Vulnerability Summary for the Week of August 7, 2023 🔗
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device. | 2023-08-08 | 9.9 | CVE-2023-3572 MISC |
qualcomm_inc. — snapdragon | Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. | 2023-08-08 | 9.8 | CVE-2022-40510 MISC |
microsoft — exchange_server | Microsoft Exchange Server Elevation of Privilege Vulnerability | 2023-08-08 | 9.8 | CVE-2023-21709 MISC |
joomla — joomla | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability allows SQL Injection. | 2023-08-07 | 9.8 | CVE-2023-23757 MISC |
joomla — joomla | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability allows SQL Injection. | 2023-08-07 | 9.8 | CVE-2023-23758 MISC |
qualcomm_inc. — snapdragon | Memory corruption in QESL while processing payload from external ESL device to firmware. | 2023-08-08 | 9.8 | CVE-2023-28561 MISC |
pyrocms — pyrocms | PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system. | 2023-08-04 | 9.8 | CVE-2023-29689 MISC MISC |
pega — pega_platform | Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials | 2023-08-07 | 9.8 | CVE-2023-32090 MISC |
paessler — prtg_network_monitor | An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760. Due to command-line parameter injection and an undocumented debug feature flag, an attacker can utilize the HL7 sensor to write arbitrary data to the disk. This can be utilized to write a custom EXE(.bat) sensor, that will then run. This primitive gives remote code execution. | 2023-08-09 | 9.8 | CVE-2023-32781 MISC MISC |
paessler — prtg_network_monitor | An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760. Due to command-line parameter injection and an undocumented debug feature flag, an attacker can utilize the DICOM sensor to write arbitrary data to the disk. This can be utilized to write a custom EXE(.bat) sensor, that will then run. This primitive gives remote code execution. | 2023-08-09 | 9.8 | CVE-2023-32782 MISC MISC |
assaabloy — control_id_idsecure | A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server’s root directory, resulting in remote code execution. | 2023-08-05 | 9.8 | CVE-2023-33367 MISC MISC |
connected_io — connected_io | Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device’s firmware used for device communication using MQTT. An attacker who gained access to these credentials is able to connect to the MQTT broker and send messages on behalf of devices, impersonating them. in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication. | 2023-08-04 | 9.8 | CVE-2023-33372 MISC MISC |
connected_io — connected_io | Connected IO v2.1.0 and prior keeps passwords and credentials in clear-text format, allowing attackers to exfiltrate the credentials and use them to impersonate the devices. | 2023-08-04 | 9.8 | CVE-2023-33373 MISC MISC |
connected_io — connected_io | Connected IO v2.1.0 and prior has a command as part of its communication protocol allowing the management platform to specify arbitrary OS commands for devices to execute. Attackers abusing this dangerous functionality may issue all devices OS commands to execute, resulting in arbitrary remote command execution. | 2023-08-04 | 9.8 | CVE-2023-33374 MISC MISC |
connected_io — connected_io | Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices. | 2023-08-04 | 9.8 | CVE-2023-33375 MISC MISC |
connected_io — connected_io | Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | 2023-08-04 | 9.8 | CVE-2023-33376 MISC MISC |
connected_io — connected_io | Connected IO v2.1.0 and prior has an OS command injection vulnerability in the set firewall command in part of its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | 2023-08-04 | 9.8 | CVE-2023-33377 MISC MISC |
connected_io — connected_io | Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | 2023-08-04 | 9.8 | CVE-2023-33378 MISC MISC |
connected_io — connected_io | Connected IO v2.1.0 and prior has a misconfiguration in their MQTT broker used for management and device communication, which allows devices to connect to the broker and issue commands to other device, impersonating Connected IO management platform and sending commands to all of Connected IO’s devices. | 2023-08-04 | 9.8 | CVE-2023-33379 MISC MISC |
ai-dev — ai-table | ai-dev aitable before v0.2.2 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php. | 2023-08-04 | 9.8 | CVE-2023-33665 MISC MISC |
a2technology — camera_trap_tracking_system | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in a2 Camera Trap Tracking System allows SQL Injection.This issue affects Camera Trap Tracking System: before 3.1905. | 2023-08-08 | 9.8 | CVE-2023-3386 MISC |
joomla — joomla | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability allows SQL Injection. | 2023-08-07 | 9.8 | CVE-2023-34476 MISC |
joomla — joomla | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability allows SQL Injection. | 2023-08-07 | 9.8 | CVE-2023-34477 MISC |
wordpress — wordpress | The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the ‘wp_abspath’ parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server. | 2023-08-12 | 9.8 | CVE-2023-3452 MISC MISC MISC |
cszcms– cszcms | A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to run arbitrary SQL commands via p parameter or the search URL. | 2023-08-09 | 9.8 | CVE-2023-34545 MISC MISC |
a2technology — license_portal_system | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in a2 License Portal System allows SQL Injection.This issue affects License Portal System: before 1.48. | 2023-08-08 | 9.8 | CVE-2023-3522 MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Remote Code Execution Vulnerability | 2023-08-08 | 9.8 | CVE-2023-35385 MISC |
langchain — langchain | An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the PALChain,from_math_prompt(llm) |
2023-08-05 | 9.8 | CVE-2023-36095 MISC MISC MISC |
phpjabbers — class_scheduling_system | In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. | 2023-08-04 | 9.8 | CVE-2023-36134 MISC MISC |
phpjabbers — document_creator | There is a SQL injection (SQLi) vulnerability in the “column” parameter of index.php in PHPJabbers Document Creator v1.0. | 2023-08-10 | 9.8 | CVE-2023-36311 MISC MISC |
aerospike — aerospike_java_client | The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them without further validation. Attackers that manage to trick clients into communicating with a malicious server can include especially crafted objects in its responses that, once deserialized by the client, force it to execute arbitrary code. This can be abused to take control of the machine the client is running on. Versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 contain a patch for this issue. | 2023-08-04 | 9.8 | CVE-2023-36480 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
digital_ant — e-commerce_software | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Digital Ant E-Commerce Software allows SQL Injection. This issue affects E-Commerce Software: before 11. | 2023-08-08 | 9.8 | CVE-2023-3651 MISC |
zoom — zoom_for_windows | Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access. | 2023-08-08 | 9.8 | CVE-2023-36534 MISC |
microsoft — windows_server_2008 | Windows System Assessment Tool Elevation of Privilege Vulnerability | 2023-08-08 | 9.8 | CVE-2023-36903 MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Remote Code Execution Vulnerability | 2023-08-08 | 9.8 | CVE-2023-36910 MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Remote Code Execution Vulnerability | 2023-08-08 | 9.8 | CVE-2023-36911 MISC |
oduyo — online_collection | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Oduyo Online Collection Software allows SQL Injection. This issue affects Online Collection Software: before 1.0.1. | 2023-08-08 | 9.8 | CVE-2023-3716 MISC |
farmakom — remote_administration_console | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Farmakom Remote Administration Console allows SQL Injection. This issue affects Remote Administration Console: before 1.02. | 2023-08-08 | 9.8 | CVE-2023-3717 MISC |
siemens — ruggedcom_crossbow | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote attackers to execute arbitrary SQL queries on the server database. | 2023-08-08 | 9.8 | CVE-2023-37372 MISC |
metabase — metabase | Metabase is an open-source business intelligence and analytics platform. Prior to versions 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4, a vulnerability could potentially allow remote code execution on one’s Metabase server. The core issue is that one of the supported data warehouses (an embedded in-memory database H2), exposes a number of ways for a connection string to include code that is then executed by the process running the embedded database. Because Metabase allows users to connect to databases, this means that a user supplied string can be used to inject executable code. Metabase allows users to validate their connection string before adding a database (including on setup), and this validation API was the primary vector used as it can be called without validation. Versions 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4 fix this issue by removing the ability of users to add H2 databases entirely. As a workaround, it is possible to block these vulnerabilities at the network level by blocking the endpoints `POST /api/database`, `PUT /api/database/:id`, and `POST /api/setup/validateuntil`. Those who use H2 as a file-based database should migrate to SQLite. | 2023-08-04 | 9.8 | CVE-2023-37470 MISC |
sap — powerdesigner | SAP PowerDesigner – version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries against the back-end database via Proxy. | 2023-08-08 | 9.8 | CVE-2023-37483 MISC MISC |
sourcecodester — judging_management_system | Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-jms/deductScores.php. | 2023-08-08 | 9.8 | CVE-2023-37682 MISC MISC |
hikashop — hikashop | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability allows SQL Injection. | 2023-08-07 | 9.8 | CVE-2023-38044 MISC MISC |
microsoft — windows_server_2022 | Windows Mobile Device Management Elevation of Privilege Vulnerability | 2023-08-08 | 9.8 | CVE-2023-38186 MISC |
minecraft — minecraft | Logistics Pipes is a modification (a.k.a. mod) for the computer game Minecraft Java Edition. The mod used Java’s `ObjectInputStream#readObject` on untrusted data coming from clients or servers over the network resulting in possible remote code execution when sending specifically crafted network packets after connecting. The affected versions were released between 2013 and 2016 and the issue (back then unknown) was fixed in 2016 by a refactoring of the network IO code. The issue is present in all Logistics Pipes versions ranged from 0.7.0.91 prior to 0.10.0.71, which were downloaded from different platforms summing up to multi-million downloads. For Minecraft version 1.7.10 the issue was fixed in build 0.10.0.71. Everybody on Minecraft 1.7.10 should check their version number of Logistics Pipes in their modlist and update, if the version number is smaller than 0.10.0.71. Any newer supported Minecraft version (like 1.12.2) never had a Logistics Pipes version with vulnerable code. The best available workaround for vulnerable versions is to play in singleplayer only or update to newer Minecraft versions and modpacks. | 2023-08-04 | 9.8 | CVE-2023-38689 MISC MISC MISC |
matrix — matrix_irc_bridge | matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0.1 and above are patched. There are no robust workarounds to the bug. One may disable dynamic channels in the config to disable the most common execution method but others may exist. | 2023-08-04 | 9.8 | CVE-2023-38690 MISC MISC MISC |
fit2cloud — cloudexplorer_lite | CloudExplorer Lite is an open source, lightweight cloud management platform. Versions prior to 1.3.1 contain a command injection vulnerability in the installation function in module management. The vulnerability has been fixed in v1.3.1. There are no known workarounds aside from upgrading. | 2023-08-04 | 9.8 | CVE-2023-38692 MISC MISC MISC |
datadoghq — import-in-the-middle | import-in-the-middle is a module loading interceptor specifically for ESM modules. The import-in-the-middle loader works by generating a wrapper module on the fly. The wrapper uses the module specifier to load the original module and add some wrapping code. Prior to version 1.4.2, it allows for remote code execution in cases where an application passes user-supplied input directly to the `import()` function. This vulnerability has been patched in import-in-the-middle version 1.4.2. Some workarounds are available. Do not pass any user-supplied input to `import()`. Instead, verify it against a set of allowed values. If using import-in-the-middle, directly or indirectly, and support for EcmaScript Modules is not needed, ensure that no options are set, either via command-line or the `NODE_OPTIONS` environment variable, that would enable loader hooks. | 2023-08-07 | 9.8 | CVE-2023-38704 MISC MISC |
netgear — r7100lg_firmware | Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi. | 2023-08-07 | 9.8 | CVE-2023-38928 MISC MISC |
tenda — 4g300_firmware | Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer. | 2023-08-07 | 9.8 | CVE-2023-38929 MISC |
tenda — ac7_firmware | Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | 2023-08-07 | 9.8 | CVE-2023-38930 MISC |
tenda — ac10_firmware | Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function. | 2023-08-07 | 9.8 | CVE-2023-38931 MISC |
tenda — f1202_firmware | Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function. | 2023-08-07 | 9.8 | CVE-2023-38932 MISC MISC |
tenda — ac10_firmware | Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. | 2023-08-07 | 9.8 | CVE-2023-38933 MISC |
tenda — fh1203_firmware | Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. | 2023-08-07 | 9.8 | CVE-2023-38934 MISC |
tenda — ac1206_firmware | Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. | 2023-08-07 | 9.8 | CVE-2023-38935 MISC |
tenda — ac10_firmware | Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | 2023-08-07 | 9.8 | CVE-2023-38936 MISC |
tenda — ac10_firmware | Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function. | 2023-08-07 | 9.8 | CVE-2023-38937 MISC |
tenda — f1202_firmware | Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter at /L7Im. | 2023-08-07 | 9.8 | CVE-2023-38938 MISC |
tenda — f1202_firmware | Tenda F1202 V1.2.0.9 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the mit_ssid parameter in the formWrlsafeset function. | 2023-08-07 | 9.8 | CVE-2023-38939 MISC |
tenda — fh1203_firmware | Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | 2023-08-07 | 9.8 | CVE-2023-38940 MISC |
mayanets — e-commerce | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in mAyaNet E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: before 1.1. | 2023-08-08 | 9.8 | CVE-2023-3898 MISC |
papercut — papercut_mf | PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration). | 2023-08-04 | 9.8 | CVE-2023-39143 MISC MISC |
zoom — zoom | Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access. | 2023-08-08 | 9.8 | CVE-2023-39216 MISC |
renjikai — linuxasmcallgraph | LinuxASMCallGraph is software for drawing the call graph of the programming code. Linux ASMCallGraph before commit 20dba06bd1a3cf260612d4f21547c2 |
2023-08-04 | 9.8 | CVE-2023-39346 MISC MISC MISC MISC |
prestashop — prestashop | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, SQL injection possible in the product search field, in BO’s product page. Version 8.1.1 contains a patch for this issue. There are no known workarounds. | 2023-08-07 | 9.8 | CVE-2023-39524 MISC MISC |
prestashop — prestashop | PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back office. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds. | 2023-08-07 | 9.8 | CVE-2023-39526 MISC MISC |
phpgurukul — online_security_guards_hiring_ |
PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php. | 2023-08-04 | 9.8 | CVE-2023-39551 MISC |
phpjabbers — ticket_support_script | A File Upload vulnerability in PHPJabbers Ticket Support Script v3.2 allows attackers to execute arbitrary code via uploading a crafted file. | 2023-08-10 | 9.8 | CVE-2023-39776 MISC MISC |
clusterlabs — libqb | log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. | 2023-08-08 | 9.8 | CVE-2023-39976 MISC MISC MISC |
totolink — t10_v2_firmware | TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setWiFiWpsConfig in /lib/cste_modules/wps.so. Attackers can send crafted data in an MQTT packet, via the pin parameter, to control the return address and execute code. | 2023-08-08 | 9.8 | CVE-2023-40041 MISC |
totolink — t10_v2_firmware | TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setStaticDhcpConfig in /lib/cste_modules/lan.so. Attackers can send crafted data in an MQTT packet, via the comment parameter, to control the return address and execute code. | 2023-08-08 | 9.8 | CVE-2023-40042 MISC MISC MISC |
tongda2000 — tongda_oa | A vulnerability, which was classified as critical, was found in Tongda OA. This affects an unknown part of the file general/system/seal_manage/ |
2023-08-05 | 9.8 | CVE-2023-4165 MISC MISC MISC |
tongda2000 — tongda_oa | A vulnerability has been found in Tongda OA and classified as critical. This vulnerability affects unknown code of the file general/system/seal_manage/ |
2023-08-05 | 9.8 | CVE-2023-4166 MISC MISC MISC |
sourcecodester — hospital_management_system | A vulnerability was found in SourceCodester Hospital Management System 1.0. It has been classified as critical. This affects an unknown part of the file appointmentapproval.php. The manipulation of the argument time leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-236211. | 2023-08-06 | 9.8 | CVE-2023-4176 MISC MISC MISC |
sourcecodester — free_hospital_management_ |
A vulnerability classified as critical has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected is an unknown function of the file /vm/doctor/doctors.php?action= |
2023-08-06 | 9.8 | CVE-2023-4179 MISC MISC MISC |
sourcecodester — free_hospital_management_ |
A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file /vm/login.php. The manipulation of the argument useremail/userpassword leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-236215. | 2023-08-06 | 9.8 | CVE-2023-4180 MISC MISC MISC |
sourcecodester — free_hospital_management_ |
A vulnerability, which was classified as critical, has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this issue is some unknown functionality of the file /vm/admin/delete-doctor.php? |
2023-08-06 | 9.8 | CVE-2023-4181 MISC MISC MISC |
sourcecodester — inventory_management_system | A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. This affects an unknown part of the file edit_sell.php. The manipulation of the argument up_pid leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-236217 was assigned to this vulnerability. | 2023-08-06 | 9.8 | CVE-2023-4182 MISC MISC |
sourcecodester — inventory_management_system | A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file edit_update.php of the component Password Handler. The manipulation of the argument user_id leads to improper access controls. The attack can be initiated remotely. VDB-236218 is the identifier assigned to this vulnerability. | 2023-08-06 | 9.8 | CVE-2023-4183 MISC MISC |
sourcecodester — inventory_management_system | A vulnerability was found in SourceCodester Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file sell_return.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-236219. | 2023-08-06 | 9.8 | CVE-2023-4184 MISC MISC |
sourcecodester — online_hospital_management_ |
A vulnerability was found in SourceCodester Online Hospital Management System 1.0. It has been classified as critical. Affected is an unknown function of the file patientlogin.php. The manipulation of the argument loginid/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-236220. | 2023-08-06 | 9.8 | CVE-2023-4185 MISC MISC MISC |
sourcecodester — pharmacy_management_system | A vulnerability was found in SourceCodester Pharmacy Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file manage_website.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236221 was assigned to this vulnerability. | 2023-08-06 | 9.8 | CVE-2023-4186 MISC MISC MISC |
sourcecodester — resort_reservation_system | A vulnerability, which was classified as critical, has been found in SourceCodester Resort Reservation System 1.0. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-236234 is the identifier assigned to this vulnerability. | 2023-08-06 | 9.8 | CVE-2023-4191 MISC MISC MISC |
sourcecodester — resort_reservation_system | A vulnerability, which was classified as critical, was found in SourceCodester Resort Reservation System 1.0. This affects an unknown part of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-236235. | 2023-08-07 | 9.8 | CVE-2023-4192 MISC MISC MISC |
sourcecodester — resort_reservation_system | A vulnerability has been found in SourceCodester Resort Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_fee.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-236236. | 2023-08-07 | 9.8 | CVE-2023-4193 MISC MISC MISC |
sourcecodester — inventory_management_system | A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file product_data.php.. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-236290 is the identifier assigned to this vulnerability. | 2023-08-07 | 9.8 | CVE-2023-4200 MISC MISC MISC |
sourcecodester — inventory_management_system | A vulnerability was found in SourceCodester Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file ex_catagory_data.php. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-236291. | 2023-08-07 | 9.8 | CVE-2023-4201 MISC MISC MISC |
phoenixcontact — multiple_products | In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user’s browser. | 2023-08-08 | 9.6 | CVE-2023-3526 MISC MISC |
opnsense — opnsense | /ui/cron/item/open in the Cron component of OPNsense before 23.7 allows XSS. | 2023-08-09 | 9.6 | CVE-2023-39007 MISC MISC |
mitsubishi_electric — gt21_firmware | Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT21 model versions 01.49.000 and prior and GOT SIMPLE Series GS21 model versions 01.49.000 and prior allows a remote unauthenticated attacker to hijack data connections (session hijacking) or prevent legitimate users from establishing data connections (to cause DoS condition) by guessing the listening port of the data connection on FTP server and connecting to it. | 2023-08-04 | 9.1 | CVE-2023-3373 MISC MISC MISC |
adobe — commerce | Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability that could lead to arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction. | 2023-08-09 | 9.1 | CVE-2023-38208 MISC |
nomachine — nomachine | An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks. | 2023-08-04 | 9.1 | CVE-2023-39107 MISC MISC MISC |
prestashop — prestashop | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, in the back office, files can be compromised using path traversal by replaying the import file deletion query with a specified file path that uses the traversal path. Version 8.1.1 contains a patch for this issue. There are no known workarounds. | 2023-08-07 | 9.1 | CVE-2023-39525 MISC MISC |
prestashop — prestashop | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete a file from the server by using the Attachments controller and the Attachments API. Version 8.1.1 contains a patch for this issue. There are no known workarounds. | 2023-08-07 | 9.1 | CVE-2023-39529 MISC MISC |
prestashop — prestashop | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete files from the server via the CustomerMessage API. Version 8.1.1 contains a patch for this issue. There are no known workarounds. | 2023-08-07 | 9.1 | CVE-2023-39530 MISC MISC |
instantcms — instantcms | SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1-git. | 2023-08-05 | 9.1 | CVE-2023-4188 MISC MISC |
sifir_bes_education_and_ |
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz – Homework Helper App allows Authentication Abuse, Authentication Bypass.This issue affects Kunduz – Homework Helper App: before 6.2.3. | 2023-08-09 | 9 | CVE-2023-3632 MISC |
sap — businessobjects_business_ |
SAP Business Objects Installer – versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely compromise the confidentiality, integrity, and availability of the system | 2023-08-08 | 9 | CVE-2023-37490 MISC MISC |
sciencelogic — sl1 | A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system. | 2023-08-09 | 8.8 | CVE-2022-48580 MISC |
sciencelogic — sl1 | A command injection vulnerability exists in the “dash export” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system. | 2023-08-09 | 8.8 | CVE-2022-48581 MISC |
sciencelogic — sl1 | A command injection vulnerability exists in the ticket report generate feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system. | 2023-08-09 | 8.8 | CVE-2022-48582 MISC |
sciencelogic — sl1 | A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system. | 2023-08-09 | 8.8 | CVE-2022-48583 MISC |
sciencelogic — sl1 | A command injection vulnerability exists in the download and convert report feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system. | 2023-08-09 | 8.8 | CVE-2022-48584 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48585 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “json walker” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48586 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48587 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48588 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48589 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48590 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the vendor_state parameter of the “vendor print report” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48591 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the vendor_country parameter of the “vendor print report” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48592 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “topology data service” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48593 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “ticket watchers email” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48594 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “ticket template watchers” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48595 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48596 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “ticket event report” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48597 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “reporter events type date” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48598 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “reporter events type” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48599 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “notes view” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48600 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “network print report” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48601 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “message viewer print” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48602 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48603 MISC |
sciencelogic — sl1 | A SQL injection vulnerability exists in the “logging export” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | 2023-08-09 | 8.8 | CVE-2022-48604 MISC |
siemens — ruggedcom_crossbow | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges. | 2023-08-08 | 8.8 | CVE-2023-27411 MISC |
wordpress — wordpress | The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.15 does not properly sanitize and escape a parameter before using it in an SQL statement, which could allow any authenticated users, such as subscribers, to perform SQL Injection attacks. | 2023-08-07 | 8.8 | CVE-2023-2843 MISC |
microsoft — teams | Microsoft Teams Remote Code Execution Vulnerability | 2023-08-08 | 8.8 | CVE-2023-29328 MISC |
microsoft — teams | Microsoft Teams Remote Code Execution Vulnerability | 2023-08-08 | 8.8 | CVE-2023-29330 MISC |
zohocorp — manageengine_network_ |
An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking. | 2023-08-04 | 8.8 | CVE-2023-29505 MISC MISC CONFIRM |
microsoft — exchange_server | Microsoft Exchange Remote Code Execution Vulnerability | 2023-08-08 | 8.8 | CVE-2023-35368 MISC |
microsoft — windows_server_2008 | Windows Fax Service Remote Code Execution Vulnerability | 2023-08-08 | 8.8 | CVE-2023-35381 MISC |
microsoft — windows_server_2012 | Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability | 2023-08-08 | 8.8 | CVE-2023-35387 MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device. | 2023-08-08 | 8.8 | CVE-2023-3570 MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device. | 2023-08-08 | 8.8 | CVE-2023-3571 MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations to gain full access to the device. | 2023-08-08 | 8.8 | CVE-2023-3573 MISC |
netgear — xr300_firmware | Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. | 2023-08-07 | 8.8 | CVE-2023-36499 MISC MISC |
zoom — zoom | Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via network access. | 2023-08-08 | 8.8 | CVE-2023-36541 MISC |
microsoft — windows_server_2008 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 2023-08-08 | 8.8 | CVE-2023-36882 MISC |
microsoft — .net_framework | ASP.NET Elevation of Privilege Vulnerability | 2023-08-08 | 8.8 | CVE-2023-36899 MISC |
sap — message_server | The ACL (Access Control List) of SAP Message Server – versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the network of the SAP systems served by the attacked SAP Message server. This may lead to unauthorized read and write of data as well as rendering the system unavailable. | 2023-08-08 | 8.8 | CVE-2023-37491 MISC MISC |
esds.co — emagic_data_center_management | This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on targeted system. | 2023-08-08 | 8.8 | CVE-2023-37569 MISC MISC |
esds.co — emagic_data_center_management | This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system. | 2023-08-08 | 8.8 | CVE-2023-37570 MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device. | 2023-08-09 | 8.8 | CVE-2023-37861 MISC |
microsoft — sql_server | Microsoft OLE DB Remote Code Execution Vulnerability | 2023-08-08 | 8.8 | CVE-2023-38169 MISC |
microsoft — exchange_server | Microsoft Exchange Server Spoofing Vulnerability | 2023-08-08 | 8.8 | CVE-2023-38181 MISC |
microsoft — exchange_server | Microsoft Exchange Server Remote Code Execution Vulnerability | 2023-08-08 | 8.8 | CVE-2023-38185 MISC |
lw-systems — benno_mailarchiv | A CSRF issue was discovered in LWsystems Benno MailArchiv 2.10.1. | 2023-08-09 | 8.8 | CVE-2023-38348 MISC MISC |
netgear — r6900p_firmware | Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at ia_ap_setting.cgi. | 2023-08-07 | 8.8 | CVE-2023-38412 MISC MISC |
netgear — dg834gv5_firmware | Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wla_ssid and wla_temp_ssid parameters at bsw_ssid.cgi. | 2023-08-07 | 8.8 | CVE-2023-38591 MISC MISC |
eng — knowage | Knowage is an open source analytics and business intelligence suite. Starting in the 6.x.x branch and prior to version 8.1.8, the endpoint `/knowage/restful-services/ |
2023-08-04 | 8.8 | CVE-2023-38702 MISC |
pimcore — pimcore | Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. A path traversal vulnerability exists in the `AssetController:: |
2023-08-04 | 8.8 | CVE-2023-38708 MISC MISC |
wger — workout_manager | Cross Site Request Forgery (CSRF) vulnerability in wger Project wger Workout Manager 2.2.0a3 allows a remote attacker to gain privileges via the user-management feature in the gym/views/gym.py, templates/gym/reset_user_ |
2023-08-08 | 8.8 | CVE-2023-38759 MISC MISC |
netgear — wg302v2_firmware | Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgrade_handler function via the firmwareRestore and firmwareServerip parameters. | 2023-08-07 | 8.8 | CVE-2023-38921 MISC MISC |
netgear — jwnr2000v2_firmware | Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function. | 2023-08-07 | 8.8 | CVE-2023-38922 MISC MISC |
netgear — dc112a_firmware | Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi. | 2023-08-07 | 8.8 | CVE-2023-38925 MISC MISC |
netgear — ex6200_firmware | Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wla_temp_ssid parameter at acosNvramConfig_set. | 2023-08-07 | 8.8 | CVE-2023-38926 MISC MISC |
shuize_0x727_project — shuize_0x727 | ShuiZe_0x727 v1.0 was discovered to contain a remote command execution (RCE) vulnerability via the component /iniFile/config.ini. | 2023-08-05 | 8.8 | CVE-2023-38943 MISC MISC |
fobybus — social-media-skeleton | social-media-skeleton is an uncompleted social media project. A SQL injection vulnerability in the project allows UNION based injections, which indirectly leads to remote code execution. Commit 3cabdd35c3d874608883c9eaf9bf69 |
2023-08-04 | 8.8 | CVE-2023-39344 MISC MISC |
apache — airflow | Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The “Run Task” feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the webserver context as well as allows to bypas limitation of access the user has to certain DAGs. The “Run Task” feature is considered dangerous and it has been removed entirely in Airflow 2.6.0 This issue affects Apache Airflow: before 2.6.0. | 2023-08-05 | 8.8 | CVE-2023-39508 MISC MISC MISC |
scancode.io — scancode.io | ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. Prior to version 32.5.1, the software has a possible command injection vulnerability in the docker fetch process as it allows to append malicious commands in the `docker_reference` parameter. In the function `scanpipe/pipes/fetch.py: |
2023-08-07 | 8.8 | CVE-2023-39523 MISC MISC MISC MISC |
netgear — jwnr2000v2_firmware | Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function. | 2023-08-07 | 8.8 | CVE-2023-39550 MISC MISC |
wordpress — wordpress | The WP Ultimate CSV Importer plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.9.8 due to insufficient restriction on the ‘get_header_values’ function. This makes it possible for authenticated attackers, with minimal permissions such as an author, if the administrator previously grants access in the plugin settings, to modify their user role by supplying the ‘wp_capabilities->cus1’ parameter. | 2023-08-04 | 8.8 | CVE-2023-4140 MISC MISC MISC |
wordpress — wordpress | The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the ‘->cus2’ parameter. This allows authenticated attackers with author-level permissions or above, if the administrator previously grants access in the plugin settings, to create a PHP file and execute code on the server. The author resolved this vulnerability by removing the ability for authors and editors to import files, please note that this means php file creation is still allowed for site administrators, use the plugin with caution. | 2023-08-04 | 8.8 | CVE-2023-4141 MISC MISC MISC |
wordpress — wordpress | The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the ‘->cus1’ parameter. This allows authenticated attackers with author-level permissions or above, if the administrator previously grants access in the plugin settings, to execute code on the server. The author resolved this vulnerability by removing the ability for authors and editors to import files, please note that this means remote code execution is still possible for site administrators, use the plugin with caution. | 2023-08-04 | 8.8 | CVE-2023-4142 MISC MISC MISC |
omeka — omeka_s | Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3. | 2023-08-04 | 8.8 | CVE-2023-4159 MISC MISC |
ruijie — rg-ew1200g_firmware | A vulnerability was found in Ruijie RG-EW1200G 1.0(1)B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/set_passwd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236185 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-05 | 8.8 | CVE-2023-4169 MISC MISC MISC |
cockpit-hq — cockpit | PHP Remote File Inclusion in GitHub repository cockpit-hq/cockpit prior to 2.6.3. | 2023-08-06 | 8.8 | CVE-2023-4195 MISC MISC |
wordpress — wordpress | The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7.1 due to insufficient restriction on the ‘rem_save_profile_front’ function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the ‘wp_capabilities’ parameter during a profile update. | 2023-08-09 | 8.8 | CVE-2023-4239 MISC MISC |
wordpress — wordpress | The FULL – Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to execute code by installing plugins from arbitrary remote locations including non-repository sources onto the site, granted they are packaged as a valid WordPress plugin. | 2023-08-09 | 8.8 | CVE-2023-4243 MISC MISC MISC |
wordpress — wordpress | The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the ‘abpr_profileShortcode’ function. This makes it possible for unauthenticated attackers to change user email and password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-08-10 | 8.8 | CVE-2023-4276 MISC MISC |
wordpress — wordpress | The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.0. This is due to missing nonce validation on the ‘process_change_profile_form’ function. This makes it possible for unauthenticated attackers to change user email via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-08-10 | 8.8 | CVE-2023-4277 MISC MISC |
wordpress — wordpress | The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the ‘wpdmpp_update_profile’ function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the ‘profile[role]’ parameter during a profile update. | 2023-08-12 | 8.8 | CVE-2023-4293 MISC MISC MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon. | 2023-08-09 | 8.6 | CVE-2023-37860 MISC |
prestashop — prestashop | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, the `displayAjaxEmailHTML` method can be used to read any file on the server, potentially even outside of the project if the server is not correctly configured. Version 8.1.1 contains a patch for this issue. There are no known workarounds. | 2023-08-07 | 8.6 | CVE-2023-39528 MISC MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service. | 2023-08-09 | 8.2 | CVE-2023-37862 MISC |
hedgedoc — hedgedoc | HedgeDoc is software for creating real-time collaborative markdown notes. Prior to version 1.9.9, the API of HedgeDoc 1 can be used to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one. When the freeURL feature is enabled (by setting the `allowFreeURL` config option or the `CMD_ALLOW_FREEURL` environment variable to `true`), any user with the appropriate permissions can create a note by making a POST request to the `/new/ | 2023-08-04 | 8.2 | CVE-2023-38487 MISC MISC |
cisco — sd-wan_vmanage | A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application. | 2023-08-04 | 8.1 | CVE-2020-26064 MISC |
wordpress — wordpress | The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.14 does not have authorisation when deleting shipment, allowing any authenticated users, such as subscriber to delete arbitrary shipment | 2023-08-07 | 8.1 | CVE-2023-3365 MISC |
sentry — sentry | Sentry is an error tracking and performance monitoring platform. Starting in version 22.1.0 and prior to version 23.7.2, an attacker with access to a token with few or no scopes can query `/api/0/api-tokens/` for a list of all tokens created by a user, including tokens with greater scopes, and use those tokens in other requests. There is no evidence that the issue was exploited on `sentry.io`. For self-hosted users, it is advised to rotate user auth tokens. A fix is available in version 23.7.2 of `sentry` and `self-hosted`. There are no known workarounds. | 2023-08-07 | 8.1 | CVE-2023-39349 MISC MISC MISC MISC MISC |
microsoft — exchange_server | Microsoft Exchange Server Remote Code Execution Vulnerability | 2023-08-08 | 8 | CVE-2023-35388 MISC |
microsoft — sharepoint_server | Microsoft SharePoint Server Spoofing Vulnerability | 2023-08-08 | 8 | CVE-2023-36891 MISC |
microsoft — sharepoint_server | Microsoft SharePoint Server Spoofing Vulnerability | 2023-08-08 | 8 | CVE-2023-36892 MISC |
microsoft — exchange_server | Microsoft Exchange Server Remote Code Execution Vulnerability | 2023-08-08 | 8 | CVE-2023-38182 MISC |
stormshield — ssl_vpn_client | An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine. | 2023-08-05 | 7.8 | CVE-2022-46782 MISC |
qualcomm_inc. — snapdragon | Memory corruption in Trusted Execution Environment while calling service API with invalid address. | 2023-08-08 | 7.8 | CVE-2023-21627 MISC |
qualcomm_inc. — snapdragon | Memory corruption due to untrusted pointer dereference in automotive during system call. | 2023-08-08 | 7.8 | CVE-2023-21643 MISC |
qualcomm_inc. — snapdragon | Memory corruption in RIL while trying to send apdu packet. | 2023-08-08 | 7.8 | CVE-2023-21648 MISC |
qualcomm_inc. — snapdragon | Memory corruption in WLAN while running doDriverCmd for an unspecific command. | 2023-08-08 | 7.8 | CVE-2023-21649 MISC |
qualcomm_inc. — snapdragon | Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. | 2023-08-08 | 7.8 | CVE-2023-21650 MISC |
qualcomm_inc. — snapdragon | Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. | 2023-08-08 | 7.8 | CVE-2023-21651 MISC |
qualcomm_inc. — snapdragon | Memory Corruption in Audio while playing amrwbplus clips with modified content. | 2023-08-08 | 7.8 | CVE-2023-22666 MISC |
qualcomm_inc. — snapdragon | Memory corruption while allocating memory in COmxApeDec module in Audio. | 2023-08-08 | 7.8 | CVE-2023-28537 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code execution in the context of the current user by bypassing the API blacklisting feature. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-29320 MISC |
siemens — parasolid | A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4), Parasolid V34.0 (All versions < V34.0.253), Parasolid V34.1 (All versions < V34.1.243), Parasolid V35.0 (All versions < V35.0.177), Parasolid V35.1 (All versions < V35.1.073). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-30795 MISC |
microsoft — windows_server_2008 | Windows Kernel Elevation of Privilege Vulnerability | 2023-08-08 | 7.8 | CVE-2023-35359 MISC |
microsoft — office_online_server | Microsoft Office Remote Code Execution Vulnerability | 2023-08-08 | 7.8 | CVE-2023-35371 MISC |
microsoft — office | Microsoft Office Visio Remote Code Execution Vulnerability | 2023-08-08 | 7.8 | CVE-2023-35372 MISC |
microsoft — windows_server_2008 | Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability | 2023-08-08 | 7.8 | CVE-2023-35379 MISC |
microsoft — windows_server_2008 | Windows Kernel Elevation of Privilege Vulnerability | 2023-08-08 | 7.8 | CVE-2023-35380 MISC |
microsoft — windows_server_2019 | Windows Kernel Elevation of Privilege Vulnerability | 2023-08-08 | 7.8 | CVE-2023-35382 MISC |
microsoft — windows_server_2012 | Windows Kernel Elevation of Privilege Vulnerability | 2023-08-08 | 7.8 | CVE-2023-35386 MISC |
microsoft — visual_studio_2022 | .NET and Visual Studio Remote Code Execution Vulnerability | 2023-08-08 | 7.8 | CVE-2023-35390 MISC |
zoom — zoom | Untrusted search path in the installer for Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | 2023-08-08 | 7.8 | CVE-2023-36540 MISC |
winitor — pestudio | An issue in PEStudio v.9.52 allows a remote attacker to execute arbitrary code via a crafted DLL file to the PESstudio exeutable. | 2023-08-08 | 7.8 | CVE-2023-36546 MISC |
microsoft — office | Microsoft Office Visio Remote Code Execution Vulnerability | 2023-08-08 | 7.8 | CVE-2023-36865 MISC |
microsoft — office | Microsoft Office Visio Remote Code Execution Vulnerability | 2023-08-08 | 7.8 | CVE-2023-36866 MISC |
microsoft — office | Microsoft Outlook Remote Code Execution Vulnerability | 2023-08-08 | 7.8 | CVE-2023-36895 MISC |
microsoft — office_online_server | Microsoft Excel Remote Code Execution Vulnerability | 2023-08-08 | 7.8 | CVE-2023-36896 MISC |
microsoft — windows_11_21h2 | Tablet Windows User Interface Application Core Remote Code Execution Vulnerability | 2023-08-08 | 7.8 | CVE-2023-36898 MISC |
microsoft — windows_server_2008 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | 2023-08-08 | 7.8 | CVE-2023-36900 MISC |
microsoft — windows_server_2019 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 2023-08-08 | 7.8 | CVE-2023-36904 MISC |
microsoft — windows_server_2019 | Windows Kernel Elevation of Privilege Vulnerability | 2023-08-08 | 7.8 | CVE-2023-38154 MISC |
microsoft — hevc_video_extensions | HEVC Video Extensions Remote Code Execution Vulnerability | 2023-08-08 | 7.8 | CVE-2023-38170 MISC |
microsoft — windows_defender | Microsoft Windows Defender Elevation of Privilege Vulnerability | 2023-08-08 | 7.8 | CVE-2023-38175 MISC |
adobe — dimension | Adobe Dimension version 3.4.9 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-09 | 7.8 | CVE-2023-38211 MISC |
adobe — dimension | Adobe Dimension version 3.4.9 is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-09 | 7.8 | CVE-2023-38212 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38222 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38223 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38224 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38225 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38226 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38227 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38228 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38229 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38231 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38233 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38234 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38235 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 7.8 | CVE-2023-38246 MISC |
siemens — teamcenter_visualization | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain null pointer dereference while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-38524 MISC |
siemens — teamcenter_visualization | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-38525 MISC |
siemens — teamcenter_visualization | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-38526 MISC |
siemens — teamcenter_visualization | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-38527 MISC |
siemens — teamcenter_visualization | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.197), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted X_T file. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-38528 MISC |
siemens — teamcenter_visualization | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-38529 MISC |
siemens — teamcenter_visualization | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-38530 MISC |
siemens — teamcenter_visualization | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-38531 MISC |
vim — vim | Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3 | 2023-08-07 | 7.8 | CVE-2023-3896 MISC MISC |
siemens — solid_edge | A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-39181 MISC |
siemens — solid_edge | A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-39182 MISC |
siemens — solid_edge | A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-39183 MISC |
siemens — solid_edge | A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-39184 MISC |
siemens — solid_edge | A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-39185 MISC |
siemens — solid_edge | A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-39186 MISC |
siemens — solid_edge | A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-39187 MISC |
siemens — solid_edge | A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process. | 2023-08-08 | 7.8 | CVE-2023-39188 MISC |
cryptomator — cryptomator | Cryptomator encrypts data being stored on cloud infrastructure. The MSI installer provided on the homepage for Cryptomator version 1.9.2 allows local privilege escalation for low privileged users, via the `repair` function. The problem occurs as the repair function of the MSI is spawning an SYSTEM Powershell without the `-NoProfile` parameter. Therefore the profile of the user starting the repair will be loaded. Version 1.9.3 contains a fix for this issue. Adding a `-NoProfile` to the powershell is a possible workaround. | 2023-08-07 | 7.8 | CVE-2023-39520 MISC MISC MISC MISC |
wordpress — wordpress | The Qubely WordPress plugin before 1.8.6 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses via the qubely_send_form_data AJAX action. | 2023-08-07 | 7.5 | CVE-2021-24916 MISC |
rarlab — unrar | UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains. | 2023-08-07 | 7.5 | CVE-2022-48579 MISC |
mitsubishic_electric — gt_designer3 | Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.49.000 and prior, GT25 model versions 01.49.000 and prior, GT23 model versions 01.49.000 and prior, GT21 model versions 01.49.000 and prior, GOT SIMPLE Series GS25 model versions 01.49.000 and prior, GS21 model versions 01.49.000 and prior, GT Designer3 Version1 (GOT2000) versions 1.295H and prior and GT SoftGOT2000 versions 1.295H and prior allows a remote unauthenticated attacker to obtain plaintext passwords by sniffing packets containing encrypted passwords and decrypting the encrypted passwords, in the case of transferring data with GT Designer3 Version1(GOT2000) and GOT2000 Series or GOT SIMPLE Series with the Data Transfer Security function enabled, or in the case of transferring data by the SoftGOT-GOT link function with GT SoftGOT2000 and GOT2000 series with the Data Transfer Security function enabled. | 2023-08-04 | 7.5 | CVE-2023-0525 MISC MISC MISC |
qualcomm_inc. — snapdragon | Information disclosure in Network Services due to buffer over-read while the device receives DNS response. | 2023-08-08 | 7.5 | CVE-2023-21625 MISC |
qualcomm_inc. — snapdragon | Transient DOS in Audio while remapping channel buffer in media codec decoding. | 2023-08-08 | 7.5 | CVE-2023-28555 MISC |
assmann — ht-ip211hdp_firmware | Assmann Digitus Plug&View IP Camera HT-IP211HDP, version 2.000.022 allows unauthenticated attackers to download a copy of the camera’s settings and the administrator credentials. | 2023-08-04 | 7.5 | CVE-2023-30146 MISC MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Information Disclosure Vulnerability | 2023-08-08 | 7.5 | CVE-2023-35383 MISC |
microsoft — asp.net_core | ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability | 2023-08-08 | 7.5 | CVE-2023-35391 MISC |
phpjabbers — class_scheduling_system | User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | 2023-08-04 | 7.5 | CVE-2023-36135 MISC MISC |
zoom — zoom | Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access. | 2023-08-08 | 7.5 | CVE-2023-36532 MISC |
zoom — zoom | Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access. | 2023-08-08 | 7.5 | CVE-2023-36533 MISC |
microsoft — windows_server_2016 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | 2023-08-08 | 7.5 | CVE-2023-36905 MISC |
microsoft — windows_server_2008 | Windows Cryptographic Services Information Disclosure Vulnerability | 2023-08-08 | 7.5 | CVE-2023-36906 MISC |
microsoft — windows_server_2008 | Windows Cryptographic Services Information Disclosure Vulnerability | 2023-08-08 | 7.5 | CVE-2023-36907 MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Denial of Service Vulnerability | 2023-08-08 | 7.5 | CVE-2023-36912 MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Information Disclosure Vulnerability | 2023-08-08 | 7.5 | CVE-2023-36913 MISC |
siemens — ruggedcom_crossbow | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications accept unauthenticated file write messages. An unauthenticated remote attacker could write arbitrary files to the affected application’s file system. | 2023-08-08 | 7.5 | CVE-2023-37373 MISC |
projectdiscovery — nuclei | Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. The issue occurred due to relative paths not being converted to absolute paths before doing the check for `sandbox` flag allowing arbitrary files to be read on the filesystem in certain cases when using Nuclei from `Go` SDK implementation. This issue has been fixed in version 2.9.9. The maintainers have also enabled sandbox by default for filesystem loading. This can be optionally disabled if required. The `-sandbox` option has been deprecated and is now divided into two new options: `-lfa` (allow local file access) which is enabled by default and `-lna` (restrict local network access) which can be enabled by users optionally. The `-lfa` allows file (payload) access anywhere on the system (disabling sandbox effectively), and `-lna` blocks connections to the local/private network. | 2023-08-04 | 7.5 | CVE-2023-37896 MISC MISC MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Denial of Service Vulnerability | 2023-08-08 | 7.5 | CVE-2023-38172 MISC |
microsoft — .net | .NET Core and Visual Studio Denial of Service Vulnerability | 2023-08-08 | 7.5 | CVE-2023-38178 MISC |
microsoft — asp.net_core | .NET and Visual Studio Denial of Service Vulnerability | 2023-08-08 | 7.5 | CVE-2023-38180 MISC |
microsoft — windows_server_2008 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 2023-08-08 | 7.5 | CVE-2023-38184 MISC |
metersphere — metersphere | MeterSphere is an open-source continuous testing platform. Prior to version 2.10.4 LTS, some interfaces of the Cloud version of MeterSphere do not have configuration permissions, and are sensitively leaked by attackers. Version 2.10.4 LTS contains a patch for this issue. | 2023-08-04 | 7.5 | CVE-2023-38494 MISC MISC |
xithrius — twitch | twitch-tui provides Twitch chat in a terminal. Prior to version 2.4.1, the connection is not using TLS for communication. In the configuration of the irc connection, the software disables TLS, which makes all communication to Twitch IRC servers unencrypted. As a result, communication, including auth tokens, can be sniffed. Version 2.4.1 has a patch for this issue. | 2023-08-04 | 7.5 | CVE-2023-38688 MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the role and gender parameters within the /QueryView.php component. | 2023-08-08 | 7.5 | CVE-2023-38760 MISC MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the friendmonths parameter within the /QueryView.php. | 2023-08-08 | 7.5 | CVE-2023-38762 MISC MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the birthmonth and percls parameters within the /QueryView.php. | 2023-08-08 | 7.5 | CVE-2023-38764 MISC MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the membermonth parameter within the /QueryView.php. | 2023-08-08 | 7.5 | CVE-2023-38765 MISC MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the ‘value’ and ‘custom’ parameters within the /QueryView.php. | 2023-08-08 | 7.5 | CVE-2023-38767 MISC MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the PropertyID parameter within the /QueryView.php. | 2023-08-08 | 7.5 | CVE-2023-38768 MISC MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the searchstring and searchwhat parameters within the /QueryView.php. | 2023-08-08 | 7.5 | CVE-2023-38769 MISC MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the group parameter within the /QueryView.php. | 2023-08-08 | 7.5 | CVE-2023-38770 MISC MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp parameter within the /QueryView.php. | 2023-08-08 | 7.5 | CVE-2023-38771 MISC MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp1 and volopp2 parameters within the /QueryView.php. | 2023-08-08 | 7.5 | CVE-2023-38773 MISC MISC MISC MISC |
phpjabbers — yacht_listing_script | An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients’ credit card numbers from the Reservations module. | 2023-08-10 | 7.5 | CVE-2023-38830 MISC MISC |
zoom — zoom | Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access. | 2023-08-08 | 7.5 | CVE-2023-39217 MISC |
fujitsu — software_infrastructure_ |
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product’s maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060. | 2023-08-04 | 7.5 | CVE-2023-39379 MISC MISC |
imagemagick — imagemagick | ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw. | 2023-08-08 | 7.5 | CVE-2023-39978 MISC MISC MISC |
wordpress — wordpress | The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. This makes it possible for unauthenticated attackers to list and view exported files. | 2023-08-04 | 7.5 | CVE-2023-4139 MISC MISC |
templatecookie — adlisting | A vulnerability was found in Templatecookie Adlisting 2.14.0. It has been classified as problematic. Affected is an unknown function of the file /ad-list of the component Redirect Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-236184. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-05 | 7.5 | CVE-2023-4168 MISC MISC MISC |
chengdu — flash_flood_disaster_ |
A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-236207. | 2023-08-05 | 7.5 | CVE-2023-4172 MISC MISC MISC |
sourcecodester — inventory_management_system | A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. This affects an unknown part of the file catagory_data.php. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236289 was assigned to this vulnerability. | 2023-08-07 | 7.5 | CVE-2023-4199 MISC MISC MISC |
rust-lang — cargo | Cargo downloads the Rust project’s dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user. To prevent existing cached extractions from being exploitable, the Cargo binary version 0.72.2 included in Rust 1.71.1 or later will purge caches generated by older Cargo versions automatically. As a workaround, configure one’s system to prevent other local users from accessing the Cargo directory, usually located in `~/.cargo`. | 2023-08-04 | 7.3 | CVE-2023-38497 MISC MISC MISC MISC MISC MISC MISC |
semcms — semcms | File Upload vulnerability in SEMCMS 3.9 allows remote attackers to run arbitrary code via SEMCMS_Upfile.php. | 2023-08-05 | 7.2 | CVE-2020-23564 MISC MISC |
google — android | In DRM/oemcrypto, there is a possible out of bounds write due to an incorrect calculation of buffer size.This could lead to remote escalation of privilege with System execution privileges needed | 2023-08-07 | 7.2 | CVE-2023-33913 MISC |
textpattern_cms — textpattern_cms | Directory Traversal vulnerability in Textpattern CMS v4.8.8 allows a remote authenticated attacker to execute arbitrary code and gain access to sensitive information via the plugin Upload function. | 2023-08-07 | 7.2 | CVE-2023-36220 MISC MISC MISC MISC |
phpgurukul — online_nurse_hiring_system | Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the View Request of Nurse Page in the Admin portal. | 2023-08-08 | 7.2 | CVE-2023-37687 MISC MISC MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root. | 2023-08-09 | 7.2 | CVE-2023-37859 MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device. | 2023-08-09 | 7.2 | CVE-2023-37863 MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device. | 2023-08-09 | 7.2 | CVE-2023-37864 MISC |
microsoft — dynamics_365_business_central | Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability | 2023-08-08 | 7.2 | CVE-2023-38167 MISC |
qualcomm_inc. — snapdragon | Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. | 2023-08-08 | 7.1 | CVE-2023-21626 MISC |
qualcomm_inc. — snapdragon | Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. | 2023-08-08 | 7.1 | CVE-2023-21652 MISC |
microsoft — windows_server_2008 | Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability | 2023-08-08 | 7.1 | CVE-2023-36876 MISC |
n-able_technologies — n-central | An issue found in N-able Technologies N-central Server before 2023.4 allows a local attacker to execute arbitrary code via the monitoring function of the server. | 2023-08-04 | 7 | CVE-2023-30297 MISC MISC |
microsoft — windows_server_2019 | Windows Projected File System Elevation of Privilege Vulnerability | 2023-08-08 | 7 | CVE-2023-35378 MISC |
microsoft — azure_arc-enabled_servers | Azure Arc-Enabled Servers Elevation of Privilege Vulnerability | 2023-08-08 | 7 | CVE-2023-38176 MISC |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
wordpress — wordpress | The WP Shopping Pages WordPress plugin through 1.14 does not have CSRF check in some places, and is missing sanitization as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack. | 2023-08-07 | 6.8 | CVE-2023-3492 MISC |
google — android | In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905. | 2023-08-07 | 6.7 | CVE-2023-20783 MISC |
google — android | In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989. | 2023-08-07 | 6.7 | CVE-2023-20784 MISC |
google — android | In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767811; Issue ID: ALPS07767811. | 2023-08-07 | 6.7 | CVE-2023-20786 MISC |
google — android | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07864900; Issue ID: ALPS07864900. | 2023-08-07 | 6.7 | CVE-2023-20795 MISC |
google — android | In camera middleware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629582; Issue ID: ALPS07629582. | 2023-08-07 | 6.7 | CVE-2023-20797 MISC |
mediatek_inc. — multiple_products | In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326384. | 2023-08-07 | 6.7 | CVE-2023-20804 MISC |
mediatek_inc. — multiple_products | In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326411. | 2023-08-07 | 6.7 | CVE-2023-20805 MISC |
google — android | In hcp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07537437. | 2023-08-07 | 6.7 | CVE-2023-20806 MISC |
google — android | In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608433; Issue ID: ALPS07608433. | 2023-08-07 | 6.7 | CVE-2023-20807 MISC |
google — android | In OPTEE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03645895; Issue ID: DTV03645895. | 2023-08-07 | 6.7 | CVE-2023-20808 MISC |
google — android | In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03751198; Issue ID: DTV03751198. | 2023-08-07 | 6.7 | CVE-2023-20809 MISC |
google — android | In IOMMU, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061. | 2023-08-07 | 6.7 | CVE-2023-20811 MISC |
google — android | In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453560; Issue ID: ALPS07453560. | 2023-08-07 | 6.7 | CVE-2023-20814 MISC |
google — android | In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453587; Issue ID: ALPS07453587. | 2023-08-07 | 6.7 | CVE-2023-20815 MISC |
google — android | In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453589; Issue ID: ALPS07453589. | 2023-08-07 | 6.7 | CVE-2023-20816 MISC |
google — android | In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453600; Issue ID: ALPS07453600. | 2023-08-07 | 6.7 | CVE-2023-20817 MISC |
solarwinds_ — serv-u | A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. | 2023-08-11 | 6.6 | CVE-2023-35179 MISC MISC |
cisco — sd-wan_vmanage | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system. | 2023-08-04 | 6.5 | CVE-2020-26065 MISC |
gitea — gitea | In Gitea through 1.17.1, repo cloning can occur in the migration function. | 2023-08-07 | 6.5 | CVE-2022-38795 MISC MISC MISC |
openrefine — openrefine | OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure. | 2023-08-04 | 6.5 | CVE-2022-41401 MISC MISC MISC |
google — chrome | Inappropriate implementation in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) | 2023-08-04 | 6.5 | CVE-2022-4955 MISC MISC |
mediatek_inc. — multiple_products | In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420955. | 2023-08-07 | 6.5 | CVE-2023-20800 MISC |
mediatek_inc. — multiple_products | In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420976. | 2023-08-07 | 6.5 | CVE-2023-20802 MISC |
mediatek_inc. — multiple_products | In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326374. | 2023-08-07 | 6.5 | CVE-2023-20803 MISC |
qualcomm_inc. — snapdragon | Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. | 2023-08-08 | 6.5 | CVE-2023-21647 MISC |
paessler — prtg_network_monitor | An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. The NetApp Volume Sensor transmits cleartext credentials over the network when the HTTP protocol is selected. This can be triggered remotely via a CSRF by simply sending a controls/addsensor3.htm link to a logged-in victim. | 2023-08-09 | 6.5 | CVE-2023-31452 MISC MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Denial of Service Vulnerability | 2023-08-08 | 6.5 | CVE-2023-35376 MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Denial of Service Vulnerability | 2023-08-08 | 6.5 | CVE-2023-35377 MISC |
microsoft — windows_server_2008 | Windows HTML Platforms Security Feature Bypass Vulnerability | 2023-08-08 | 6.5 | CVE-2023-35384 MISC |
microsoft — dynamics_365 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | 2023-08-08 | 6.5 | CVE-2023-35389 MISC |
phpjabbers — class_scheduling_system | PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an attacker to capture all user names and passwords in clear text. | 2023-08-08 | 6.5 | CVE-2023-36136 MISC MISC |
zoom — zoom | Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access. | 2023-08-08 | 6.5 | CVE-2023-36535 MISC |
microsoft — sharepoint_server | Microsoft SharePoint Server Information Disclosure Vulnerability | 2023-08-08 | 6.5 | CVE-2023-36890 MISC |
microsoft — outlook | Microsoft Outlook Spoofing Vulnerability | 2023-08-08 | 6.5 | CVE-2023-36893 MISC |
microsoft — sharepoint_server | Microsoft SharePoint Server Information Disclosure Vulnerability | 2023-08-08 | 6.5 | CVE-2023-36894 MISC |
microsoft — 365_apps | Visual Studio Tools for Office Runtime Spoofing Vulnerability | 2023-08-08 | 6.5 | CVE-2023-36897 MISC |
microsoft — windows_server_2008 | Windows Hyper-V Information Disclosure Vulnerability | 2023-08-08 | 6.5 | CVE-2023-36908 MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Denial of Service Vulnerability | 2023-08-08 | 6.5 | CVE-2023-36909 MISC |
sap — netweaver_application_server_ |
SAP NetWeaver Application Server ABAP and ABAP Platform – versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 793, SAP_BASIS 804, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read sensitive information which can be used in a subsequent serious attack. | 2023-08-08 | 6.5 | CVE-2023-37492 MISC MISC |
microsoft — edge_chromium | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 2023-08-07 | 6.5 | CVE-2023-38157 MISC |
adobe — commerce | Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other user’s data. Exploitation of this issue does not require user interaction. | 2023-08-09 | 6.5 | CVE-2023-38209 MISC |
microsoft — windows_server_2008 | Microsoft Message Queuing Denial of Service Vulnerability | 2023-08-08 | 6.5 | CVE-2023-38254 MISC |
zohocorp — manageengine_admanager_plus | Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user’s account via sensitive information disclosure. | 2023-08-04 | 6.5 | CVE-2023-38332 MISC MISC |
matrix — matrix-appservice-bridge | matrix-appservice-bridge provides an API for setting up bridges. Starting in version 4.0.0 and prior to versions 8.1.2 and 9.0.1, a malicious Matrix server can use a foreign user’s MXID in an OpenID exchange, allowing a bad actor to impersonate users when using the provisioning API. The library does not check that the servername part of the `sub` parameter (containing the user’s *claimed* MXID) is the same as the servername we are talking to. A malicious actor could spin up a server on any given domain, respond with a `sub` parameter according to the user they want to act as and use the resulting token to perform provisioning requests. Versions 8.1.2 and 9.0.1 contain a patch. As a workaround, disable the provisioning API. | 2023-08-04 | 6.5 | CVE-2023-38691 MISC MISC |
cypress_image_snapshot — cypress_image_snapshot | cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it’s possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2. | 2023-08-04 | 6.5 | CVE-2023-38695 MISC MISC MISC MISC |
ensdomains — ethereum_name_service | Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or reduce the expiration time of existing domains. However, a preliminary analysis suggests that an attacker-controlled controller may be able to reduce the expiration time of existing domains due to an integer overflow in the renew function. The vulnerability resides `@ensdomains/ens-contracts` prior to version 0.0.22. If successfully exploited, this vulnerability would enable attackers to force the expiration of any ENS record, ultimately allowing them to claim the affected domains for themselves. Currently, it would require a malicious DAO to exploit it. Nevertheless, any vulnerability present in the controllers could potentially render this issue exploitable in the future. An additional concern is the possibility of renewal discounts. Should ENS decide to implement a system that offers unlimited .eth domains for a fixed fee in the future, the vulnerability could become exploitable by any user due to the reduced attack cost. Version 0.0.22 contains a patch for this issue. As long as registration cost remains linear or superlinear based on registration duration, or limited to a reasonable maximum (eg, 1 million years), this vulnerability could only be exploited by a malicious DAO. The interim workaround is thus to take no action. | 2023-08-04 | 6.5 | CVE-2023-38698 MISC MISC MISC |
mindsdb — mindsdb | MindsDB’s AI Virtual Database allows developers to connect any AI/ML model to any datasource. Prior to version 23.7.4.0, a call to requests with `verify=False` disables SSL certificate checks. This rule enforces always verifying SSL certificates for methods in the Requests library. In version 23.7.4.0, certificates are validated by default, which is the desired behavior. | 2023-08-04 | 6.5 | CVE-2023-38699 MISC MISC MISC |
churchcrm — churchcrm | SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the FundRaiserID parameter within the /FundRaiserEditor.php endpoint. | 2023-08-08 | 6.5 | CVE-2023-38763 MISC MISC MISC MISC |
netgear — dgn3500_firmware | Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi. | 2023-08-07 | 6.5 | CVE-2023-38924 MISC MISC |
shopex — ecshop | ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel. | 2023-08-04 | 6.5 | CVE-2023-39112 MISC |
gitlab — gitlab | An issue has been discovered in GitLab EE affecting all versions starting from 14.1 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for EE-licensed users to link any security policy project by its ID to projects or groups the user has access to, potentially revealing the security projects’s configured security policies. | 2023-08-04 | 6.5 | CVE-2023-4002 MISC |
qemu — qemu | A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed. | 2023-08-04 | 6.5 | CVE-2023-4135 MISC MISC MISC |
admidio — admidio | Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.2.11. | 2023-08-06 | 6.5 | CVE-2023-4190 MISC MISC |
google — android | In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524. | 2023-08-07 | 6.4 | CVE-2023-20785 MISC |
google — android | In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648734. | 2023-08-07 | 6.4 | CVE-2023-20787 MISC |
google — android | In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735. | 2023-08-07 | 6.4 | CVE-2023-20788 MISC |
mediatek_inc. — multiple_products | In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420968. | 2023-08-07 | 6.4 | CVE-2023-20801 MISC |
wordpress — wordpress | The EmbedPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ’embedpress_calendar’ shortcode in versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-08-10 | 6.4 | CVE-2023-4283 MISC MISC MISC |
microsoft — azure_devops_server | Azure DevOps Server Spoofing Vulnerability | 2023-08-08 | 6.3 | CVE-2023-36869 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs plugin <= 1.1.15 versions. | 2023-08-08 | 6.1 | CVE-2023-24409 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WordPress vertical image slider plugin <= 1.2.16 versions. | 2023-08-08 | 6.1 | CVE-2023-24413 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Mocho Blog theme <= 1.0.4 versions. | 2023-08-08 | 6.1 | CVE-2023-27412 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Everest News theme <= 1.1.0 versions. | 2023-08-08 | 6.1 | CVE-2023-27421 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in eggemplo Woocommerce Email Report plugin <= 2.4 versions. | 2023-08-08 | 6.1 | CVE-2023-27627 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeBard CodeBard’s Patron Button and Widgets for Patreon plugin <= 2.1.8 versions. | 2023-08-05 | 6.1 | CVE-2023-30491 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.6 versions. | 2023-08-08 | 6.1 | CVE-2023-32503 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in submodule of David Lingren Media Library Assistant plugin <= 3.0.7 versions. | 2023-08-05 | 6.1 | CVE-2023-34010 MISC |
wordpress — wordpress | The WPCode WordPress plugin before 2.0.13.1 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting | 2023-08-07 | 6.1 | CVE-2023-3524 MISC |
phpjabbers — class_scheduling_system | There is a Cross Site Scripting (XSS) vulnerability in the “theme” parameter of preview.php in PHPJabbers Class Scheduling System 1.0. | 2023-08-04 | 6.1 | CVE-2023-36137 MISC MISC |
sourcecodester — toll_tax_management_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows remote attackers to run arbitrary code via the First Name and Last Name fields on the My Account page. | 2023-08-04 | 6.1 | CVE-2023-36158 MISC MISC MISC MISC |
sourcecodester — lost_and_found_information_ |
Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page. | 2023-08-04 | 6.1 | CVE-2023-36159 MISC MISC MISC |
phpjabbers — document_creator | There is a Cross Site Scripting (XSS) vulnerability in the “action” parameter of index.php in PHPJabbers Document Creator v1.0. | 2023-08-10 | 6.1 | CVE-2023-36309 MISC MISC |
phpjabbers — document_creator | There is a Cross Site Scripting (XSS) vulnerability in the “column” parameter of index.php in PHPJabbers Document Creator v1.0. | 2023-08-10 | 6.1 | CVE-2023-36310 MISC MISC |
phpjabbers — document_creator | PHPJabbers Document Creator v1.0 is vulnerable to Cross Site Scripting (XSS) via all post parameters of “Export Requests” aside from “request_feed”. | 2023-08-10 | 6.1 | CVE-2023-36313 MISC MISC |
phpjabbers — callback_widget | There is a Cross Site Scripting (XSS) vulnerability in the value-text-o_sms_email_ |
2023-08-10 | 6.1 | CVE-2023-36314 MISC MISC |
phpjabbers — callback_widget | There is a Cross Site Scripting (XSS) vulnerability in the “action” parameter of index.php in PHPJabbers Callback Widget v1.0. | 2023-08-10 | 6.1 | CVE-2023-36315 MISC MISC |
digital_ant — e-commerce_software | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Digital Ant E-Commerce Software allows Reflected XSS.This issue affects E-Commerce Software: before 11. | 2023-08-08 | 6.1 | CVE-2023-3652 MISC |
digital_ant — e-commerce_software | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Digital Ant E-Commerce Software allows Stored XSS.This issue affects E-Commerce Software: before 11. | 2023-08-08 | 6.1 | CVE-2023-3653 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CartFlows Pro plugin <= 1.11.11 versions. | 2023-08-05 | 6.1 | CVE-2023-36686 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFactory WPFactory Helper plugin <= 1.5.2 versions. | 2023-08-05 | 6.1 | CVE-2023-36689 MISC |
wordpress — wordpress | The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape various parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 2023-08-07 | 6.1 | CVE-2023-3671 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions. | 2023-08-05 | 6.1 | CVE-2023-37873 MISC |
joomla — joomla | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements. | 2023-08-07 | 6.1 | CVE-2023-38045 MISC |
lw-systems — benno_mailarchiv | An issue was discovered in LWsystems Benno MailArchiv 2.10.1. Attackers can cause XSS via JavaScript content to a mailbox. | 2023-08-09 | 6.1 | CVE-2023-38347 MISC MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Syntactics, Inc. EaSYNC plugin <= 1.3.7 versions. | 2023-08-08 | 6.1 | CVE-2023-38384 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Hiroaki Miyashita Custom Field Template plugin <= 2.5.9 versions. | 2023-08-07 | 6.1 | CVE-2023-38392 MISC |
churchcrm — churchcrm | Cross Site Scripting (XSS) vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the systemSettings.php component. | 2023-08-08 | 6.1 | CVE-2023-38761 MISC MISC MISC MISC |
creativeitem — academy_learning_management_ |
Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting (XSS) vulnerability. | 2023-08-04 | 6.1 | CVE-2023-38964 MISC |
prestashop — prestashop | PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the `isCleanHTML` method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds. | 2023-08-07 | 6.1 | CVE-2023-39527 MISC MISC |
phpgurukul — online_security_guards_hiring_ |
PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to Cross-Site Scripting (XSS). | 2023-08-04 | 6.1 | CVE-2023-39552 MISC |
emby — media_browser_emby_server | A vulnerability was found in Media Browser Emby Server 4.7.13.0 and classified as problematic. This issue affects some unknown processing of the file /web/. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-236183. | 2023-08-05 | 6.1 | CVE-2023-4167 MISC MISC MISC |
moosocial — moostore | A vulnerability, which was classified as problematic, was found in mooSocial mooStore 3.1.6. Affected is an unknown function of the file /search/index. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-236208. | 2023-08-06 | 6.1 | CVE-2023-4173 MISC MISC MISC |
moosocial — moostore | A vulnerability has been found in mooSocial mooStore 3.1.6 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier VDB-236209 was assigned to this vulnerability. | 2023-08-06 | 6.1 | CVE-2023-4174 MISC MISC MISC |
moosocial — mootravel | A vulnerability was found in mooSocial mooTravel 3.1.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. VDB-236210 is the identifier assigned to this vulnerability. | 2023-08-06 | 6.1 | CVE-2023-4175 MISC MISC |
microsoft — .net_framework | .NET Framework Spoofing Vulnerability | 2023-08-08 | 5.9 | CVE-2023-36873 MISC |
vyperlang — vyper | Vyer is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). In versions 0.2.15, 0.2.16 and 0.3.0, named re-entrancy locks are allocated incorrectly. Each function using a named re-entrancy lock gets a unique lock regardless of the key, allowing cross-function re-entrancy in contracts compiled with the susceptible versions. A specific set of conditions is required to result in misbehavior of affected contracts, specifically: a `.vy` contract compiled with `vyper` versions `0.2.15`, `0.2.16`, or `0.3.0`; a primary function that utilizes the `@nonreentrant` decorator with a specific `key` and does not strictly follow the check-effects-interaction pattern (i.e. contains an external call to an untrusted party before storage updates); and a secondary function that utilizes the same `key` and would be affected by the improper state caused by the primary function. Version 0.3.1 contains a fix for this issue. | 2023-08-07 | 5.9 | CVE-2023-39363 MISC MISC MISC MISC MISC |
sap — supplier_relationship_ |
SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to specialize their attacks against SRM. | 2023-08-08 | 5.8 | CVE-2023-39436 MISC MISC |
empowerid — empowerid | A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This issue affects some unknown processing of the component Multi-Factor Authentication Code Handler. The manipulation leads to information disclosure. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 7.205.0.1 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-236213 was assigned to this vulnerability. | 2023-08-06 | 5.7 | CVE-2023-4177 MISC MISC MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-29303 MISC |
google — android | In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | 2023-08-07 | 5.5 | CVE-2023-33906 MISC |
google — android | In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | 2023-08-07 | 5.5 | CVE-2023-33907 MISC |
google — android | In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | 2023-08-07 | 5.5 | CVE-2023-33908 MISC |
google — android | In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | 2023-08-07 | 5.5 | CVE-2023-33909 MISC |
google — android | In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | 2023-08-07 | 5.5 | CVE-2023-33910 MISC |
google — android | In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | 2023-08-07 | 5.5 | CVE-2023-33911 MISC |
google — android | In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | 2023-08-07 | 5.5 | CVE-2023-33912 MISC |
microsoft — windows_server_2008 | Windows Group Policy Security Feature Bypass Vulnerability | 2023-08-08 | 5.5 | CVE-2023-36889 MISC |
microsoft — windows_server_2022 | Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability | 2023-08-08 | 5.5 | CVE-2023-36914 MISC |
adobe — xmp_toolkit | Adobe XMP Toolkit versions 2022.06 is affected by a Uncontrolled Resource Consumption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38210 MISC |
adobe — dimension | Adobe Dimension version 3.4.9 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-09 | 5.5 | CVE-2023-38213 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38230 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38232 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38236 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38237 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38238 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38239 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38240 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38241 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38242 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38243 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38244 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page. | 2023-08-10 | 5.5 | CVE-2023-38245 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38247 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 5.5 | CVE-2023-38248 MISC |
siemens — teamcenter_visualization | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition. | 2023-08-08 | 5.5 | CVE-2023-38532 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in NooTheme Noo Timetable plugin <= 2.1.3 versions. | 2023-08-08 | 5.4 | CVE-2022-45821 MISC |
wordpress — wordpress | The WP Food Manager WordPress plugin before 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-08-07 | 5.4 | CVE-2023-0604 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in bkmacdaddy designs Pinterest RSS Widget plugin <= 2.3.1 versions. | 2023-08-08 | 5.4 | CVE-2023-23877 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExactMetrics plugin <= 7.14.1 versions. | 2023-08-08 | 5.4 | CVE-2023-23880 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Elegant themes Divi theme <= 4.20.2 versions. | 2023-08-08 | 5.4 | CVE-2023-29099 MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in VillaTheme WPBulky plugin <= 1.0.10 versions. | 2023-08-08 | 5.4 | CVE-2023-30482 MISC |
paessler — prtg_network_monitor | An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. To exploit the vulnerability, a authenticated user can create a HL7 Sensor. When creating this sensor, the user can set the HL7 message that should be sent from the PRTG device. This input parameter contains a path traversal vulnerability that allows an attacker to choose arbitrary files from the system. | 2023-08-09 | 5.4 | CVE-2023-31448 MISC MISC |
paessler — prtg_network_monitor | An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. To exploit the vulnerability, a authenticated user can create a WMI Custom Sensor. When creating this sensor, the user can set the WQL message that should be sent from the PRTG device. This input parameter contains a path traversal vulnerability that allows an attacker to choose arbitrary files from the system. | 2023-08-09 | 5.4 | CVE-2023-31449 MISC MISC |
paessler — prtg_network_monitor | An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. To exploit the vulnerability, a authenticated user can create a SQL Sensor. When creating this sensor, the user can set the SQL message that should be sent from the PRTG device. This input parameter contains a path traversal vulnerability that allows an attacker to choose arbitrary files from the system. They will be transmitted over the internet to the attacker’s machine. | 2023-08-09 | 5.4 | CVE-2023-31450 MISC MISC |
wordpress — wordpress | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rank Math SEO plugin <= 1.0.119 versions. | 2023-08-06 | 5.4 | CVE-2023-32600 MISC |
wordpress — wordpress | The Quiz And Survey Master WordPress plugin before 8.1.11 does not properly sanitize and escape question titles, which could allow users with the Contributor role and above to perform Stored Cross-Site Scripting attacks | 2023-08-07 | 5.4 | CVE-2023-3575 MISC |
phpjabbers — callback_widget | There is a Cross Site Scripting (XSS) vulnerability in the value-enum-o_bf_include_ |
2023-08-10 | 5.4 | CVE-2023-36312 MISC MISC |
apache — roller | Insufficient input validation and sanitation in Weblog Category name, Website About and File Upload features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.2 and you should disable Roller’s File Upload feature. | 2023-08-06 | 5.4 | CVE-2023-37581 MISC MISC |
wger — workout_manager | Cross Site Scripting vulnerability in wger Project wger Workout Manager v.2.2.0a3 allows a remote attacker to gain privileges via the license_author field in the add-ingredient function in the templates/ingredients/view. |
2023-08-08 | 5.4 | CVE-2023-38758 MISC MISC |
churchcrm — churchcrm | Cross Site Scripting (XSS) vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the PersonView.php component. | 2023-08-08 | 5.4 | CVE-2023-38766 MISC MISC MISC MISC |
jeesite — jeesite | An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete models created by the Administrator. | 2023-08-04 | 5.4 | CVE-2023-38991 MISC |
sap — business_one | SAP business One allows – version 10.0, allows an attacker to insert malicious code into the content of a web page or application and gets it delivered to the client, resulting to Cross-site scripting. This could lead to harmful action affecting the Confidentiality, Integrity and Availability of the application. | 2023-08-08 | 5.4 | CVE-2023-39437 MISC MISC |
fobybus — social-media-skeleton | social-media-skeleton is an uncompleted social media project implemented using PHP, MySQL, CSS, JavaScript, and HTML. Versions 1.0.0 until 1.0.3 have a stored cross-site scripting vulnerability. The problem is patched in v1.0.3. | 2023-08-08 | 5.4 | CVE-2023-39518 MISC MISC MISC |
omeka — omeka_s | Cross-site Scripting (XSS) – Stored in GitHub repository omeka/omeka-s prior to 4.0.3. | 2023-08-04 | 5.4 | CVE-2023-4158 MISC MISC |
cockpit — cockpit | Cross-site Scripting (XSS) – Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3. | 2023-08-06 | 5.4 | CVE-2023-4196 MISC MISC |
advantech — eki-1524_firmware | Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the device name field of the web-interface. | 2023-08-08 | 5.4 | CVE-2023-4202 MISC MISC |
advantech — eki-1524_firmware | Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface. | 2023-08-08 | 5.4 | CVE-2023-4203 MISC MISC |
wordpress — wordpress | The EmbedPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ‘admin_post_remove’ and ‘remove_private_data’ functions in versions up to, and including, 3.8.2. This makes it possible for authenticated attackers with subscriber privileges or above, to delete plugin settings. | 2023-08-10 | 5.4 | CVE-2023-4282 MISC MISC MISC MISC |
cisco — asyncos | A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device. The vulnerability is due to improper handling of password-protected zip files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted zip-compressed file to an affected device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email. | 2023-08-04 | 5.3 | CVE-2020-26082 MISC |
vmware — horizon_client | VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests. | 2023-08-04 | 5.3 | CVE-2023-34037 MISC |
vmware — horizon_client | VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration. | 2023-08-04 | 5.3 | CVE-2023-34038 MISC |
phpjabbers — cleaning_business_software | User enumeration is found in in PHPJabbers Cleaning Business Software 1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | 2023-08-04 | 5.3 | CVE-2023-36141 MISC MISC |
sap — powerdesigner | SAP PowerDesigner – version 16.7, queries all password hashes in the backend database and compares it with the user provided one during login attempt, which might allow an attacker to access password hashes from the client’s memory. | 2023-08-08 | 5.3 | CVE-2023-37484 MISC MISC |
sap — business_one | SAP Business One (Service Layer) – version 10.0, allows an authenticated attacker with deep knowledge perform certain operation to access unintended data over the network which could lead to high impact on confidentiality with no impact on integrity and availability of the application | 2023-08-08 | 5.3 | CVE-2023-37487 MISC MISC |
adobe — commerce | Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by a XML Injection (aka Blind XPath Injection) vulnerability that could lead in minor arbitrary file system read. Exploitation of this issue does not require user interaction. | 2023-08-09 | 5.3 | CVE-2023-38207 MISC |
matrix — sydent | Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to send emails using TLS, Sydent does not verify SMTP servers’ certificates. This makes Sydent’s emails vulnerable to interception via a man-in-the-middle (MITM) attack. Attackers with privileged access to the network can intercept room invitations and address confirmation emails. This is patched in Sydent 2.5.6. When patching, make sure that Sydent trusts the certificate of the server it is connecting to. This should happen automatically when using properly issued certificates. Those who use self-signed certificates should make sure to copy their Certification Authority certificate, or their self signed certificate if using only one, to the trust store of your operating system. As a workaround, one can ensure Sydent’s emails fail to send by setting the configured SMTP server to a loopback or non-routable address under one’s control which does not have a listening SMTP server. | 2023-08-04 | 5.3 | CVE-2023-38686 MISC MISC MISC MISC MISC MISC MISC |
socketry — protocol-http1 | protocol-http1 provides a low-level implementation of the HTTP/1 protocol. RFC 9112 Section 7.1 defined the format of chunk size, chunk data and chunk extension. The value of Content-Length header should be a string of 0-9 digits, the chunk size should be a string of hex digits and should split from chunk data using CRLF, and the chunk extension shouldn’t contain any invisible character. However, Falcon has following behaviors while disobey the corresponding RFCs: accepting Content-Length header values that have `+` prefix, accepting Content-Length header values that written in hexadecimal with `0x` prefix, accepting `0x` and `+` prefixed chunk size, and accepting LF in chunk extension. This behavior can lead to desync when forwarding through multiple HTTP parsers, potentially results in HTTP request smuggling and firewall bypassing. This issue is fixed in `protocol-http1` v0.15.1. There are no known workarounds. | 2023-08-04 | 5.3 | CVE-2023-38697 MISC MISC MISC MISC |
chengdu — flash_flood_disaster_ |
A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. The manipulation of the argument Files leads to path traversal: ‘../filedir’. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-236206 is the identifier assigned to this vulnerability. | 2023-08-05 | 5.3 | CVE-2023-4171 MISC MISC MISC |
fujitsu — software_infrastructure_ |
An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The ismsnap component (in this specific case at /var/log/fujitsu/ |
2023-08-07 | 5 | CVE-2023-39903 MISC MISC |
phoenixcontact — multiple_products | In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an authenticated remote attacker with admin privileges could upload a crafted XML file which causes a denial-of-service. | 2023-08-08 | 4.9 | CVE-2023-3569 MISC MISC |
zoom — zoom | Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access. | 2023-08-08 | 4.9 | CVE-2023-39218 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Catalyst Connect Catalyst Connect Zoho CRM Client Portal plugin <= 2.0.0 versions. | 2023-08-10 | 4.8 | CVE-2022-44629 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pierre JEHAN Owl Carousel plugin <= 0.5.3 versions. | 2023-08-08 | 4.8 | CVE-2023-23829 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anadnet Quick Page/Post Redirect Plugin plugin <= 5.2.3 versions. | 2023-08-08 | 4.8 | CVE-2023-25063 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Postsnippets Post Snippets plugin <= 4.0.2 versions. | 2023-08-08 | 4.8 | CVE-2023-25459 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rigorous & Factory Pattern Dovetail plugin <= 1.2.13 versions. | 2023-08-08 | 4.8 | CVE-2023-25984 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themeqx LetterPress plugin <= 1.1.2 versions. | 2023-08-08 | 4.8 | CVE-2023-27415 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Decon Digital Decon WP SMS plugin <= 1.1 versions. | 2023-08-08 | 4.8 | CVE-2023-27416 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsThemes NS Coupon To Become Customer plugin <= 1.2.2 versions. | 2023-08-08 | 4.8 | CVE-2023-27422 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Never5 Post Connector plugin <= 1.0.9 versions. | 2023-08-08 | 4.8 | CVE-2023-28931 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mammothology WP Full Stripe Free plugin <= 1.6.1 versions. | 2023-08-08 | 4.8 | CVE-2023-28934 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ransom Christofferson PDQ CSV plugin <= 1.0.0 versions. | 2023-08-08 | 4.8 | CVE-2023-31221 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GetButton Chat Button by GetButton.Io plugin <= 1.8.9.4 versions. | 2023-08-08 | 4.8 | CVE-2023-32292 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joseph C Dolson My Content Management plugin <= 1.7.6 versions. | 2023-08-05 | 4.8 | CVE-2023-34377 MISC |
wordpress — wordpress | The Bubble Menu WordPress plugin before 3.0.5 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup). | 2023-08-07 | 4.8 | CVE-2023-3650 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP-buy WP Content Copy Protection & No Right Click plugin <= 3.5.5 versions. | 2023-08-05 | 4.8 | CVE-2023-36678 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Christian Kramer & Hendrik Thole WP-Cirrus plugin <= 0.6.11 versions. | 2023-08-08 | 4.8 | CVE-2023-36692 MISC |
phpgurukul– online_nurse_hiring_system | Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Profile Page of the Admin. | 2023-08-08 | 4.8 | CVE-2023-37683 MISC MISC MISC |
phpgurukul — online_nurse_hiring_system | Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Details of the Admin portal. | 2023-08-08 | 4.8 | CVE-2023-37684 MISC MISC MISC MISC |
phpgurukul — online_nurse_hiring_system | Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Page of the Admin portal. | 2023-08-08 | 4.8 | CVE-2023-37685 MISC MISC MISC MISC |
phpgurukul — online_nurse_hiring_system | Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Nurse Page in the Admin portal. | 2023-08-08 | 4.8 | CVE-2023-37686 MISC MISC MISC MISC |
phpgurukul– maid_hiring_management_system | Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Admin page. | 2023-08-08 | 4.8 | CVE-2023-37688 MISC MISC MISC MISC |
phpgurukul — maid_hiring_management_system | Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Booking Request page. | 2023-08-08 | 4.8 | CVE-2023-37689 MISC MISC MISC MISC |
phpgurukul– maid_hiring_management_system | Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page. | 2023-08-08 | 4.8 | CVE-2023-37690 MISC MISC MISC MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dimitar Ivanov HTTP Headers plugin <= 1.18.11 versions. | 2023-08-05 | 4.8 | CVE-2023-37874 MISC |
omeka — omeka_s | Improper Input Validation in GitHub repository omeka/omeka-s prior to 4.0.3. | 2023-08-04 | 4.8 | CVE-2023-4157 MISC MISC |
dedebiz — dedebiz | A vulnerability was found in DedeBIZ 6.2.10. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Article Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-236186 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-08-05 | 4.8 | CVE-2023-4170 MISC MISC MISC |
instantcms — instantcms | Cross-site Scripting (XSS) – Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git. | 2023-08-05 | 4.8 | CVE-2023-4187 MISC MISC |
instantcms — instantcms | Cross-site Scripting (XSS) – Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git. | 2023-08-05 | 4.8 | CVE-2023-4189 MISC MISC |
adobe — acrobat_reader | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Untrusted Search Path vulnerability that could lead to Application denial-of-service. An attacker could leverage this vulnerability if the default PowerShell Set-ExecutionPolicy is set to Unrestricted, making the attack complexity high. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2023-08-10 | 4.7 | CVE-2023-29299 MISC |
microsoft — azure_hdinsights | Azure HDInsight Jupyter Notebook Spoofing Vulnerability | 2023-08-08 | 4.6 | CVE-2023-35394 MISC |
microsoft — azure_hdinsights | Azure Apache Hive Spoofing Vulnerability | 2023-08-08 | 4.5 | CVE-2023-35393 MISC |
microsoft — azure_hdinsights | Azure Apache Oozie Spoofing Vulnerability | 2023-08-08 | 4.5 | CVE-2023-36877 MISC |
microsoft — azure_hdinsights | Azure Apache Ambari Spoofing Vulnerability | 2023-08-08 | 4.5 | CVE-2023-36881 MISC |
microsoft — azure_hdinsights | Azure Apache Hadoop Spoofing Vulnerability | 2023-08-08 | 4.5 | CVE-2023-38188 MISC |
google — android | In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | 2023-08-07 | 4.4 | CVE-2022-47350 MISC |
google — android | In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | 2023-08-07 | 4.4 | CVE-2022-47351 MISC |
google — android | In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756. | 2023-08-07 | 4.4 | CVE-2023-20780 MISC |
google — android | In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323. | 2023-08-07 | 4.4 | CVE-2023-20781 MISC |
google — android | In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550103. | 2023-08-07 | 4.4 | CVE-2023-20782 MISC |
google — android | In jpeg, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07693193; Issue ID: ALPS07693193. | 2023-08-07 | 4.4 | CVE-2023-20789 MISC |
mediatek_inc. — multiple_products | In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194. | 2023-08-07 | 4.4 | CVE-2023-20790 MISC |
google — android | In apu, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767818; Issue ID: ALPS07767818. | 2023-08-07 | 4.4 | CVE-2023-20793 MISC |
mediatek_inc. — multiple_products | In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790. | 2023-08-07 | 4.4 | CVE-2023-20796 MISC |
google — android | In pda, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07147572; Issue ID: ALPS07421076. | 2023-08-07 | 4.4 | CVE-2023-20798 MISC |
google — android | In IOMMU, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061. | 2023-08-07 | 4.4 | CVE-2023-20810 MISC |
mediatek_inc. — multiple_products | In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987. | 2023-08-07 | 4.4 | CVE-2023-20812 MISC |
google — android | In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453549; Issue ID: ALPS07453549. | 2023-08-07 | 4.4 | CVE-2023-20813 MISC |
google — android | In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460540; Issue ID: ALPS07460540. | 2023-08-07 | 4.4 | CVE-2023-20818 MISC |
sap — businessobjects_business_ |
In SAP BusinessObjects Business Intelligence – version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to have local access to the system. There is no impact on availability and integrity. | 2023-08-08 | 4.4 | CVE-2023-39440 MISC MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser. | 2023-08-09 | 4.3 | CVE-2023-37855 MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser . | 2023-08-09 | 4.3 | CVE-2023-37856 MISC |
sulu — sulu | Sulu is an open-source PHP content management system based on the Symfony framework. It allows over the Admin Login form to detect which user (username, email) exists and which one do not exist. Sulu Installation not using the old Symfony 5.4 security System and previous version are not impacted by this Security issue. The vulnerability has been patched in version 2.5.10. | 2023-08-04 | 4.3 | CVE-2023-39343 MISC MISC MISC |
wordpress — wordpress | The FULL – Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to obtain sensitive information about the site configuration as disclosed by the WordPress health check. | 2023-08-09 | 4.3 | CVE-2023-4242 MISC MISC |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. This issue cannot be exploited to bypass the web service authentication of the affected device(s). | 2023-08-09 | 3.8 | CVE-2023-37857 MISC |
phoenixcontact — wp_6xxx_series | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password. | 2023-08-09 | 3.8 | CVE-2023-37858 MISC |
matrix — matrix_irc_bridge | matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Version 1.0.1n fixes this issue. As a workaround, set the `matrixHandler.eventCacheSize` config value to `0`. This workaround may impact performance. | 2023-08-04 | 3.7 | CVE-2023-38700 MISC MISC MISC |
Severity Not Yet Assigned
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
jbt_markdown_editor — jbt_markdown_editor | Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed3248 |
2023-08-11 | not yet calculated | CVE-2020-19952 MISC CONFIRM MISC |
gila_cms — gila_cms | Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation. | 2023-08-11 | not yet calculated | CVE-2020-20523 MISC |
yzmcms — yzmcms | Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint. | 2023-08-11 | not yet calculated | CVE-2020-23595 MISC |
laborator — kalium | Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code. | 2023-08-11 | not yet calculated | CVE-2020-24075 MISC |
jerryscript — jerryscript | An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference). | 2023-08-11 | not yet calculated | CVE-2020-24187 MISC MISC |
getbyte — getbyte | An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop). | 2023-08-11 | not yet calculated | CVE-2020-24221 MISC |
ffjpeg – – ffjpeg | Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN. | 2023-08-11 | not yet calculated | CVE-2020-24222 MISC |
cms — cms_dev | Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs. | 2023-08-11 | not yet calculated | CVE-2020-24804 MISC |
lepton-cms — lepton-cms | Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code. | 2023-08-11 | not yet calculated | CVE-2020-24872 MISC |
gnome_gmail — gnome_gmail | An issue was discovered in attach parameter in GNOME Gmail version 2.5.4, allows remote attackers to gain sensitive information via crafted “mailto” link. | 2023-08-11 | not yet calculated | CVE-2020-24904 MISC |
xxl-job-admin — xxl-job-admin | Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file. | 2023-08-11 | not yet calculated | CVE-2020-24922 MISC |
daylight_studio_fuel_cms — daylight_studio_fuel_cms | SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items. | 2023-08-11 | not yet calculated | CVE-2020-24950 MISC |
thinkcmf — thinkcmf | Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login. | 2023-08-11 | not yet calculated | CVE-2020-25915 MISC |
zoho — manageengine_password_manager_ |
Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload. | 2023-08-11 | not yet calculated | CVE-2020-27449 MISC MISC |
zrlog — zrlog | Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service (DoS). | 2023-08-11 | not yet calculated | CVE-2020-27514 MISC |
foldingathome_client — foldingathome_client | An issue was discovered in FoldingAtHome Client Advanced Control GUI before commit 9b619ae64443997948a36dda01b420 |
2023-08-11 | not yet calculated | CVE-2020-27544 MISC |
kindsoft– kindeditor | Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code. | 2023-08-11 | not yet calculated | CVE-2020-28717 MISC |
jhead — jhead | Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead version 3.04, allows local attackers to execute arbitrary code and cause a denial of service (DoS). | 2023-08-11 | not yet calculated | CVE-2020-28840 MISC MISC MISC MISC |
churchcrm — churchcrm | CSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file. | 2023-08-11 | not yet calculated | CVE-2020-28848 MISC |
churchcrm — churchcrm | Cross Site Scripting (XSS) vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module. | 2023-08-11 | not yet calculated | CVE-2020-28849 MISC |
faucet — sdn_ryu | An issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | 2023-08-11 | not yet calculated | CVE-2020-35139 MISC |
faucet — sdn_ryu | An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | 2023-08-11 | not yet calculated | CVE-2020-35141 MISC |
foxit — pdf_reader | Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file. | 2023-08-11 | not yet calculated | CVE-2020-35990 MISC MISC |
freedesktop — poppler | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. | 2023-08-11 | not yet calculated | CVE-2020-36023 MISC |
freedesktop — poppler | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. | 2023-08-11 | not yet calculated | CVE-2020-36024 MISC |
sourcecodester — school_faculty_scheduling_ |
SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php. | 2023-08-11 | not yet calculated | CVE-2020-36034 MISC MISC MISC |
wuzhicms — wuzhicms | An issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php. | 2023-08-11 | not yet calculated | CVE-2020-36037 MISC |
bloofoxcms — bloofoxcms | File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module. | 2023-08-11 | not yet calculated | CVE-2020-36082 MISC |
cszcms — cszcms | SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pm_sendmail parameter in csz_model.php. | 2023-08-11 | not yet calculated | CVE-2020-36136 MISC |
ffmpeg — ffmpeg | An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS). | 2023-08-11 | not yet calculated | CVE-2020-36138 MISC MISC MISC |
qdpf — qdpf | An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf. | 2023-08-11 | not yet calculated | CVE-2021-25786 MISC |
supermicro — cms | An issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php. | 2023-08-11 | not yet calculated | CVE-2021-25856 MISC |
supermicro — cms | An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the font_type parameter to setup.php. | 2023-08-11 | not yet calculated | CVE-2021-25857 MISC |
huemagic — huemagic | Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js. | 2023-08-11 | not yet calculated | CVE-2021-26504 MISC |
hello.js — hello.js | Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function. | 2023-08-11 | not yet calculated | CVE-2021-26505 MISC |
open-falcon — open-falcon | An issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface. | 2023-08-11 | not yet calculated | CVE-2021-27523 MISC |
braft-editor — braft-editor | Cross Site Scripting (XSS) vulnerability in margox braft-editor version 2.3.8, allows remote attackers to execute arbitrary code via the embed media feature. | 2023-08-11 | not yet calculated | CVE-2021-27524 MISC |
qt — qt | Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS). | 2023-08-11 | not yet calculated | CVE-2021-28025 MISC |
cookieremembermemanager — ruoyi | An issue was discovered in getRememberedSerializedIdentit |
2023-08-11 | not yet calculated | CVE-2021-28411 MISC |
xnview — xnview | Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file. | 2023-08-11 | not yet calculated | CVE-2021-28427 MISC |
ffmpeg — ffmpeg | Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file. | 2023-08-11 | not yet calculated | CVE-2021-28429 MISC |
xnview — xnview | Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file. | 2023-08-11 | not yet calculated | CVE-2021-28835 MISC CONFIRM |
staticpool — staticpool | An issue was discovered in StaticPool in SUCHMOKUO node-worker-threads-pool version 1.4.3, allows attackers to cause a denial of service. | 2023-08-11 | not yet calculated | CVE-2021-29057 MISC |
pear_admin_think — pear_admin_think | SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php. | 2023-08-11 | not yet calculated | CVE-2021-29378 MISC |
vim — vim | vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method. | 2023-08-11 | not yet calculated | CVE-2021-3236 MISC |
siemens — siemens_software_center | A vulnerability has been identified in Siemens Software Center (All versions < V3.0). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path. | 2023-08-08 | not yet calculated | CVE-2021-41544 MISC |
intel(r) — onemkl | Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-25864 MISC |
intel(r) — proset/wireless_wifi_and_ |
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-27635 MISC |
wordpress — wordpress | Unauth. Open Redirect vulnerability in Arscode Ninja Popups plugin <= 4.7.5 versions. | 2023-08-10 | not yet calculated | CVE-2022-27861 MISC |
intel(r) — processors | Improper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2022-27879 MISC |
intel(r) — dtt | Improper access control in the Intel DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-29470 MISC |
intel(r) — csme | Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-29871 MISC |
intel(r) — manageability_commander | Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 2023-08-11 | not yet calculated | CVE-2022-29887 MISC |
intel(r) — pcsd_bios | Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2022-34657 MISC |
intel(r) — proset/wireless_wifi_and_ |
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access. | 2023-08-11 | not yet calculated | CVE-2022-36351 MISC |
intel(r) — nuc_bios | Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-36372 MISC |
intel(r) — amt_in_csme/standard_ |
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access. | 2023-08-11 | not yet calculated | CVE-2022-36392 MISC |
intel(r) — nuc | Improper input validation in BIOS firmware for some Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-37336 MISC |
intel(r) — processors | Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-37343 MISC |
intel(r) — proset/wireless_wifi_and_ |
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-38076 MISC |
intel(r) — processors | Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2022-38083 MISC |
intel(r) — converged_security_and_ |
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access. | 2023-08-11 | not yet calculated | CVE-2022-38102 MISC |
intel(r) — arc(tm)_graphics_cards_a770_ |
Improper access control for some Intel(R) Arc(TM) graphics cards A770 and A750 sold between October of 2022 and December of 2022 may allow an authenticated user to potentially enable denial of service or infomation disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2022-38973 MISC |
siemens — sicam_toolbox_ii | A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation. | 2023-08-08 | not yet calculated | CVE-2022-39062 MISC |
intel(r) — proset/wireless_wifi_and_ |
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-40964 MISC |
intel(r) — processors | Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2022-40982 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
intel(r) — xeon(r)_processors | Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-41804 MISC MISC |
intel(r) — arc(tm)_graphics_cards_a770_ |
Protection mechanism failure for some Intel(R) Arc(TM) graphics cards A770 and A750 sold between October of 2022 and December of 2022 may allow a privileged user to potentially enable denial of service via local access. | 2023-08-11 | not yet calculated | CVE-2022-41984 MISC |
intel(r) — rst | Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-43456 MISC |
intel(r) — processors | Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. | 2023-08-11 | not yet calculated | CVE-2022-43505 MISC |
intel(r) — processors | Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. | 2023-08-11 | not yet calculated | CVE-2022-44611 MISC |
intel(r) — unison(tm) | Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2022-44612 MISC |
intel(r) — vroc | Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-45112 MISC |
intel(r) — proset/wireless_wifi | Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2022-46329 MISC |
apache — traffic_server | Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server. This issue affects Apache Traffic Server: through 9.2.1. | 2023-08-09 | not yet calculated | CVE-2022-47185 MISC |
studio_11 — outsystems_service | A DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 61739. When a user open a .oml file (OutSystems Modeling Language), the application will load the following DLLs from the same directory av_libGLESv2.dll, libcef.DLL, user32.dll, and d3d10warp.dll. Using a crafted DLL, it is possible to execute arbitrary code in the context of the current logged in user. | 2023-08-10 | not yet calculated | CVE-2022-47636 MISC MISC |
abb — freelance_controllers | ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make the product inaccessible. Numeric Range Comparison Without Minimum Check vulnerability in ABB Freelance controllers AC 700F (Controller modules), ABB Freelance controllers AC 900F (controller modules).This issue affects: Freelance controllers AC 700F: from 9.0;0 through V9.2 SP2, through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1; Freelance controllers AC 900F: Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1. | 2023-08-07 | not yet calculated | CVE-2023-0425 MISC |
abb — freelance_controllers | ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make the product inaccessible. Stack-based Buffer Overflow vulnerability in ABB Freelance controllers AC 700F (conroller modules), ABB Freelance controllers AC 900F (controller modules).This issue affects: Freelance controllers AC 700F: from 9.0;0 through V9.2 SP2, through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019 , through Freelance 2019 SP1, through Freelance 2019 SP1 FP1; Freelance controllers AC 900F: through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1. | 2023-08-07 | not yet calculated | CVE-2023-0426 MISC |
the_opennms_group — horizon | XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to XML external entity (XXE) injection, which can be used for instance to force Horizon to make arbitrary HTTP requests to internal and external services. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization’s private networks and should not be directly accessible from the Internet. | 2023-08-11 | not yet calculated | CVE-2023-0871 MISC MISC |
amd — multiple_products | Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. | 2023-08-08 | not yet calculated | CVE-2023-20555 MISC |
amd — uprof | Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. | 2023-08-08 | not yet calculated | CVE-2023-20556 MISC |
amd — uprof | Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of service. | 2023-08-08 | not yet calculated | CVE-2023-20561 MISC |
amd — uprof | Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. | 2023-08-08 | not yet calculated | CVE-2023-20562 MISC |
amd — ryzen_3000_series_desktop_ |
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | 2023-08-08 | not yet calculated | CVE-2023-20569 MISC MISC MISC MISC MISC MISC MISC MISC |
amd — radeon_software_crimson_ |
A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™ Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations | 2023-08-08 | not yet calculated | CVE-2023-20586 MISC |
amd — epyc_7001_processors | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | 2023-08-08 | not yet calculated | CVE-2023-20588 MISC |
amd — ryzen_3000_series_desktop_ |
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution. | 2023-08-08 | not yet calculated | CVE-2023-20589 MISC |
intel(r) — ethernet_controllers_and_ |
Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access. | 2023-08-11 | not yet calculated | CVE-2023-22276 MISC |
intel(r) — nuc_bios_firmware | Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2023-22330 MISC |
intel(r) — onevpl_gpu | Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2023-22338 MISC |
intel(r) — nuc_bios_firmware | Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2023-22356 MISC |
nozomi_networks — guardian/cmc | A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting parameter, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. Authenticated users can extract arbitrary information from the DBMS in an uncontrolled way. | 2023-08-09 | not yet calculated | CVE-2023-22378 MISC |
intel(r) — nuc | Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | 2023-08-11 | not yet calculated | CVE-2023-22444 MISC |
intel(r) — nuc_bios | Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2023-22449 MISC |
intel(r) — onevpl_gpu | Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access. | 2023-08-11 | not yet calculated | CVE-2023-22840 MISC |
intel(r) — 621a_chipset | Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2023-22841 MISC |
nozomi_networks — guardian | An authenticated attacker with administrative access to the appliance can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will later be executed by another legitimate user viewing the details of such a rule. An attacker may be able to perform unauthorized actions on behalf of legitimate users. JavaScript injection was possible in the content for Yara rules, while limited HTML injection has been proven for packet and STYX rules. The injected code will be executed in the context of the authenticated victim’s session. | 2023-08-09 | not yet calculated | CVE-2023-22843 MISC |
audiocodes — voip_desk_phones | An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is able to store malicious firmware. | 2023-08-11 | not yet calculated | CVE-2023-22955 MISC MISC |
audiocodes — voip_desk_phones | An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information. | 2023-08-11 | not yet calculated | CVE-2023-22956 MISC MISC |
audiocodes — voip_desk_phones | An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password. | 2023-08-11 | not yet calculated | CVE-2023-22957 MISC MISC |
hcl_software — hcl_nomad_for_web | If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented. | 2023-08-10 | not yet calculated | CVE-2023-23342 MISC |
hcl_software — hcl_dryice_iautomate | HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information. | 2023-08-09 | not yet calculated | CVE-2023-23346 MISC |
hcl_software — hcl_dryice_iautomate | HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information. | 2023-08-09 | not yet calculated | CVE-2023-23347 MISC |
nozomi_networks — guardian/cmc | A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the alerts_count component, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. Authenticated users can extract arbitrary information from the DBMS in an uncontrolled way. | 2023-08-09 | not yet calculated | CVE-2023-23574 MISC |
intel(r) — nuc | Uncontrolled search path element for some ITE Tech consumer infrared drivers before version 5.5.2.1 for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. | 2023-08-11 | not yet calculated | CVE-2023-23577 MISC |
wordpress — wordpress | Auth. (contributor+) |