wordpress | The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation in the 'ajax_edit_contact' function. This makes it possible for authenticated attackers to receive the auto login link via shortcode and then modify the assigned user to the auto login link to elevate verified user privileges via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-05-20 | not yet calculated | CVE-2023-2736MISCMISCMISCMISC |
tongda -- oa | A vulnerability classified as critical has been found in Tongda OA 11.10. This affects the function actionGetdata of the file GatewayController.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229149 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-05-16 | not yet calculated | CVE-2023-2738MISCMISCMISC |
gira -- homeserver | A vulnerability classified as problematic was found in Gira HomeServer up to 4.12.0.220829 beta. This vulnerability affects unknown code of the file /hslist. The manipulation of the argument lst with the input debug%27"><img%20src=x%20onerror=alert(document.cookie)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229150 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-05-16 | not yet calculated | CVE-2023-2739MISCMISC |
sourcecodester -- guest_management_system | A vulnerability, which was classified as problematic, has been found in SourceCodester Guest Management System 1.0. Affected by this issue is some unknown functionality of the file dateTest.php of the component GET Parameter Handler. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229160. | 2023-05-16 | not yet calculated | CVE-2023-2740MISCMISCMISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Ramon Fincken Auto Prune Posts plugin <= 1.8.0 versions. | 2023-05-18 | not yet calculated | CVE-2023-27423MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Ramon Fincken Mass Delete Unused Tags plugin <= 2.0.0 versions. | 2023-05-18 | not yet calculated | CVE-2023-27430MISC |
wordpress -- wordpress | WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack. | 2023-05-17 | not yet calculated | CVE-2023-2745MISCMISCMISCMISC |
phpmyfaq -- phpmyfaq | Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta. | 2023-05-17 | not yet calculated | CVE-2023-2752CONFIRMMISC |
phpmyfaq -- phpmyfaq | Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta. | 2023-05-17 | not yet calculated | CVE-2023-2753MISCCONFIRM |
pimcore -- pimcore/customer-data-framework | SQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10. | 2023-05-17 | not yet calculated | CVE-2023-2756MISCCONFIRM |
wordpress -- wordpress | The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on 'saveLang' functions in versions up to, and including, 0.6.2. This could lead to Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for subscriber-level attackers to access functions to save plugin data that can potentially lead to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-05-18 | not yet calculated | CVE-2023-2757MISCMISCMISC |
weaver -- oa | A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-05-17 | not yet calculated | CVE-2023-2765MISCMISCMISC |
weaver -- oa | A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-05-17 | not yet calculated | CVE-2023-2766MISCMISCMISC |
sucms -- sucms | A vulnerability was found in Sucms 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin_ads.php?action=add. The manipulation of the argument intro leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-229274 is the identifier assigned to this vulnerability. | 2023-05-17 | not yet calculated | CVE-2023-2768MISCMISCMISC |
sourcecodester -- service_provider_management_system | A vulnerability classified as critical has been found in SourceCodester Service Provider Management System 1.0. This affects an unknown part of the file /classes/Master.php?f=delete_service. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229275. | 2023-05-17 | not yet calculated | CVE-2023-2769MISCMISCMISC |
sourcecodester -- online_exam_system | A vulnerability classified as critical was found in SourceCodester Online Exam System 1.0. This vulnerability affects unknown code of the file /kelasdosen/data. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229276. | 2023-05-17 | not yet calculated | CVE-2023-2770MISCMISCMISC |
sourcecodester -- online_exam_system | A vulnerability, which was classified as critical, has been found in SourceCodester Online Exam System 1.0. This issue affects some unknown processing of the file /jurusanmatkul/data. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229277 was assigned to this vulnerability. | 2023-05-17 | not yet calculated | CVE-2023-2771MISCMISCMISC |
sourcecodester -- budget_and_expense_tracker_system | A vulnerability, which was classified as critical, was found in SourceCodester Budget and Expense Tracker System 1.0. Affected is an unknown function of the file /admin/budget/manage_budget.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-229278 is the identifier assigned to this vulnerability. | 2023-05-17 | not yet calculated | CVE-2023-2772MISCMISCMISC |
code-projects -- bus_dispatch_and_information_system | A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file view_admin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229279. | 2023-05-17 | not yet calculated | CVE-2023-2773MISCMISCMISC |
code-projects -- bus_dispatch_and_information_system | A vulnerability was found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file view_branch.php. The manipulation of the argument branchid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229280. | 2023-05-17 | not yet calculated | CVE-2023-2774MISCMISCMISC |
idurar_erp -- crm_v1 | IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login. | 2023-05-16 | not yet calculated | CVE-2023-27742MISC |
code-projects -- bus_dispatch_and_information_system | A vulnerability was found in code-projects Bus Dispatch and Information System 1.0. It has been classified as critical. This affects an unknown part of the file adminHome.php. The manipulation of the argument reach_city leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229281 was assigned to this vulnerability. | 2023-05-17 | not yet calculated | CVE-2023-2775MISCMISCMISC |
code-projects -- simple_photo_gallery | A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-229282 is the identifier assigned to this vulnerability. | 2023-05-17 | not yet calculated | CVE-2023-2776MISCMISCMISC |
mlflow/mlflow -- mlflow/mlflow | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. | 2023-05-17 | not yet calculated | CVE-2023-2780CONFIRMMISC |
acronis -- acronis_cyber_infrastructure | Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.3.1-38. | 2023-05-18 | not yet calculated | CVE-2023-2782MISC |
gnu -- cflow | A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-229373 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-05-18 | not yet calculated | CVE-2023-2789MISCMISCMISCMISC |
totolink -- n200re | A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255_B20211224. Affected is an unknown function of the file /squashfs-root/etc_ro/custom.conf of the component Telnet Service. The manipulation leads to password in configuration file. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229374 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-05-18 | not yet calculated | CVE-2023-2790MISCMISCMISC |
cnoa -- oa | A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5. Affected by this issue is some unknown functionality of the file /index.php?app=main&func=passport&action=login. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229376. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-05-18 | not yet calculated | CVE-2023-2799MISCMISCMISCMISC |
huggingface -- transformers | Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0. | 2023-05-18 | not yet calculated | CVE-2023-2800MISCCONFIRM |
dell -- cloudiq_collector | Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data. | 2023-05-19 | not yet calculated | CVE-2023-28045MISC |
weaver -- e-cology | A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by this vulnerability is the function RequestInfoByXml of the component API. The manipulation leads to xml external entity reference. The associated identifier of this vulnerability is VDB-229411. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-05-19 | not yet calculated | CVE-2023-2806MISCMISCMISC |
dell -- cloudlink | CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure. | 2023-05-16 | not yet calculated | CVE-2023-28076MISC |
facebook -- hermes | A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | 2023-05-18 | not yet calculated | CVE-2023-28081MISCMISC |
soureccodester -- class_scheduling_system | A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Affected is an unknown function of the file /admin/save_teacher.php of the component POST Parameter Handler. The manipulation of the argument Academic_Rank leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229428. | 2023-05-19 | not yet calculated | CVE-2023-2814MISCMISCMISC |
sourcecodester -- online_jewelery_store | A vulnerability classified as critical was found in SourceCodester Online Jewelry Store 1.0. Affected by this vulnerability is an unknown functionality of the file supplier.php of the component POST Parameter Handler. The manipulation of the argument suppid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229429 was assigned to this vulnerability. | 2023-05-19 | not yet calculated | CVE-2023-2815MISCMISCMISC |
ellucian -- ethos_identity | A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.10.6 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-229596. | 2023-05-20 | not yet calculated | CVE-2023-2822MISCMISCMISCMISC |
sourcecodester -- class_scheduling_system | A vulnerability was found in SourceCodester Class Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit_subject.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229597 was assigned to this vulnerability. | 2023-05-20 | not yet calculated | CVE-2023-2823MISCMISCMISC |
sourcecodester -- dental_clinic_appointment_reservation_system | A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/service.php of the component POST Parameter Handler. The manipulation of the argument service leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-229598 is the identifier assigned to this vulnerability. | 2023-05-20 | not yet calculated | CVE-2023-2824MISCMISCMISC |
brother_industries,_ltd. -- brother_iprint&scan | Brother iPrint&Scan V6.11.2 and earlier contains an improper access control vulnerability. This vulnerability may be exploited by the other app installed on the victim user's Android device, which may lead to displaying the settings and/or log information of the affected app as a print preview. | 2023-05-18 | not yet calculated | CVE-2023-28369MISCMISCMISCMISC |
ibm -- mq | IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398. | 2023-05-19 | not yet calculated | CVE-2023-28514MISCMISC |
ibm -- infosphere_information_server | IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251213. | 2023-05-19 | not yet calculated | CVE-2023-28529MISCMISC |
zulip -- zulip | Zulip is an open-source team collaboration tool with unique topic-based threading. In the event that 1: `ZulipLDAPAuthBackend` and an external authentication backend (any aside of `ZulipLDAPAuthBackend` and `EmailAuthBackend`) are the only ones enabled in `AUTHENTICATION_BACKENDS` in `/etc/zulip/settings.py` and 2: The organization permissions don't require invitations to join. An attacker can create a new account in the organization with an arbitrary email address in their control that's not in the organization's LDAP directory. The impact is limited to installations which have this specific combination of authentication backends as described above in addition to having `Invitations are required for joining this organization` organization permission disabled. This issue has been addressed in version 6.2. Users are advised to upgrade. Users unable to upgrade may enable the `Invitations are required for joining this organization` organization permission to prevent this issue. | 2023-05-19 | not yet calculated | CVE-2023-28623MISCMISC |
facebook -- netconsd | netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data. | 2023-05-18 | not yet calculated | CVE-2023-28753MISCMISC |
ibm -- mq | IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358. | 2023-05-19 | not yet calculated | CVE-2023-28950MISCMISC |
intel -- intel_oneapi_toolkits | Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-05-12 | not yet calculated | CVE-2023-29242MISC |
wordpress -- wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.35 versions. | 2023-05-16 | not yet calculated | CVE-2023-29439MISCMISC |
sofawiki -- sofawiki | SofaWiki <=3.8.9 is vulnerable to Cross Site Scripting (XSS) via index.php. | 2023-05-18 | not yet calculated | CVE-2023-29720MISCMISC |
exelysis -- unified_communication_solution | Cross Site Scripting vulnerability found in Exelysis Unified Communication Solution (EUCS) v.1.0 allows a remote attacker to gain privileges via the URL path of the eucsAdmin login web page. | 2023-05-17 | not yet calculated | CVE-2023-29837MISCMISC |
teslamate -- teslamate | An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link. | 2023-05-18 | not yet calculated | CVE-2023-29857MISCMISC |
flir-dvtel -- flir-dvtel | An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary code via a crafted request to the management page of the device. | 2023-05-15 | not yet calculated | CVE-2023-29861MISCMISC |
agasio -- camera_device | An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters. | 2023-05-15 | not yet calculated | CVE-2023-29862MISCMISC |
sage -- sage | Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the "Windows Peer-to-Peer Network" or "Client Server Network" Sage 300 configurations, could recover the SQL connection strings being used by Sage 300 and interact directly with the underlying database(s) to create, update, and delete all company records, bypassing the program’s role-based access controls. | 2023-05-16 | not yet calculated | CVE-2023-29927MISC |
d-link -- dir-605l | D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup, | 2023-05-16 | not yet calculated | CVE-2023-29961MISCMISC |
sourcecodester -- student_study_center_desk_management_system | Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.php#date_from has a SQL Injection vulnerability. | 2023-05-18 | not yet calculated | CVE-2023-29985MISC |
lavalite -- lavalite | LavaLite v9.0.0 is vulnerable to Cross Site Scripting (XSS). | 2023-05-18 | not yet calculated | CVE-2023-30124MISC |
prestashop -- posstaticblocks | Prestashop posstaticblocks <= 1.0.0 is vulnerable to SQL Injection via posstaticblocks::getPosCurrentHook(). | 2023-05-16 | not yet calculated | CVE-2023-30189MISC |
prestashop -- cdesigner | PrestaShop cdesigner < 3.1.9 is vulnerable to SQL Injection via CdesignerTraitementModuleFrontController::initContent(). | 2023-05-17 | not yet calculated | CVE-2023-30191MISC |
prestashop -- customexporter | Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php. | 2023-05-19 | not yet calculated | CVE-2023-30199MISCMISC |
sourcecodester -- judging_management_system | SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the crit_id parameter of the edit_criteria.php file. | 2023-05-15 | not yet calculated | CVE-2023-30245MISCMISC |
prestashop -- scquickaccounting | Insecure permissions in the ps_customer table of Prestashop scquickaccounting before v3.7.3 allows attackers to access sensitive information stored in the component. | 2023-05-16 | not yet calculated | CVE-2023-30281MISC |
perfreeblog -- perfreeblog | An arbitrary file upload vulnerability in the component /admin/ThemeController.java of PerfreeBlog v3.1.2 allows attackers to execute arbitrary code via a crafted file. | 2023-05-18 | not yet calculated | CVE-2023-30333MISC |
ibm -- powervm_hypervisor | An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server. IBM X-Force ID: 252706. | 2023-05-17 | not yet calculated | CVE-2023-30438MISCMISC |
morosystems -- easymind | The MoroSystems EasyMind - Mind Maps plugin before 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter. | 2023-05-17 | not yet calculated | CVE-2023-30452MISCMISC |
facebook -- hermes | A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | 2023-05-18 | not yet calculated | CVE-2023-30470MISCMISC |
wordpress -- wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ThimPress LearnPress Export Import plugin <= 4.0.2 versions. | 2023-05-18 | not yet calculated | CVE-2023-30487MISC |
hpe -- aruba_edgeconnect_enterprise | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | 2023-05-16 | not yet calculated | CVE-2023-30501MISC |
hpe -- aruba_edgeconnect_enterprise | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | 2023-05-16 | not yet calculated | CVE-2023-30502MISC |
hpe -- aruba_edgeconnect_enterprise | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | 2023-05-16 | not yet calculated | CVE-2023-30503MISC |
hpe -- aruba_edgeconnect_enterprise | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | 2023-05-16 | not yet calculated | CVE-2023-30504MISC |
hpe -- aruba_edgeconnect_enterprise | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | 2023-05-16 | not yet calculated | CVE-2023-30505MISC |
hpe -- aruba_edgeconnect_enterprise | Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | 2023-05-16 | not yet calculated | CVE-2023-30506MISC |
hpe -- aruba_edgeconnect_enterprise | Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. | 2023-05-16 | not yet calculated | CVE-2023-30507MISC |
hpe -- aruba_edgeconnect_enterprise | Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. | 2023-05-16 | not yet calculated | CVE-2023-30508MISC |
hpe -- aruba_edgeconnect_enterprise | Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. | 2023-05-16 | not yet calculated | CVE-2023-30509MISC |
hpe -- aruba_edgeconnect_enterprise | A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance. | 2023-05-16 | not yet calculated | CVE-2023-30510MISC |
intel -- soc_watch | Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-05-12 | not yet calculated | CVE-2023-30763MISC |
intel -- server_board_s2600wtt | Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-05-12 | not yet calculated | CVE-2023-30768MISC |
libtiff -- libtiff | A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. | 2023-05-19 | not yet calculated | CVE-2023-30774MISCMISCMISC |
libtiff -- libtiff | A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c. | 2023-05-19 | not yet calculated | CVE-2023-30775MISCMISCMISC |
wordpress -- wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TheGuideX User IP and Location plugin <= 2.2 versions. | 2023-05-18 | not yet calculated | CVE-2023-30780MISC |
wordpress -- wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jon Christopher CMS Tree Page View plugin <= 1.6.7 versions. | 2023-05-18 | not yet calculated | CVE-2023-30868MISC |
greenplum-db -- greenplum-db | Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this vulnerability to overwrite data or system files potentially leading to crash or malfunction of the system. Any files which are accessible to the running process are at risk. All users are requested to upgrade to Greenplum Database version 6.23.2 or higher. There are no known workarounds for this vulnerability. | 2023-05-15 | not yet calculated | CVE-2023-31131MISCMISC |
dgraph-io -- dgraph-io | Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initialized when an audit log is created. The last 4 bytes come from the length of the log line being encrypted. This is problematic because two log lines will often have the same length, so due to these collisions we are reusing the same nonce many times. All audit logs generated by versions of Dgraph <v23.0.0 are affected. Attackers must have access to the system the logs are stored on. Dgraph users should upgrade to v23.0.0. Users unable to upgrade should store existing audit logs in a secure location and for extra security, encrypt using an external tool like `gpg`. | 2023-05-17 | not yet calculated | CVE-2023-31135MISCMISCMISC |
collaboraonline -- collaboraonline | Collabora Online is a collaborative online office suite based on LibreOffice technology. This vulnerability report describes a reflected XSS vulnerability with full CSP bypass in Nextcloud installations using the recommended bundle. The vulnerability can be exploited to perform a trivial account takeover attack. The vulnerability allows attackers to inject malicious code into web pages, which can be executed in the context of the victim's browser session. This means that an attacker can steal sensitive data, such as login credentials or personal information, or perform unauthorized actions on behalf of the victim, such as modifying or deleting data. In this specific case, the vulnerability allows for a trivial account takeover attack. An attacker can exploit the vulnerability to inject code into the victim's browser session, allowing the attacker to take over the victim's account without their knowledge or consent. This can lead to unauthorized access to sensitive information and data, as well as the ability to perform actions on behalf of the victim. Furthermore, the fact that the vulnerability bypasses the Content Security Policy (CSP) makes it more dangerous, as CSP is an important security mechanism used to prevent cross-site scripting attacks. By bypassing CSP, attackers can circumvent the security measures put in place by the web application and execute their malicious code. This issue has been patched in versions 22.05.13, 21.11.9, and 6.4.27. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-05-15 | not yet calculated | CVE-2023-31145MISC |
intel -- trace_analyzer_collector | Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-05-12 | not yet calculated | CVE-2023-31197MISC |
intel -- solid_state_drive_toolbox | Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-05-12 | not yet calculated | CVE-2023-31199MISC |
checkmk_gmbh -- checkmk | Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users. | 2023-05-17 | not yet calculated | CVE-2023-31208MISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Haoqisir Baidu Tongji generator plugin <= 1.0.2 versions. | 2023-05-18 | not yet calculated | CVE-2023-31233MISC |
sick_ag -- sick_ftmg_air_flow_sensor | Cleartext Storage of Sensitive Information in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to potentially steal user credentials that are stored in the user’s browsers local storage via cross-site-scripting attacks. | 2023-05-15 | not yet calculated | CVE-2023-31408MISCMISCMISC |
sick_ag -- sick_ftmg_air_flow_sensor | Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an remote attacker to influence the availability of the webserver by invocing a Slowloris style attack via HTTP requests. | 2023-05-15 | not yet calculated | CVE-2023-31409MISCMISCMISC |
pharmacy_management_system -- pharmacy_management_system | Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the email parameter at login_core.php. | 2023-05-16 | not yet calculated | CVE-2023-31519MISC |
opencms -- opencms | A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module. | 2023-05-16 | not yet calculated | CVE-2023-31544MISCMISC |
bludit -- bludit | An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request. | 2023-05-16 | not yet calculated | CVE-2023-31572MISC |
serendipity -- serendipity | An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file. | 2023-05-16 | not yet calculated | CVE-2023-31576MISC |
tenda -- ac5_router | Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. | 2023-05-16 | not yet calculated | CVE-2023-31587MISCMISCMISC |
zammad -- zammad | An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Attackers are also able to gain unauthorized access to existing tickets. | 2023-05-18 | not yet calculated | CVE-2023-31597MISC |
openlink -- virtuoso-opensource | An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31607MISC |
openlink -- virtuoso-opensource | An issue in the artm_div_int component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31608MISC |
openlink -- virtuoso-opensource | An issue in the dfe_unit_col_loci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31609MISC |
openlink -- virtuoso-opensource | An issue in the _IO_default_xsputn component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31610MISC |
openlink -- virtuoso-opensource | An issue in the __libc_longjmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31611MISC |
openlink -- virtuoso-opensource | An issue in the dfe_qexp_list component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31612MISC |
openlink -- virtuoso-opensource | An issue in the __nss_database_lookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31613MISC |
openlink -- virtuoso-opensource | An issue in the mp_box_deserialize_string function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. | 2023-05-15 | not yet calculated | CVE-2023-31614MISC |
openlink -- virtuoso-opensource | An issue in the chash_array component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31615MISC |
openlink -- virtuoso-opensource | An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31616MISC |
openlink -- virtuoso-opensource | An issue in the dk_set_delete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31617MISC |
openlink -- virtuoso-opensource | An issue in the sqlc_union_dt_wrap component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31618MISC |
openlink -- virtuoso-opensource | An issue in the sch_name_to_object component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31619MISC |
openlink -- virtuoso-opensource | An issue in the dv_compare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31620MISC |
openlink -- virtuoso-opensource | An issue in the kc_var_col component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31621MISC |
openlink -- virtuoso-opensource | An issue in the sqlc_make_policy_trig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31622MISC |
openlink -- virtuoso-opensource | An issue in the mp_box_copy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31623MISC |
openlink -- virtuoso-opensource | An issue in the sinv_check_exp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31624MISC |
openlink -- virtuoso-opensource | An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31625MISC |
openlink -- virtuoso-opensource | An issue in the gpf_notice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31626MISC |
openlink -- virtuoso-opensource | An issue in the strhash component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31627MISC |
openlink -- virtuoso-opensource | An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31628MISC |
openlink -- virtuoso-opensource | An issue in the sqlo_union_scope component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31629MISC |
openlink -- virtuoso-opensource | An issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31630MISC |
openlink -- virtuoso-opensource | An issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | 2023-05-15 | not yet calculated | CVE-2023-31631MISC |
redis -- redis | redis-7.0.10 was discovered to contain a segmentation violation. | 2023-05-18 | not yet calculated | CVE-2023-31655MISC |
luowice -- luowice | Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter. | 2023-05-16 | not yet calculated | CVE-2023-31677MISC |
videogo -- videogo | Incorrect access control in Videogo v6.8.1 allows attackers to bind shared devices after the connection has been ended. | 2023-05-16 | not yet calculated | CVE-2023-31678MISC |
videogo -- videogo | Incorrect access control in Videogo v6.8.1 allows attackers to access images from other devices via modification of the Device Id parameter. | 2023-05-16 | not yet calculated | CVE-2023-31679MISC |
bludit -- bludit | Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. | 2023-05-17 | not yet calculated | CVE-2023-31698MISCMISC |
churchcrm -- churchcrm | ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting (XSS) via image file. | 2023-05-17 | not yet calculated | CVE-2023-31699MISC |
tp-link -- tl-wpa4530_kit_v2 | TP-Link TL-WPA4530 KIT V2 (EU)_170406 and V2 (EU)_161115 is vulnerable to Command Injection via _httpRpmPlcDeviceAdd. | 2023-05-17 | not yet calculated | CVE-2023-31700MISC |
tp-link -- tl-wpa4530_kit_v2 | TP-Link TL-WPA4530 KIT V2 (EU)_170406 and V2 (EU)_161115 is vulnerable to Command Injection via _httpRpmPlcDeviceRemove. | 2023-05-17 | not yet calculated | CVE-2023-31701MISC |
microwold_technologies -- escan_management_console | SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1. | 2023-05-17 | not yet calculated | CVE-2023-31702MISC |
microwold_technologies -- escan_management_console | Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter. | 2023-05-17 | not yet calculated | CVE-2023-31703MISC |
semcms -- semcms | SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php. | 2023-05-19 | not yet calculated | CVE-2023-31707MISC |
nasm -- nasm | There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). | 2023-05-17 | not yet calculated | CVE-2023-31722MISC |
yasm -- yasm | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function expand_mmac_params at /nasm/nasm-pp.c. | 2023-05-17 | not yet calculated | CVE-2023-31723MISCMISC |
yasm -- yasm | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function do_directive at /nasm/nasm-pp.c. | 2023-05-17 | not yet calculated | CVE-2023-31724MISCMISC |
yasm -- yasm | yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c. | 2023-05-17 | not yet calculated | CVE-2023-31725MISCMISC |
totolink -- a3300r | TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection. | 2023-05-18 | not yet calculated | CVE-2023-31729MISCMISC |
tp-link -- archer_vr1600v_devices | A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. 0.9.1 v5006.0 Build 220518 Rel.32480n which allows remote attackers, authenticated to the administrative web portal as an administrator user to open an operating system level shell via the 'X_TP_IfName' parameter. | 2023-05-19 | not yet calculated | CVE-2023-31756MISC |
dedecms -- dedecms | DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php via parameters 'edit___cfg_powerby' and 'edit___cfg_beian' | 2023-05-19 | not yet calculated | CVE-2023-31757MISC |
sourecodester -- faculty_evaluation_system | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=edit_faculty&id=. | 2023-05-15 | not yet calculated | CVE-2023-31842MISC |
sourecodester -- faculty_evaluation_system | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=. | 2023-05-15 | not yet calculated | CVE-2023-31843MISC |
sourecodester -- faculty_evaluation_system | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_subject.php?id=. | 2023-05-15 | not yet calculated | CVE-2023-31844MISC |
sourecodester -- faculty_evaluation_system | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_class.php?id=. | 2023-05-15 | not yet calculated | CVE-2023-31845MISC |
davinci -- davinci | In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side. | 2023-05-17 | not yet calculated | CVE-2023-31847MISC |
davinci -- davinci | davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF). | 2023-05-17 | not yet calculated | CVE-2023-31848MISC |
totolink -- cp300_plus | A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594_B20200910 allows attackers to execute arbitrary commands via a crafted http packet. | 2023-05-16 | not yet calculated | CVE-2023-31856MISC |
sourcecodester -- online_computer_laptop_store | Sourcecodester Online Computer and Laptop Store 1.0 allows unrestricted file upload and can lead to remote code execution. The vulnerability path is /classes/Users.php?f=save. | 2023-05-16 | not yet calculated | CVE-2023-31857MISC |
jizhicms -- jizhicms | jizhicms v2.4.6 is vulnerable to Cross Site Scripting (XSS). The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the request package. | 2023-05-19 | not yet calculated | CVE-2023-31862MISC |
opentext -- documentum_content_server | OpenText Documentum Content Server before 23.2 has a flaw that allows for privilege escalation from a non-privileged Documentum user to root. The software comes prepackaged with a root owned SUID binary dm_secure_writer. The binary has security controls in place preventing creation of a file in a non-owned directory, or as the root user. However, these controls can be carefully bypassed to allow for an arbitrary file write as root. | 2023-05-18 | not yet calculated | CVE-2023-31871MISC |
glazedlists -- glazedlists | An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter. | 2023-05-16 | not yet calculated | CVE-2023-31890MISC |
rpa_technology -- mobile_mouse | RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution (RCE). | 2023-05-17 | not yet calculated | CVE-2023-31902MISCMISC |
guppy_cms -- guppy_cms | GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload which allows remote attackers to execute arbitrary code by uploading a php file. | 2023-05-17 | not yet calculated | CVE-2023-31903MISCMISC |
savysoda -- wi-fi_hd_wireless_disk_drive | savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion. | 2023-05-17 | not yet calculated | CVE-2023-31904MISC |
edimax -- wireless_router_n300 | A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations. | 2023-05-12 | not yet calculated | CVE-2023-31983MISC |
edimax -- wireless_router_n300 | A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations. | 2023-05-15 | not yet calculated | CVE-2023-31986MISC |
xwiki -- xwiki_platform | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions prior to 14.10.4 it's possible to exploit well known parameters in XWiki URLs to perform redirection to untrusted site. This vulnerability was partially fixed in the past for XWiki 12.10.7 and 13.3RC1 but there is still the possibility to force specific URLs to skip some checks, e.g. using URLs like `http:example.com` in the parameter would allow the redirect. The issue has now been patched against all patterns that are known for performing redirects. This issue has been patched in XWiki 14.10.4 and 15.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-05-15 | not yet calculated | CVE-2023-32068MISCMISCMISCMISC |
silicon_labs -- gecko_platform_sdk | Compiler removal of buffer clearing in
sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 2023-05-18 | not yet calculated | CVE-2023-32096MISCMISC |
silicon_labs -- gecko_platform_sdk | Compiler removal of buffer clearing in
sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 2023-05-18 | not yet calculated | CVE-2023-32097MISCMISC |
silicon_labs -- gecko_platform_sdk | Compiler removal of buffer clearing in
sli_se_sign_message in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 2023-05-18 | not yet calculated | CVE-2023-32098MISCMISC |
silicon_labs -- gecko_platform_sdk | Compiler removal of buffer clearing in
sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 2023-05-18 | not yet calculated | CVE-2023-32099MISCMISC |
silicon_labs -- gecko_platform_sdk | Compiler removal of buffer clearing in
sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 2023-05-18 | not yet calculated | CVE-2023-32100MISCMISC |
wordpress -- wordpress | Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. | 2023-05-12 | not yet calculated | CVE-2023-32243MISCMISCMISC |
planet_labs -- planet_client_python | Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in version 2.0.1. As a workaround, set the secret file permissions to only user read/write by hand. | 2023-05-12 | not yet calculated | CVE-2023-32303MISCMISCMISC |
aiven-extras -- aiven-extras | aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages missing schema qualifiers on privileged functions called by the aiven-extras extension. A low privileged user can create objects that collide with existing function names, which will then be executed instead. Exploiting this vulnerability could allow a low privileged user to acquire `superuser` privileges, which would allow full, unrestricted access to all data and database functions. And could lead to arbitrary code execution or data access on the underlying host as the `postgres` user. The issue has been patched as of version 1.1.9. | 2023-05-12 | not yet calculated | CVE-2023-32305MISCMISC |
anukotime_tracker -- time_tracker | Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the `reports.php` page was not validating all parameters in POST requests. Because some parameters were not checked, it was possible to craft POST requests with malicious SQL for Time Tracker database. This issue is fixed in version 1.22.13.5792. As a workaround, use the fixed code in `ttReportHelper.class.php` from version 1.22.13.5792. | 2023-05-12 | not yet calculated | CVE-2023-32306MISC |
anuko_timetracker -- anuko_timetracker | anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for errors before adjusting invoice sorting order. Because of this, it was possible to craft a POST request with malicious SQL for Time Tracker database. This issue has been fixed in version 1.22.11.5781. Users are advised to upgrade. Users unable to upgrade may insert an additional check for errors in a condition before calling `ttGroupHelper::getActiveInvoices()` in invoices.php. | 2023-05-15 | not yet calculated | CVE-2023-32308MISCMISC |
pymdown-extensions -- pymdown-extensions | PyMdown Extensions is a set of extensions for the `Python-Markdown` markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax `--8<--"/etc/passwd"` or `--8<--"/proc/self/environ"` the content of these files will be rendered in the generated documentation. Additionally, a path relative to a specified, allowed base path can also be used to render the content of a file outside the specified base paths: `--8<-- "../../../../etc/passwd"`. Within the Snippets extension, there exists a `base_path` option but the implementation is vulnerable to Directory Traversal. The vulnerable section exists in `get_snippet_path(self, path)` lines 155 to 174 in snippets.py. Any readable file on the host where the plugin is executing may have its content exposed. This can impact any use of Snippets that exposes the use of Snippets to external users. It is never recommended to use Snippets to process user-facing, dynamic content. It is designed to process known content on the backend under the control of the host, but if someone were to accidentally enable it for user-facing content, undesired information could be exposed. This issue has been addressed in version 10.0. Users are advised to upgrade. Users unable to upgrade may restrict relative paths by filtering input. | 2023-05-15 | not yet calculated | CVE-2023-32309MISCMISC |
vm2 -- vm2 | vm2 is a sandbox that can run untrusted code with Node's built-in modules. In versions 3.9.17 and lower of vm2 it was possible to get a read-write reference to the node `inspect` method and edit options for `console.log`. As a result a threat actor can edit options for the `console.log` command. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. Users unable to upgrade may make the `inspect` method readonly with `vm.readonly(inspect)` after creating a vm. | 2023-05-15 | not yet calculated | CVE-2023-32313MISCMISCMISCMISC |
vm2 -- vm2 | vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-05-15 | not yet calculated | CVE-2023-32314MISCMISCMISCMISC |
ombi -- ombi | Ombi is an open source application which allows users to request specific media from popular self-hosted streaming servers. Versions prior to 4.38.2 contain an arbitrary file read vulnerability where an Ombi administrative user may access files available to the Ombi server process on the host operating system. Ombi administrators may not always be local system administrators and so this may violate the security expectations of the system. The arbitrary file read vulnerability was present in `ReadLogFile` and `Download` endpoints in `SystemControllers.cs` as the parameter `logFileName` is not sanitized before being combined with the `Logs` directory. When using `Path.Combine(arg1, arg2, arg3)`, an attacker may be able to escape to folders/files outside of `Path.Combine(arg1, arg2)` by using ".." in `arg3`. In addition, by specifying an absolute path for `arg3`, `Path.Combine` will completely ignore the first two arguments and just return just `arg3`. This vulnerability can lead to information disclosure. The Ombi `documentation` suggests running Ombi as a Service with Administrator privileges. An attacker targeting such an application may be able to read the files of any Windows user on the host machine and certain system files. This issue has been addressed in commit `b8a8f029` and in release version 4.38.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as GHSL-2023-088. | 2023-05-18 | not yet calculated | CVE-2023-32322MISCMISCMISCMISCMISC |
wordpress -- wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Matt Gibbs Custom Field Suite plugin <= 2.6.2.1 versions. | 2023-05-18 | not yet calculated | CVE-2023-32515MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in PingOnline Dyslexiefont Free plugin <= 1.0.0 versions. | 2023-05-20 | not yet calculated | CVE-2023-32589MISC |
vyper -- vyper | Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In contracts with more than one regular nonpayable function, it is possible to send funds to the default function, even if the default function is marked `nonpayable`. This applies to contracts compiled with vyper versions prior to 0.3.8. This issue was fixed by the removal of the global `calldatasize` check in commit `02339dfda`. Users are advised to upgrade to version 0.3.8. Users unable to upgrade should avoid use of nonpayable default functions. | 2023-05-19 | not yet calculated | CVE-2023-32675MISCMISC |
zulip -- zulip | Zulip is an open-source team collaboration tool with unique topic-based threading. Zulip administrators can configure Zulip to limit who can add users to streams, and separately to limit who can invite users to the organization. In Zulip Server 6.1 and below, the UI which allows a user to invite a new user also allows them to set the streams that the new user is invited to -- even if the inviting user would not have permissions to add an existing user to streams. While such a configuration is likely rare in practice, the behavior does violate security-related controls. This does not let a user invite new users to streams they cannot see, or would not be able to add users to if they had that general permission. This issue has been addressed in version 6.2. Users are advised to upgrade. Users unable to upgrade may limit sending of invitations down to users who also have the permission to add users to streams. | 2023-05-19 | not yet calculated | CVE-2023-32677MISCMISCMISCMISC |
craft_cms -- craft_cms | Craft CMS is an open source content management system. In affected versions of Craft CMS an unrestricted file extension may lead to Remote Code Execution. If the name parameter value is not empty string('') in the View.php's doesTemplateExist() -> resolveTemplate() -> _resolveTemplateInternal() -> _resolveTemplate() function, it returns directly without extension verification, so that arbitrary extension files are rendered as twig templates. When attacker with admin privileges on a DEV or an improperly configured STG or PROD environment, they can exploit this vulnerability to remote code execution. Code execution may grant the attacker access to the host operating system. This issue has been addressed in version 4.4.6. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2023-05-19 | not yet calculated | CVE-2023-32679MISC |
metabase -- metabase | Metabase is an open source business analytics engine. To edit SQL Snippets, Metabase should have required people to be in at least one group with native query editing permissions to a database–but affected versions of Metabase didn't enforce that requirement. This lack of enforcement meant that: Anyone–including people in sandboxed groups–could edit SQL snippets. They could edit snippets via the API or, in the application UI, when editing the metadata for a model based on a SQL question, and people in sandboxed groups could edit a SQL snippet used in a query that creates their sandbox. If the snippet contained logic that restricted which data that person could see, they could potentially edit that snippet and change their level of data access. The permissions model for SQL snippets has been fixed in Metabase versions 0.46.3, 0.45.4, 0.44.7, 1.46.3, 1.45.4, and 1.44.7. Users are advised to upgrade. Users unable to upgrade should ensure that SQL queries used to create sandboxes exclude SQL snippets. | 2023-05-18 | not yet calculated | CVE-2023-32680MISCMISCMISCMISC |
luatex -- luatex | LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5. | 2023-05-20 | not yet calculated | CVE-2023-32700MISCMISCMISCMISC |
giturlparse -- giturlparse | giturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep through 1.21.0, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package's author placed a ReDoS attack payload in a URL used by the package. | 2023-05-15 | not yet calculated | CVE-2023-32758MISCMISCMISC |
symcon -- ip-symcon | The web interface of Symcon IP-Symcon before 6.3 (i.e., before 2023-05-12) allows a remote attacker to read sensitive files via .. directory-traversal sequences in the URL. | 2023-05-17 | not yet calculated | CVE-2023-32767MISCMISC |
keepass -- keepass | In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation. | 2023-05-15 | not yet calculated | CVE-2023-32784MISCMISCMISC |
opc_ua_legacy_java_stack -- opc_ua_legacy_java_stack | The OPC UA Legacy Java Stack before 6f176f2 enables an attacker to block OPC UA server applications via uncontrolled resource consumption so that they can no longer serve client applications. | 2023-05-15 | not yet calculated | CVE-2023-32787MISCCONFIRMMISC |
synology -- synology_router_manager | Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors. | 2023-05-16 | not yet calculated | CVE-2023-32955MISC |
synology -- synology_router_manager | Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors. | 2023-05-16 | not yet calculated | CVE-2023-32956MISC |
jenkins_pipeline -- jenkins_pipeline | Jenkins Pipeline: Job Plugin does not escape the display name of the build that caused an earlier build to be aborted, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set build display names immediately. | 2023-05-16 | not yet calculated | CVE-2023-32977MISC |
jenkins_ldap -- jenkins_ldap | A cross-site request forgery (CSRF) vulnerability in Jenkins LDAP Plugin allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. | 2023-05-16 | not yet calculated | CVE-2023-32978MISC |
jenkins_email_extension | Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system. | 2023-05-16 | not yet calculated | CVE-2023-32979MISC |
jenkins_email_extension | A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job. | 2023-05-16 | not yet calculated | CVE-2023-32980MISC |
jenkins_pipeline -- jenkins_pipeline | An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content. | 2023-05-16 | not yet calculated | CVE-2023-32981MISC |
jenkins_ansible -- jenkins_ansible | Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | 2023-05-16 | not yet calculated | CVE-2023-32982MISC |
jenkins_ansible -- jenkins_ansible | Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier does not mask extra variables displayed on the configuration form, increasing the potential for attackers to observe and capture them. | 2023-05-16 | not yet calculated | CVE-2023-32983MISC |
jenkins_testng_results -- jenkins_testng_results | Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a crafted TestNG report file. | 2023-05-16 | not yet calculated | CVE-2023-32984MISC |
jenkins_sidebar_link -- jenkins_sidebar_link | Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 2023-05-16 | not yet calculated | CVE-2023-32985MISC |
jenkins_file_paramater -- jenkins_file_parameter | Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content. | 2023-05-16 | not yet calculated | CVE-2023-32986MISC |
jenkins_reverse_proxy_auth -- jenkins_reverse_proxy_auth | A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. | 2023-05-16 | not yet calculated | CVE-2023-32987MISC |
jenkins_azure_vm_agents -- jenkins_azure_vm_agents | A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 2023-05-16 | not yet calculated | CVE-2023-32988MISC |
jenkins_azure_vm_agents -- jenkins_azure_vm_agents | A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. | 2023-05-16 | not yet calculated | CVE-2023-32989MISC |
jenkins_azure_vm_agents -- jenkins_azure_vm_agents | A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. | 2023-05-16 | not yet calculated | CVE-2023-32990MISC |
jenkins_saml_single_sign_on -- jenkins_saml_single_sign_on | A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. | 2023-05-16 | not yet calculated | CVE-2023-32991MISC |
jenkins_saml_single_sign_on -- jenkins_saml_single_sign_on | Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. | 2023-05-16 | not yet calculated | CVE-2023-32992MISC |
jenkins_saml_single_sign_on -- jenkins_saml_single_sign_on | Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | 2023-05-16 | not yet calculated | CVE-2023-32993MISC |
jenkins_saml_single_sign_on -- jenkins_saml_single_sign_on | Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | 2023-05-16 | not yet calculated | CVE-2023-32994MISC |
jenkins_saml_single_sign_on -- jenkins_saml_single_sign_on | A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. | 2023-05-16 | not yet calculated | CVE-2023-32995MISC |
jenkins_saml_single_sign_on -- jenkins_saml_single_sign_on | A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. | 2023-05-16 | not yet calculated | CVE-2023-32996MISC |
jenkins_cas -- jenkins_cas | Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login. | 2023-05-16 | not yet calculated | CVE-2023-32997MISC |
jenkins_appspider -- jenkins_appspider | A cross-site request forgery (CSRF) vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials. | 2023-05-16 | not yet calculated | CVE-2023-32998MISC |
jenkins_appspider -- jenkins_appspider | A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials. | 2023-05-16 | not yet calculated | CVE-2023-32999MISC |
jenkins_ns-nd -- jenkins_ns-nd | Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier does not mask credentials displayed on the configuration form, increasing the potential for attackers to observe and capture them. | 2023-05-16 | not yet calculated | CVE-2023-33000MISC |
jenkins_hashicorp_vault -- jenkins_hashicorp_vault | Jenkins HashiCorp Vault Plugin 360.v0a_1c04cf807d and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 2023-05-16 | not yet calculated | CVE-2023-33001MISC |
jenkins_testcomplete -- jenkins_testcomplete | Jenkins TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2023-05-16 | not yet calculated | CVE-2023-33002MISC |
jenkins_tag_profiler -- jenkins_tag_profiler | A cross-site request forgery (CSRF) vulnerability in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers to reset profiler statistics. | 2023-05-16 | not yet calculated | CVE-2023-33003MISC |
jenkins_tag_profiler -- jenkins_tag_profiler | A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics. | 2023-05-16 | not yet calculated | CVE-2023-33004MISC |
jenkins_wso2_oauth -- jenkins_wso2_oauth | Jenkins WSO2 Oauth Plugin 1.0 and earlier does not invalidate the previous session on login. | 2023-05-16 | not yet calculated | CVE-2023-33005MISC |
jenkins_wso2_oauth -- jenkins_wso2_oauth | A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker's account. | 2023-05-16 | not yet calculated | CVE-2023-33006MISC |
jenkins_loadcomplete -- jenkins_loadcomplete | Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2023-05-16 | not yet calculated | CVE-2023-33007MISC |
linux -- kernel | The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device. | 2023-05-18 | not yet calculated | CVE-2023-33203MISCMISCMISC |
jenkins_loadcomplete -- jenkins_loadcomplete | sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. | 2023-05-18 | not yet calculated | CVE-2023-33204MISC |
foxit_pdf_reader -- foxit_pdf_reader | Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. This is fixed in 12.1.2. | 2023-05-19 | not yet calculated | CVE-2023-33240MISC |
obsidian -- obsidian | Obsidian before 1.2.2 allows calls to unintended APIs (for microphone access, camera access, and desktop notification) via an embedded web page. | 2023-05-20 | not yet calculated | CVE-2023-33244MISCMISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.