National Cyber Warfare Foundation (NCWF) Forums


Vulnerability Summary for the Week of August 14, 2023


0 user ratings
2023-08-21 18:37:09
milo
Blue Team (CND)

 - archive -- 

High Vulnerabilities
































































































































































































































































































































































































































































































































































































































Primary

Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
foldingathome -- client_advanced_controlAn issue was discovered in FoldingAtHome Client Advanced Control GUI before commit 9b619ae64443997948a36dda01b420578de1af77, allows remote attackers to execute arbitrary code via crafted payload to function parse_message in file Connection.py.2023-08-119.8CVE-2020-27544
MISC
sourcecodester -- school_faculty_scheduling_systemSQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php.2023-08-119.8CVE-2020-36034
MISC
MISC
MISC
bloofox -- bloofoxcmsFile Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module.2023-08-119.8CVE-2020-36082
MISC
hello.js_project -- hello.jsPrototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function.2023-08-119.8CVE-2021-26505
MISC
open-falcon -- dashboardAn issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface.2023-08-119.8CVE-2021-27523
MISC
ruoyi -- ruoyiAn issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges.2023-08-119.8CVE-2021-28411
MISC
intel(r) -- ethernet_controller_rdma_driver_for_linuxImproper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-08-119.8CVE-2023-25775
MISC
wordpress -- wordpressThe Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server.2023-08-129.8CVE-2023-3452
MISC
MISC
MISC
novel-plus -- novel-plusnovel-plus v3.6.2 was discovered to contain a SQL injection vulnerability.2023-08-149.8CVE-2023-37847
MISC
MISC
MISC
huawei -- emuiVulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges.2023-08-139.8CVE-2023-39405
MISC
MISC
schoolmate -- schoolmateSchoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php.2023-08-159.8CVE-2023-39850
MISC
MISC
veritas -- netbackup_snapshot_managerA vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers.2023-08-119.8CVE-2023-40256
MISC
gitpython -- gitpythonGitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.2023-08-119.8CVE-2023-40267
MISC
MISC
intel(r) -- manageability_commanderCross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-08-119.6CVE-2022-29887
MISC
intel(r) -- driver_support_assistantCross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may allow unauthenticated user to potentially enable escalation of privilege via network access.2023-08-119.6CVE-2023-27515
MISC
zrlog -- zrlogDirectory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service (DoS).2023-08-119.1CVE-2020-27514
MISC
huawei -- emuiVulnerability of defects introduced in the design process in the Multi-Device Task Center. Successful exploitation of this vulnerability will cause the hopped app to bypass the app lock and reset the device that initiates the hop.2023-08-139.1CVE-2021-46895
MISC
MISC
huawei -- emuiVulnerability of configuration defects in the media module of certain products. Successful exploitation of this vulnerability may cause unauthorized access.2023-08-139.1CVE-2023-39385
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39398
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39399
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39400
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39401
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39402
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39403
MISC
MISC
yzmcms -- yzmcmsCross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint.2023-08-118.8CVE-2020-23595
MISC
xuxueli -- xxl-jobCross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file.2023-08-118.8CVE-2020-24922
MISC
thedaylightstudio -- fuel_cmsSQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.2023-08-118.8CVE-2020-24950
MISC
churchcrm -- churchcrmCSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file.2023-08-118.8CVE-2020-28848
MISC
wuzhicms -- wuzhicmsAn issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php.2023-08-118.8CVE-2020-36037
MISC
qpdf_project -- qpdfAn issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.2023-08-118.8CVE-2021-25786
MISC
pearadmin -- pear_admin_thinkSQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php.2023-08-118.8CVE-2021-29378
MISC
apple -- iphone_osThe issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.2023-08-148.8CVE-2022-48503
MISC
MISC
MISC
MISC
MISC
google -- androidIn SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-148.8CVE-2023-21273
MISC
MISC
apple -- macosA use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.2023-08-148.8CVE-2023-28198
MISC
MISC
intel(r) -- ai_hackathonUncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-08-118.8CVE-2023-28380
MISC
tigergraph -- tigergraph_enterpriseAn issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform installs a full development toolchain within every TigerGraph deployment. An attacker is able to compile new executables on each Tigergraph system and modify system and Tigergraph binaries.2023-08-158.8CVE-2023-28479
MISC
apple -- macosA type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.2023-08-148.8CVE-2023-32358
MISC
MISC
zyxel -- nbg6604

 
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.2023-08-148.8CVE-2023-33013
MISC
postgresql -- postgresqlIN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.2023-08-118.8CVE-2023-39417
MISC
MISC
MISC
jenkins -- jenkinsA cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.2023-08-168.8CVE-2023-40341
MISC
MISC
wordpress -- wordpress

 
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmpp_update_profile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'profile[role]' parameter during a profile update.2023-08-128.8CVE-2023-4293
MISC
MISC
MISC
wordpress -- wordpress

 
The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the 'notify_ping_remote' AJAX function in versions up to, and including, 1.2.12. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. This was partially patched in version 1.2.12 and fully patched in version 1.2.13.2023-08-168.5CVE-2023-3958
MISC
MISC
MISC
MISC
red_lion_europe -- mbnet

 
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker to store an arbitrary JavaScript payload on the diagnosis page of the device. That page is loaded immediately after login into the device and runs the stored payload, allowing the attacker to read and write browser data and reduce system performance.2023-08-178.3CVE-2023-34412
MISC
MISC
intel(r) -- celeron_j6413_firmwareImproper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.2023-08-118CVE-2022-44611
MISC
rockcarry -- ffjpegBuffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN.2023-08-117.8CVE-2020-24222
MISC
apple -- macosAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution.2023-08-147.8CVE-2020-36615
MISC
xnview -- xnviewBuffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.2023-08-117.8CVE-2021-28427
MISC
xnview -- xnviewBuffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.2023-08-117.8CVE-2021-28835
MISC
CONFIRM
intel(r) -- oneapi_math_kernel_libraryUncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2022-25864
MISC
intel(r) -- dynamic_tuning_technologyImproper access control in the Intel DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2022-29470
MISC
intel(r)-- multiple_productsImproper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2022-38076
MISC
intel(r) -- rapid_storage_technologyUncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2022-43456
MISC
apple -- mac_os_xA type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges.2023-08-147.8CVE-2022-46706
MISC
MISC
MISC
google -- androidIn registerServiceLocked of ManagedServices.java, there is a possible bypass of background activity launch restrictions due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-147.8CVE-2023-21229
MISC
google -- androidIn getIntentForButton of ButtonManager.java, there is a possible way for an unprivileged application to start a non-exported or permission-protected activity due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-147.8CVE-2023-21231
MISC
google -- androidIn readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-147.8CVE-2023-21272
MISC
MISC
intel(r) -- uniteUncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-25182
MISC
intel(r) -- uniteImproper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-25773
MISC
intel(r) -- vcust_toolUncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-25944
MISC
intel(r) -- easy_streaming_wizardImproper input validation for the Intel(R) Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-26587
MISC
intel(r) -- advanced_link_analyzerIncorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-27505
MISC
intel(r) -- optimization_for_tensorflowImproper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-27506
MISC
intel(r) -- ispc_software_installerImproper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.2023-08-117.8CVE-2023-27509
MISC
intel(r) -- openvinoUncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-28405
MISC
intel(r) -- oneapi_math_kernel_libraryInsecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-28658
MISC
onlyoffice -- document_serverA use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.2023-08-147.8CVE-2023-30186
MISC
MISC
MISC
MISC
MISC
MISC
onlyoffice -- document_serverAn out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.2023-08-147.8CVE-2023-30187
MISC
MISC
MISC
MISC
MISC
MISC
intel(r) -- intelligent_test_systemIncorrect default permissions in the Intel(R) ITS sofware before version 3.1 may allow authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-32543
MISC
intel(r) -- realsense_450_fa_firmwareImproper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-32656
MISC
intel(r) -- realsense_software_development_kitIncorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-32663
MISC
intel(r) -- realsense_450_fa_firmwareImproper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-33867
MISC
intel(r) -- realsense_450_fa_firmwareOut-of-bounds write in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-33877
MISC
intel(r) -- realsense_450_fa_firmwareProtection mechanism failure in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-34427
MISC
intel(r) -- nuc_biosRace condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-34438
MISC
faucet_sdn -- ryuAn issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).2023-08-117.5CVE-2020-35139
MISC
faucet_sdn -- ryuAn issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).2023-08-117.5CVE-2020-35141
MISC
cszcms-- cszcmsSQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pm_sendmail parameter in csz_model.php.2023-08-117.5CVE-2020-36136
MISC
ffmpeg -- ffmpegAn issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).2023-08-117.5CVE-2020-36138
MISC
MISC
MISC
dgtl -- huemagicDirectory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.2023-08-117.5CVE-2021-26504
MISC
google -- androidIn multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-147.5CVE-2023-21233
MISC
wordpress -- wordpress

 
The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges.2023-08-157.5CVE-2023-2916
MISC
MISC
MISC
faad2 -- faad2Buffer Overflow vulnerability in faad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.2023-08-157.5CVE-2023-38857
MISC
huawei -- harmonyosPermission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnormally.2023-08-137.5CVE-2023-39380
MISC
MISC
huawei -- emuiInput verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.2023-08-137.5CVE-2023-39381
MISC
MISC
huawei -- emuiInput verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.2023-08-137.5CVE-2023-39382
MISC
MISC
huawei -- emuiVulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security.2023-08-137.5CVE-2023-39383
MISC
MISC
huawei -- harmonyosVulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally.2023-08-137.5CVE-2023-39384
MISC
MISC
huawei -- emuiVulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart.2023-08-137.5CVE-2023-39386
MISC
MISC
huawei -- emuiVulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.2023-08-137.5CVE-2023-39388
MISC
MISC
huawei -- emuiVulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.2023-08-137.5CVE-2023-39389
MISC
MISC
huawei -- harmonyosVulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.2023-08-137.5CVE-2023-39390
MISC
MISC
huawei -- emuiVulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality.2023-08-137.5CVE-2023-39391
MISC
MISC
huawei -- harmonyosVulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten.2023-08-137.5CVE-2023-39392
MISC
MISC
huawei -- harmonyosVulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation of this vulnerability may cause ServiceWifiResources to be maliciously modified and overwritten.2023-08-137.5CVE-2023-39393
MISC
MISC
huawei -- emuiVulnerability of API privilege escalation in the wifienhance module. Successful exploitation of this vulnerability may cause the arp list to be modified.2023-08-137.5CVE-2023-39394
MISC
MISC
huawei -- emuiMismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability.2023-08-137.5CVE-2023-39395
MISC
MISC
huawei -- harmonyosDeserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability.2023-08-137.5CVE-2023-39396
MISC
MISC
huawei -- emuiInput parameter verification vulnerability in the communication system. Successful exploitation of this vulnerability may affect availability.2023-08-137.5CVE-2023-39397
MISC
MISC
huawei -- emuiVulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.2023-08-137.5CVE-2023-39404
MISC
MISC
huawei -- emuiPermission control vulnerability in the XLayout component. Successful exploitation of this vulnerability may cause apps to forcibly restart.2023-08-137.5CVE-2023-39406
MISC
MISC
tenda -- a18Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function.2023-08-147.5CVE-2023-39827
MISC
tenda -- a18Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.2023-08-147.5CVE-2023-39828
MISC
tenda -- a18Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function.2023-08-147.5CVE-2023-39829
MISC
mattermost -- mattermostMattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged2023-08-117.5CVE-2023-4108
MISC
intel(r) -- quartus_primeUncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.3CVE-2023-24016
MISC
intel(r) -- open_image_denoiseUncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.3CVE-2023-28823
MISC
supermicro-cms_project -- supermicro-cmsAn issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the font_type parameter to setup.php.2023-08-117.2CVE-2021-25857
MISC
intel(r) -- unisonImproper access control in some Intel(R) Unison(TM) software before version 10.12 may allow a privileged user to potentially enable escalation of privilege via network access.2023-08-117.2CVE-2023-25757
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php.2023-08-177.2CVE-2023-31938
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php.2023-08-177.2CVE-2023-31939
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the page_id parameter at article_edit.php.2023-08-177.2CVE-2023-31940
MISC
online_travel_agency_system_project -- online_travel_agency_systemFile Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the employee_insert.php.2023-08-177.2CVE-2023-31941
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the ticket_id parameter at ticket_detail.php.2023-08-177.2CVE-2023-31943
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_edit.php.2023-08-177.2CVE-2023-31944
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php.2023-08-177.2CVE-2023-31945
MISC
online_travel_agency_system_project -- online_travel_agency_systemFile Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php.2023-08-177.2CVE-2023-31946
MISC
solarwinds -- serv-uA vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 2023-08-117.2CVE-2023-35179
MISC
MISC
snowsoftware -- snow_license_managerBlind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands via the web portal.2023-08-117.2CVE-2023-3864
MISC
wordpress -- wordpress

 
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.2023-08-157.2CVE-2023-4308
MISC
MISC
apple -- macosThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted AppleScript binary may result in unexpected app termination or disclosure of process memory.2023-08-147.1CVE-2023-28179
MISC

Back to top


 



Medium Vulnerabilities




























































































































































































































































































































































































































































































































































































Primary

Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
intel(r)-- multiple_productsImproper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-27635
MISC
intel(r)-- nuc_biosImproper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-36372
MISC
intel(r) -- nucImproper input validation in BIOS firmware for some Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-37336
MISC
intel(r)-- atom_c3338r_firmwareImproper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-37343
MISC
intel(r) -- multiple_productsImproper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-40964
MISC
intel(r) -- xeon(r)_processorsUnauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-41804
MISC
MISC
MISC
MISC
intel(r) -- proset/wireless_wifiProtection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-46329
MISC
intel(r) -- nuc_biosImproper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-22449
MISC
intel(r)-- open_image_denoiseImproper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-27391
MISC
intel(r) -- next_unit_of_computing_firmwareImproper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access.2023-08-116.7CVE-2023-28385
MISC
intel(r) -- nuc_biosImproper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-29494
MISC
intel(r) -- multiple_productsImproper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-32617
MISC
intel(r) -- nuc_biosImproper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-34086
MISC
cms-dev -- cmsPlaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs.2023-08-116.5CVE-2020-24804
MISC
gnome-gmail -- gnome-gmailAn issue was discovered in attach parameter in GNOME Gmail version 2.5.4, allows remote attackers to gain sensitive information via crafted "mailto" link.2023-08-116.5CVE-2020-24904
MISC
freedesktop -- popplerAn issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.2023-08-116.5CVE-2020-36023
MISC
MLIST
intel(r)-- multiple_productsImproper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.2023-08-116.5CVE-2022-36351
MISC
intel(r) -- processorsInformation exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.2023-08-116.5CVE-2022-40982
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
tigergraph -- tigergraph_enterpriseAn issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions (UDFs) from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An attacker who has filesystem access on a remote TigerGraph system can alter the behavior of the database against the will of the database administrator; thus, effectively bypassing the built in RBAC controls.2023-08-146.5CVE-2023-28480
MISC
zyxel -- multiple_products

 
Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.2023-08-146.5CVE-2023-28768
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018.2023-08-156.5CVE-2023-38851
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266.2023-08-156.5CVE-2023-38852
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015.2023-08-156.5CVE-2023-38853
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296.2023-08-156.5CVE-2023-38854
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.2023-08-156.5CVE-2023-38855
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.2023-08-156.5CVE-2023-38856
MISC
faad2 -- faad2Buffer Overflow vulnerability in faad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.2023-08-156.5CVE-2023-38858
MISC
jenkins -- jenkinsJenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to.2023-08-166.5CVE-2023-40345
MISC
MISC
jenkins -- jenkinsJenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to.2023-08-166.5CVE-2023-40347
MISC
MISC
mattermost -- mattermostMattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able to view, join, edit, export and archive public playbooks.2023-08-116.5CVE-2023-4106
MISC
mattermost -- mattermostMattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.2023-08-116.5CVE-2023-4107
MISC
intel(r) -- nuc_biosRace condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.4CVE-2023-34349
MISC
jbt -- markdown_editorCross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file.2023-08-116.1CVE-2020-19952
MISC
CONFIRM
MISC
gilacms -- gila_cmsCross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation.2023-08-116.1CVE-2020-20523
MISC
laborator -- kaliumCross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code.2023-08-116.1CVE-2020-24075
MISC
lepton-cms -- epton-cmsCross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code.2023-08-116.1CVE-2020-24872
MISC
zoho_corporation -- manageengine_password_manager_proCross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload.2023-08-116.1CVE-2020-27449
MISC
MISC
kindsoft -- kindeditorCross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code.2023-08-116.1CVE-2020-28717
MISC
braft-editor -- braft-editorCross Site Scripting (XSS) vulnerability in margox braft-editor version 2.3.8, allows remote attackers to execute arbitrary code via the embed media feature.2023-08-116.1CVE-2021-27524
MISC
opennms -- horizonXXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to XML external entity (XXE) injection, which can be used for instance to force Horizon to make arbitrary HTTP requests to internal and external services. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter and Moshe Apelbaum for reporting this issue.2023-08-116.1CVE-2023-0871
MISC
MISC
wordpress -- wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <= 2.2.0 versions.2023-08-146.1CVE-2023-28535
MISC
wordpress -- wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin <= 5.4.5 versions.2023-08-146.1CVE-2023-30475
MISC
wordpress -- wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions.2023-08-146.1CVE-2023-30483
MISC
wordpress -- wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <= 1.2.16 versions.2023-08-146.1CVE-2023-30489
MISC
jenkins -- jenkinsJenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.2023-08-165.9CVE-2023-40343
MISC
MISC
jerryscript -- jerryscriptAn issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).2023-08-115.5CVE-2020-24187
MISC
MISC
ngiflib -- ngiflibAn issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop).2023-08-115.5CVE-2020-24221
MISC
foxit_software -- pdf_readerBuffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file.2023-08-115.5CVE-2020-35990
MISC
MISC
freedesktop -- popplerAn issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.2023-08-115.5CVE-2020-36024
MISC
MLIST
ffmpeg -- ffmpegInteger overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.2023-08-115.5CVE-2021-28429
MISC
vim -- vimvim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.2023-08-115.5CVE-2021-3236
MISC
apple -- macosThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to modify protected parts of the file system.2023-08-145.5CVE-2022-22646
MISC
apple -- macosAn access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4. An app may be able to leak sensitive user information.2023-08-145.5CVE-2022-22655
MISC
MISC
apple -- macosA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. An app may be able to cause a denial-of-service to Endpoint Security clients.2023-08-145.5CVE-2022-26699
MISC
intel(r) -- unisonUse of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.2023-08-115.5CVE-2022-44612
MISC
apple -- macosA logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system.2023-08-145.5CVE-2022-46722
MISC
google -- androidIn onAccessPointChanged of AccessPointPreference.java, there is a possible way for unprivileged apps to receive a broadcast about WiFi access point change and its BSSID or SSID due to a precondition check failure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-145.5CVE-2023-21230
MISC
google -- androidIn launchConfirmationActivity of ChooseLockSettingsHelper.java, there is a possible way to enable developer options without the lockscreen PIN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-145.5CVE-2023-21234
MISC
google -- androidIn parseInputs of ShimPreparedModel.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-145.5CVE-2023-21271
MISC
MISC
intel(r) -- onevpl_gpuOut-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access.2023-08-115.5CVE-2023-22338
MISC
intel(r) -- onevpl_gpuImproper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.2023-08-115.5CVE-2023-22840
MISC
apple -- macosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.2023-08-145.5CVE-2023-27939
MISC
apple -- macosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.2023-08-145.5CVE-2023-27947
MISC
apple -- macosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.2023-08-145.5CVE-2023-27948
MISC
apple -- macosAn out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. An app may be able to disclose kernel memory.2023-08-145.5CVE-2023-28199
MISC
intel(r) -- hyperscan_libraryInsufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access.2023-08-115.5CVE-2023-28711
MISC
onlyoffice -- document_serverMemory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.2023-08-145.5CVE-2023-30188
MISC
MISC
MISC
MISC
MISC
MISC
intel(r) -- realsense_450_fa_firmwareOut-of-bounds read in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable information disclosure via local access.2023-08-115.5CVE-2023-30760
MISC
intel(r) -- uniteImproper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access.2023-08-115.5CVE-2023-32609
MISC
hcl_software -- hcl_traveler_companionWhen the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.2023-08-115.5CVE-2023-37512
MISC
hcl_software-- traveler_to_doWhen the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.2023-08-115.5CVE-2023-37513
MISC
thinkcmf -- thinkcmfCross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login.2023-08-115.4CVE-2020-25915
MISC
churchcrm -- churchcrmCross Site Scripting (XSS) vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module.2023-08-115.4CVE-2020-28849
MISC
jenkins -- jenkinsJenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control JUnit report file contents.2023-08-165.4CVE-2023-40342
MISC
MISC
jenkins -- jenkinsJenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure shortcut jobs.2023-08-165.4CVE-2023-40346
MISC
MISC
jenkins -- jenkinsJenkins Docker Swarm Plugin 1.11 and earlier does not escape values returned from Docker before inserting them into the Docker Swarm Dashboard view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control responses from Docker.2023-08-165.4CVE-2023-40350
MISC
MISC
wordpress -- wordpress

 
The Comments Like Dislike plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the restore_settings function called via an AJAX action in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to reset the plugin's settings. NOTE: After attempting to contact the developer with no response, and reporting this to the WordPress plugin's team 30 days ago we are disclosing this issue as it still is not updated.2023-08-175.3CVE-2023-3244
MISC
MISC
juniper_networks -- junos_os

 
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify certain PHP environments variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series: * All versions prior to 20.4R3-S9; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R3-S1; * 22.4 versions prior to 22.4R2-S2, 22.4R3.2023-08-175.3CVE-2023-36844
MISC
juniper_networks -- junos_osA PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1-S1, 23.2R2.2023-08-175.3CVE-2023-36845
MISC
juniper_networks -- junos_os

 
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.2023-08-175.3CVE-2023-36846
MISC
juniper_networks -- junos_os

 
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.2023-08-175.3CVE-2023-36847
MISC
huawei -- emuiVulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.2023-08-135.3CVE-2023-39387
MISC
MISC
jenkins -- jenkinsThe webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs in its output.2023-08-165.3CVE-2023-40348
MISC
MISC
jenkins -- jenkinsJenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs.2023-08-165.3CVE-2023-40349
MISC
MISC
wordpress -- wordpress

 
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh_callback_handler function in versions up to, and including, 3.7.9. This makes it possible for unauthenticated attackers to modify the order status of arbitrary WooCommerce orders.2023-08-185.3CVE-2023-4040
MISC
MISC
supermicro-cms -- supermicro-cmsAn issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php.2023-08-114.9CVE-2021-25856
MISC
wordpress -- wordpressAuth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin <= 3.1.0 versions.2023-08-144.8CVE-2023-29097
MISC
wordpress -- wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <= 1.0 versions.2023-08-144.8CVE-2023-30477
MISC
wordpress -- wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <= 7.3.0 versions.2023-08-144.8CVE-2023-30749
MISC
wordpress -- wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <= 1.0.2 versions.2023-08-144.8CVE-2023-30751
MISC
wordpress -- wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <= 2.0.1 versions.2023-08-144.8CVE-2023-30752
MISC
online_travel_agency_system_project -- online_travel_agency_systemCross Site Scripting vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the description parameter in insert.php.2023-08-174.8CVE-2023-31942
MISC
code-projects -- hospital_information_systemCode Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS)2023-08-144.8CVE-2023-37070
MISC
MISC
MISC
snowsoftware -- snow_license_managerCross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser2023-08-114.8CVE-2023-3937
MISC
intel(r)-- pentium_j6426_firmwareImproper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2022-27879
MISC
intel(r)-- pcsd_biosImproper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2022-34657
MISC
intel(r) -- xeon_d-2745nx_firmwareImproper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2022-38083
MISC
intel(r) -- converged_security_management_engine_firmwareImproper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.2023-08-114.4CVE-2022-38102
MISC
intel(r)-- pentium_j6426_firmwareInsufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.2023-08-114.4CVE-2022-43505
MISC
intel(r) -- nuc_biosUse of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-22330
MISC
intel(r) -- nuc_biosImproper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-22356
MISC
intel(r) -- nucImproper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-22444
MISC
intel(r) -- supportIncorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-27392
MISC
intel(r) -- nuc_biosImproper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-27887
MISC
intel(r) -- realsense_450_fa_firmwareUnchecked return value in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow a priviledged user to potentially enable denial of service via local access.2023-08-114.4CVE-2023-29243
MISC
intel(r) -- nuc_biosExposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-29500
MISC
intel(r) -- nuc_biosImproper access control in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access.2023-08-114.4CVE-2023-32285
MISC
apple -- iphone_osA spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing.2023-08-144.3CVE-2022-46725
MISC
hcl_software -- traveler_to_doIf certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved.2023-08-114.3CVE-2023-37511
MISC
postgresql -- postgresqlA vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.2023-08-114.3CVE-2023-39418
MISC
MISC
MISC
MISC
jenkins -- jenkinsA missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.2023-08-164.3CVE-2023-40344
MISC
MISC
mattermost -- mattermostMattermost fails to delete the attachments when deleting a message in a thread allowing a simple user to still be able to access and download the attachment of a deleted message2023-08-114.3CVE-2023-4105
MISC
wordpress -- wordpress

 
The WP Remote Users Sync plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the 'refresh_logs_async' functions in versions up to, and including, 1.2.11. This makes it possible for authenticated attackers with subscriber privileges or above, to view logs.2023-08-164.3CVE-2023-4374
MISC
MISC
MISC

Back to top


 



Low Vulnerabilities



























Primary

Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
apple -- macosA logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13. A shortcut may be able to view the hidden photos album without authentication.2023-08-143.3CVE-2022-32876
MISC
google -- androidIn multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-143.3CVE-2023-21232
MISC
froxlor -- froxlorBusiness Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0.2023-08-112.7CVE-2023-4304
MISC
MISC
apple -- iphone_osThis issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen.2023-08-142.4CVE-2022-46724
MISC

Back to top


 



Severity Not Yet Assigned






























































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































Primary

Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
even_balance,_inc. -- punkbuster

 
Directory Traversal vulnerability in Server functionality in Even Balance Punkbuster version 1.902 before 1.905 allows remote attackers to execute arbitrary code.2023-08-16not yet calculatedCVE-2020-26037
MISC
MISC
MISC
apple -- macos

 
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.2023-08-14not yet calculatedCVE-2022-42828
MISC
wordpress -- wordpress

 
The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.2023-08-16not yet calculatedCVE-2022-4782
MISC
hp_inc. -- hp_and_samsung_printer_softwareCertain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.2023-08-16not yet calculatedCVE-2022-4894
MISC
wordpress -- wordpress

 
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs.2023-08-14not yet calculatedCVE-2022-4953
MISC
MISC
wordpress -- wordpress

 
The Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when creating and editing its shortcode, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack2023-08-16not yet calculatedCVE-2023-0058
MISC
wordpress -- wordpress

 
The URL Params WordPress plugin before 2.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-08-16not yet calculatedCVE-2023-0274
MISC
wordpress -- wordpress

 
The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments2023-08-16not yet calculatedCVE-2023-0551
MISC
wordpress -- wordpress

 
The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks.2023-08-16not yet calculatedCVE-2023-0579
MISC
opennms -- horizonThe Horizon REST API includes a user's endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to elevation of privilege. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue.2023-08-14not yet calculatedCVE-2023-0872
MISC
MISC
wordpress -- wordpress

 
The Yellow Yard Searchbar WordPress plugin before 2.8.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-08-16not yet calculatedCVE-2023-1110
MISC
wordpress -- wordpress

 
The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin2023-08-16not yet calculatedCVE-2023-1465
MISC
wordpress -- wordpress

 
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in its admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network.2023-08-16not yet calculatedCVE-2023-1977
MISC
cisco -- cisco_intersight_virtual_appliance

 
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.2023-08-16not yet calculatedCVE-2023-20013
MISC
cisco -- cisco_intersight_virtual_appliance

 
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.2023-08-16not yet calculatedCVE-2023-20017
MISC
cisco -- cisco_identity_services_engine

 
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to the improper storage of sensitive information within the web-based management interface. An attacker could exploit this vulnerability by logging in to the web-based management interface and viewing hidden fields within the application. A successful exploit could allow the attacker to access sensitive information, including device entry credentials, that could aid the attacker in further attacks.2023-08-16not yet calculatedCVE-2023-20111
MISC
cisco -- cisco_secure_endpoint_private_cloud_console

 
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog.2023-08-16not yet calculatedCVE-2023-20197
MISC
cisco -- cisco_prime_infrastructure

 
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.2023-08-16not yet calculatedCVE-2023-20201
MISC
cisco -- cisco_prime_infrastructure

 
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.2023-08-16not yet calculatedCVE-2023-20203
MISC
cisco -- cisco_prime_infrastructure

 
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.2023-08-16not yet calculatedCVE-2023-20205
MISC
cisco -- cisco_telepresence_video_communication_server_expressway

 
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges.2023-08-16not yet calculatedCVE-2023-20209
MISC
cisco -- cisco_unified_communications_manager

 
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by authenticating to the application as a user with read-only or higher privileges and sending crafted HTTP requests to an affected system. A successful exploit could allow the attacker to read or modify data in the underlying database or elevate their privileges.2023-08-16not yet calculatedCVE-2023-20211
MISC
cisco -- autoit_module_of_clamav

 
A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability by submitting a crafted AutoIt file to be scanned by ClamAV on the affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to restart unexpectedly, resulting in a DoS condition.2023-08-18not yet calculatedCVE-2023-20212
MISC
cisco -- cisco_thousandeyes_recorder_application

 
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing certain commands using sudo. A successful exploit could allow the attacker to view arbitrary files as root on the underlying operating system. The attacker must have valid credentials on the affected device.2023-08-16not yet calculatedCVE-2023-20217
MISC
MISC
MISC
cisco -- cisco_ip_phones_with_multiplatform_firmware

 
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform a factory reset of the affected device, resulting in a Denial of Service (DoS) condition.2023-08-16not yet calculatedCVE-2023-20221
MISC
cisco -- cisco_prime_infrastructure

 
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2023-08-16not yet calculatedCVE-2023-20222
MISC
cisco -- cisco_thousandeyes_recorder_application

 
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device.2023-08-16not yet calculatedCVE-2023-20224
MISC
MISC
MISC
cisco -- cisco_unified_computing_system

 
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.2023-08-16not yet calculatedCVE-2023-20228
MISC
cisco -- cisco_duo_device_health_application

 
A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks and overwrite arbitrary files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a directory traversal attack on an affected host. A successful exploit could allow an attacker to use a cryptographic key to overwrite arbitrary files with SYSTEM-level privileges, resulting in a denial of service (DoS) condition or data loss on the affected system.2023-08-16not yet calculatedCVE-2023-20229
MISC
cisco -- cisco_unified_contact_center_express

 
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper input validation of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a specific API endpoint on the Unified CCX Finesse Portal. A successful exploit could allow the attacker to cause the internal WebProxy to redirect users to an attacker-controlled host.2023-08-16not yet calculatedCVE-2023-20232
MISC
cisco -- cisco_intersight_virtual_appliance

 
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker access to internal subnets beyond the sphere of their intended access level.2023-08-16not yet calculatedCVE-2023-20237
MISC
cisco -- cisco_unified_communications_managerA vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM Presence Service (Unified CM IM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2023-08-16not yet calculatedCVE-2023-20242
MISC
amd -- ryzen(tm)_masterInsufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service.2023-08-15not yet calculatedCVE-2023-20560
MISC
amd -- ryzen(tm)_masterInsufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution.2023-08-15not yet calculatedCVE-2023-20564
MISC
google -- androidIn processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-20965
MISC
MISC
MISC
MISC
obsidian -- obsidianImproper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/". This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies text from a malicious webpage and paste it into Obsidian.2023-08-19not yet calculatedCVE-2023-2110
MISC
MISC
google -- androidIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21132
MISC
MISC
google -- androidIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21133
MISC
MISC
google -- androidIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21134
MISC
MISC
google -- androidIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21140
MISC
MISC
wordpress -- wordpress

 
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize and escape the iowd_tabs_active parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link.2023-08-16not yet calculatedCVE-2023-2122
MISC
wordpress -- wordpress

 
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.2023-08-16not yet calculatedCVE-2023-2123
MISC
MISC
google -- androidIn onCreate of LockSettingsActivity.java, there is a possible way set a new lock screen PIN without entering the existing PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21235
MISC
google -- androidIn isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21242
MISC
MISC
google -- androidIn multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21264
MISC
MISC
MISC
google -- androidIn multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21265
MISC
MISC
google -- androidIn doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21267
MISC
MISC
google -- androidIn update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21268
MISC
MISC
google -- androidIn startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21269
MISC
MISC
google -- androidIn convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21274
MISC
MISC
google -- androidIn decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21275
MISC
MISC
google -- androidIn writeToParcel of CursorWindow.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21276
MISC
MISC
google -- androidIn visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21277
MISC
MISC
google -- androidIn multiple locations, there is a possible way to obscure the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21278
MISC
MISC
google -- androidIn visitUris of RemoteViews.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21279
MISC
MISC
google -- androidIn setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21280
MISC
MISC
google -- androidIn multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21281
MISC
MISC
google -- androidIn TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.2023-08-14not yet calculatedCVE-2023-21282
MISC
MISC
google -- androidIn multiple functions of StatusHints.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.2023-08-14not yet calculatedCVE-2023-21283
MISC
MISC
MISC
google -- androidIn multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21284
MISC
MISC
google -- androidIn setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21285
MISC
MISC
google -- androidIn visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21286
MISC
MISC
google -- androidIn multiple locations, there is a possible code execution due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21287
MISC
MISC
google -- androidIn visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21288
MISC
MISC
google -- androidIn multiple locations, there is a possible bypass of a multiuser security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21289
MISC
MISC
google -- androidIn update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21290
MISC
MISC
google -- androidIn openContentUri of ActivityManagerService.java, there is a possible way for a third-party app to obtain restricted files due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21292
MISC
MISC
wordpress -- wordpress

 
The SEO Alert WordPress plugin through 1.59 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).2023-08-16not yet calculatedCVE-2023-2225
MISC
wordpress -- wordpress

 
The Ko-fi Button WordPress plugin before 1.3.3 does not properly some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup), and we consider it a low risk.2023-08-16not yet calculatedCVE-2023-2254
MISC
wordpress -- wordpressThe Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attack2023-08-16not yet calculatedCVE-2023-2271
MISC
wordpress -- wordpress

 
The Tiempo.com WordPress plugin through 0.1.2 does not sanitize and escape the page parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin2023-08-16not yet calculatedCVE-2023-2272
MISC
audiocodes -- voip_desk_phones

 
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is able to store malicious firmware.2023-08-11not yet calculatedCVE-2023-22955
MISC
MISC
FULLDISC
MISC
audiocodes -- voip_desk_phones

 
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information.2023-08-11not yet calculatedCVE-2023-22956
MISC
MISC
FULLDISC
MISC
audiocodes -- voip_desk_phones

 
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.2023-08-11not yet calculatedCVE-2023-22957
MISC
MISC
FULLDISC
MISC
google -- chromeUse after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-2312
MISC
MISC
MISC
MISC
typora -- typora

 
Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.2023-08-19not yet calculatedCVE-2023-2316
MISC
MISC
typora -- typora

 
DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in tag. This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.2023-08-19not yet calculatedCVE-2023-2317
MISC
MISC
marktext -- marktext

 
DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into MarkText.2023-08-19not yet calculatedCVE-2023-2318
MISC
MISC
genesys -- genesys_administrator_extension

 
Genesys Administrator Extension (GAX) before 9.0.105.15 is vulnerable to Cross Site Scripting (XSS) via the Business Structure page of the iWD plugin, aka GAX-11261.2023-08-13not yet calculatedCVE-2023-23208
CONFIRM
intel(r) -- xeon(r)_scalable_processors

 
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.2023-08-11not yet calculatedCVE-2023-23908
MISC
MISC
MISC
MISC
intel(r) -- quartus(r)_prime_pro_edition_for_linux

 
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access.2023-08-15not yet calculatedCVE-2023-24478
MISC
zte -- multiple_products

 
There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event.2023-08-17not yet calculatedCVE-2023-25647
MISC
wordpress -- wordpress

 
The WP Brutal AI WordPress plugin before 2.06 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).2023-08-14not yet calculatedCVE-2023-2606
MISC
excalidraw -- excalidraw

 
Versions of the package @excalidraw/excalidraw from 0.0.0 are vulnerable to Cross-site Scripting (XSS) via embedded links in whiteboard objects due to improper input sanitization.2023-08-16not yet calculatedCVE-2023-26140
MISC
MISC
MISC
jorani -- jorani

 
In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.2023-08-17not yet calculatedCVE-2023-26469
MISC
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paul Kehrer Updraft plugin <= 0.6.1 versions.2023-08-17not yet calculatedCVE-2023-26530
MISC
thales -- safenet_authtentication_service_agent

 
Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation.2023-08-16not yet calculatedCVE-2023-2737
MISC
insyde_software -- insydeh20

 
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. Exploitation of this vulnerability could potentially lead to denial of service for the platform.2023-08-18not yet calculatedCVE-2023-27471
MISC
phplist -- phplist

 
An issue was discovered in phpList 3.6.12. Due to an access error, it was possible to manipulate and edit data of the system's super admin, allowing one to perform an account takeover of the user with super-admin permission.2023-08-18not yet calculatedCVE-2023-27576
MISC
wordpress -- wordpress

 
The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)2023-08-14not yet calculatedCVE-2023-2802
MISC
wordpress -- wordpress

 
The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.2023-08-14not yet calculatedCVE-2023-2803
MISC
dell -- cpg_bios

 
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.2023-08-16not yet calculatedCVE-2023-28075
MISC
tigergraph -- tigergraphdb_enterprise

 
An issue was discovered in Tigergraph Enterprise 3.7.0. There is unsecured write access to SSH authorized keys file. Any code running as the tigergraph user is able to add their SSH public key into the authorized keys file. This allows an attacker to obtain password-less SSH key access by using their own SSH key.2023-08-14not yet calculatedCVE-2023-28481
MISC
tigergraph -- tigergraphdb_enterprise

 
An issue was discovered in Tigergraph Enterprise 3.7.0. A single TigerGraph instance can host multiple graphs that are accessed by multiple different users. The TigerGraph platform does not protect the confidentiality of any data uploaded to the remote server. In this scenario, any user that has permissions to upload data can browse data uploaded by any other user (irrespective of their permissions).2023-08-14not yet calculatedCVE-2023-28482
MISC
tigergraph -- tigergraphdb_enterprise

 
An issue was discovered in Tigergraph Enterprise 3.7.0. The GSQL query language provides users with the ability to write data to files on a remote TigerGraph server. The locations that a query is allowed to write to are configurable via the GSQL.FileOutputPolicy configuration setting. GSQL queries that contain UDFs can bypass this configuration setting and, as a consequence, can write to any file location to which the administrative user has access.2023-08-14not yet calculatedCVE-2023-28483
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Williams Cab Grid plugin <= 1.5.15 versions.2023-08-17not yet calculatedCVE-2023-28533
MISC
wordpress -- wordpress

 
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions.2023-08-17not yet calculatedCVE-2023-28622
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Steinbrecher WP BrowserUpdate plugin <= 4.5 versions.2023-08-17not yet calculatedCVE-2023-28690
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Balasaheb Bhise Advanced Youtube Channel Pagination plugin <= 1.0 version.2023-08-17not yet calculatedCVE-2023-28693
MISC
wordpress -- wordpress

 
Auth. (shop manager+) Stored Cross-Site Scripting (XSS) vulnerability in PHPRADAR Woocommerce Tip/Donation plugin <= 1.2 versions.2023-08-17not yet calculatedCVE-2023-28783
MISC
asustor -- adm

 
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Printer service functionality in ASUSTOR Data Master (ADM) allows remote unauthorized users to execute arbitrary commands via unspecified vectors. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.2023-08-17not yet calculatedCVE-2023-2910
MISC
rockwell_automation -- thinmanager_thinserver

 
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial-of-service condition in the software.2023-08-17not yet calculatedCVE-2023-2914
MISC
rockwell_automation -- thinmanager_thinserver

 
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.2023-08-17not yet calculatedCVE-2023-2915
MISC
rockwell_automation -- thinmanager_thinserver

 
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.  Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed.  A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.2023-08-17not yet calculatedCVE-2023-2917
MISC
fortinet -- fortios

 
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.2023-08-17not yet calculatedCVE-2023-29182
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for Icomoon plugin <= 2.0 versions.2023-08-18not yet calculatedCVE-2023-29387
MISC
texas_instruments -- wilink8-wifi-mcp8

 
The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier.2023-08-14not yet calculatedCVE-2023-29468
MISC
typora -- typora

 
Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.2023-08-19not yet calculatedCVE-2023-2971
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov YML for Yandex Market plugin <= 3.10.7 versions.2023-08-16not yet calculatedCVE-2023-30473
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeFlavors Vimeotheque: Vimeo WordPress Plugin <= 2.2.1 versions.2023-08-15not yet calculatedCVE-2023-30498
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.32.7212 versions.2023-08-18not yet calculatedCVE-2023-30499
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPGem WooCommerce Easy Duplicate Product plugin <= 0.3.0.0 versions.2023-08-15not yet calculatedCVE-2023-30747
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt plugin <= 1.8.5 versions.2023-08-14not yet calculatedCVE-2023-30754
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry plugin <= 10.0.1 versions.2023-08-15not yet calculatedCVE-2023-30778
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jonathan Daggerhart Query Wrangler plugin <= 1.5.51 versions.2023-08-16not yet calculatedCVE-2023-30779
MISC
lenovo -- universal_device_client

 
An uncontrolled search path vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.2023-08-17not yet calculatedCVE-2023-3078
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.5 versions.2023-08-16not yet calculatedCVE-2023-30782
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kaya Studio Kaya QR Code Generator plugin <= 1.5.2 versions.2023-08-16not yet calculatedCVE-2023-30784
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Video Grid plugin <= 1.21 versions.2023-08-16not yet calculatedCVE-2023-30785
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Benjamin Guy Captcha Them All plugin <= 1.3.3 versions.2023-08-16not yet calculatedCVE-2023-30786
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PT Woo Plugins (by Webdados) Stock Exporter for WooCommerce plugin <= 1.1.0 versions.2023-08-16not yet calculatedCVE-2023-30871
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Steve Curtis, St. Pete Design Gps Plotter plugin <= 5.1.4 versions.2023-08-17not yet calculatedCVE-2023-30874
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in All My Web Needs Logo Scheduler plugin <= 1.2.0 versions.2023-08-18not yet calculatedCVE-2023-30875
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dave Ross Dave's WordPress Live Search plugin <= 4.8.1 versions.2023-08-17not yet calculatedCVE-2023-30876
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov XML for Google Merchant Center plugin <= 3.0.1 versions.2023-08-17not yet calculatedCVE-2023-30877
MISC
insyde_software -- insydeh20

 
An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.2023-08-14not yet calculatedCVE-2023-31041
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.14 versions.2023-08-17not yet calculatedCVE-2023-31071
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Praveen Goswami Advanced Category Template plugin <= 0.1 versions.2023-08-17not yet calculatedCVE-2023-31072
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in hupe13 Extensions for Leaflet Map plugin <= 3.4.1 versions.2023-08-17not yet calculatedCVE-2023-31074
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.6 versions.2023-08-17not yet calculatedCVE-2023-31076
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Roberts Tippy plugin <= 6.2.1 versions.2023-08-17not yet calculatedCVE-2023-31079
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pradeep Singh Dynamically Register Sidebars plugin <= 1.0.1 versions.2023-08-17not yet calculatedCVE-2023-31091
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin <= 2.4.0 versions.2023-08-18not yet calculatedCVE-2023-31094
MISC
wordpress -- wordpress

 
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions.2023-08-18not yet calculatedCVE-2023-31218
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions.2023-08-18not yet calculatedCVE-2023-31228
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Artiss Plugins List plugin <= 2.5 versions.2023-08-18not yet calculatedCVE-2023-31232
MISC
zoho_corporation -- manageengine_admanager_plus

 
Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated attackers to view user passwords after executing backup or recovery operations on user accounts.2023-08-17not yet calculatedCVE-2023-31492
MISC
eset,_spol._s_r.o. -- multiple_products

 
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.2023-08-14not yet calculatedCVE-2023-3160
MISC
node.js -- node.js

 
`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.2023-08-15not yet calculatedCVE-2023-32003
MISC
MISC
MISC
node.js -- node.js

 
A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.2023-08-15not yet calculatedCVE-2023-32004
MISC
MISC
MISC
node.js -- node.js

 
The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.2023-08-15not yet calculatedCVE-2023-32006
MISC
MISC
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Theme Palace TP Education plugin <= 4.4 versions.2023-08-18not yet calculatedCVE-2023-32103
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.17.1 versions.2023-08-18not yet calculatedCVE-2023-32105
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fahad Mahmood WP Docs plugin <= 1.9.9 versions.2023-08-18not yet calculatedCVE-2023-32106
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions.2023-08-18not yet calculatedCVE-2023-32107
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio Online plugin <= 4.6.3 versions.2023-08-18not yet calculatedCVE-2023-32108
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio Online plugin <= 4.6.3 versions.2023-08-18not yet calculatedCVE-2023-32109
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy Plugins Spiffy Calendar plugin <= 4.9.3 versions.2023-08-18not yet calculatedCVE-2023-32122
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.6 versions.2023-08-18not yet calculatedCVE-2023-32130
MISC
dell -- cpg_bios

 
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security critical UEFI variable without knowledge of the BIOS administrator.2023-08-16not yet calculatedCVE-2023-32453
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges.2023-08-16not yet calculatedCVE-2023-32486
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure.2023-08-16not yet calculatedCVE-2023-32487
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.2023-08-16not yet calculatedCVE-2023-32488
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.  2023-08-16not yet calculatedCVE-2023-32489
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover.2023-08-16not yet calculatedCVE-2023-32490
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure.2023-08-16not yet calculatedCVE-2023-32491
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.2023-08-16not yet calculatedCVE-2023-32492
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.2023-08-16not yet calculatedCVE-2023-32493
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.2023-08-16not yet calculatedCVE-2023-32494
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 8.2.x-9.5.x, contains an exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges.2023-08-16not yet calculatedCVE-2023-32495
MISC
cisco -- cisco_adaptive_security_appliance

 
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database. Successful exploitation allows the malicious agent to take actions with administrator privileges including, but not limited to, manipulating power levels, modifying user accounts, and exporting confidential user information.2023-08-14not yet calculatedCVE-2023-3259
MISC
cyberpower -- powerpanel_enterprise

 
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.2023-08-14not yet calculatedCVE-2023-3260
MISC
cyberpower -- powerpanel_enterprise

 
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.2023-08-14not yet calculatedCVE-2023-3261
MISC
cisco -- cisco_adaptive_security_appliance

 
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records.2023-08-14not yet calculatedCVE-2023-3262
MISC
logitec_corporation -- multiple_products

 
Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions allow an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands.2023-08-18not yet calculatedCVE-2023-32626
MISC
MISC
cisco -- cisco_adaptive_security_appliance

 
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials. Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.2023-08-14not yet calculatedCVE-2023-3263
MISC
cisco -- cisco_adaptive_security_appliance

 
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials. Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.2023-08-14not yet calculatedCVE-2023-3264
MISC
cyberpower -- powerpanel_enterprise

 
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character. An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials.2023-08-14not yet calculatedCVE-2023-3265
MISC
cyberpower -- powerpanel_enterprise

 
A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator by selecting LDAP authentication from a hidden HTML combo box. Successful exploitation of this vulnerability also requires the attacker to know at least one username on the device, but any password will authenticate successfully.2023-08-14not yet calculatedCVE-2023-3266
MISC
cyberpower -- powerpanel_enterprise

 
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.2023-08-14not yet calculatedCVE-2023-3267
MISC
mitel_networks_corp. -- mivoice_connect

 
The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.2023-08-14not yet calculatedCVE-2023-32748
MISC
MISC
moxa -- tn-5900_series

 
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors. 2023-08-17not yet calculatedCVE-2023-33237
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices.2023-08-17not yet calculatedCVE-2023-33238
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient input validation in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices.2023-08-17not yet calculatedCVE-2023-33239
MISC
wordpress -- wordpress

 
The Custom Field For WP Job Manager WordPress plugin before 1.2 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)2023-08-14not yet calculatedCVE-2023-3328
MISC
prestashop -- prestashop

 
In the module “Customization fields fee for your store” (aicustomfee) from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue.2023-08-16not yet calculatedCVE-2023-33663
MISC
MISC
moxa -- tn-5900_series

 
TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices. 2023-08-17not yet calculatedCVE-2023-34213
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious users to execute remote code on affected devices.2023-08-17not yet calculatedCVE-2023-34214
MISC
moxa -- tn-5900_series

 
TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the certification-generation function, which could potentially allow malicious users to execute remote code on affected devices. 2023-08-17not yet calculatedCVE-2023-34215
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.2023-08-17not yet calculatedCVE-2023-34216
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-delete function, which could potentially allow malicious users to delete arbitrary files.2023-08-17not yet calculatedCVE-2023-34217
MISC
wordpress -- wordpress

 
The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitize and escape several parameters before using it in a SQL statement as part of its exportation feature, allowing unauthenticated attackers to conduct SQL injection attacks.2023-08-14not yet calculatedCVE-2023-3435
MISC
lenovo -- notebook

 
A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.2023-08-17not yet calculatedCVE-2023-34419
MISC
ibm -- cognos_analytics

 
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system information without authentication which could be used in reconnaissance to gather information that could be used for future attacks. IBM X-Force ID: 257703.2023-08-16not yet calculatedCVE-2023-35009
MISC
MISC
ibm -- cognos_analytics

 
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 257705.2023-08-16not yet calculatedCVE-2023-35011
MISC
MISC
ivanti -- epmm

 
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.2023-08-15not yet calculatedCVE-2023-35082
MISC
google -- androidIn checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-35689
MISC
ibm -- security_guardiumIBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824.2023-08-16not yet calculatedCVE-2023-35893
MISC
MISC
logitec_corporation -- multiple_productsHidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions.2023-08-18not yet calculatedCVE-2023-35991
MISC
MISC
wordpress -- wordpressThe Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.2023-08-14not yet calculatedCVE-2023-3601
MISC
powerjob -- powerjobAn incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list.2023-08-17not yet calculatedCVE-2023-36106
MISC
MISC
wordpress -- wordpressThe Contact Form Builder by Bit Form WordPress plugin before 2.2.0 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)2023-08-14not yet calculatedCVE-2023-3645
MISC
asustor -- admPrinter service fails to adequately handle user input, allowing a remote unauthorized user to navigate beyond the intended directory structure and create files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.2023-08-17not yet calculatedCVE-2023-3697
MISC
asustor -- admPrinter service fails to adequately handle user input, allowing a remote unauthorized user to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.2023-08-17not yet calculatedCVE-2023-3698
MISC
wordpress -- wordpressThe WP-EMail WordPress plugin before 2.69.1 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)2023-08-14not yet calculatedCVE-2023-3721
MISC
xwiki -- xwiki-platformXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can view `Invitation.WebHome` can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. This vulnerability has been patched on XWiki 14.4.8, 15.2-rc-1, and 14.10.6. Users are advised to upgrade. Users unable to upgrade may manually apply the patch on `Invitation.InvitationCommon` and `Invitation.InvitationConfig`, but there are otherwise no known workarounds for this vulnerability.2023-08-17not yet calculatedCVE-2023-37914
MISC
MISC
MISC
logitec_corporation -- lan-w451ngrLAN-W451NGR all versions provided by LOGITEC CORPORATION contains an improper access control vulnerability, which allows an unauthenticated attacker to log in to telnet service.2023-08-18not yet calculatedCVE-2023-38132
MISC
MISC
hewlett_packard_enterprise -- hpe_aruba_networking_virtual_intranet_accessA vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.2023-08-15not yet calculatedCVE-2023-38401
MISC
hewlett_packard_enterprise -- hpe_aruba_networking_virtual_intranet_accessA vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.2023-08-15not yet calculatedCVE-2023-38402
MISC
logitec_corporation -- lan-wh300n/reHidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console.2023-08-18not yet calculatedCVE-2023-38576
MISC
MISC
svelecte -- svelecteSvelecte is a flexible autocomplete/select component written in Svelte. Svelecte item names are rendered as raw HTML with no escaping. This allows the injection of arbitrary HTML into the Svelecte dropdown. This can be exploited to execute arbitrary JavaScript whenever a Svelecte dropdown is opened. Item names given to Svelecte appear to be directly rendered as HTML by the default item renderer. This means that any HTML tags in the name are rendered as HTML elements not as text. Note that the custom item renderer shown in https://mskocik.github.io/svelecte/#item-rendering is also vulnerable to the same exploit. Any site that uses Svelecte with dynamically created items either from an external source or from user-created content could be vulnerable to an XSS attack (execution of untrusted JavaScript), clickjacking or any other attack that can be performed with arbitrary HTML injection. The actual impact of this vulnerability for a specific application depends on how trustworthy the sources that provide Svelecte items are and the steps that the application has taken to mitigate XSS attacks. XSS attacks using this vulnerability are mostly mitigated by a Content Security Policy that blocks inline JavaScript. This issue has been addressed in version 3.16.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-14not yet calculatedCVE-2023-38687
MISC
ibm -- i

 
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173.2023-08-14not yet calculatedCVE-2023-38721
MISC
MISC
ibm -- webspher_application_server_liberty

 
IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 262567.2023-08-16not yet calculatedCVE-2023-38737
MISC
MISC
ibm -- txseries_for_multiplatforms

 
IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905.2023-08-14not yet calculatedCVE-2023-38741
MISC
MISC
kidus_minimati -- kidus_minimati

 
SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component.2023-08-17not yet calculatedCVE-2023-38838
MISC
MISC
MISC
kidus_minimati -- kidus_minimati

 
SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via theID parameter in the fulldelete.php component.2023-08-18not yet calculatedCVE-2023-38839
MISC
bitwarden -- bitwarden

 
Bitwarden Windows Desktop v2023.5.1 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process.2023-08-15not yet calculatedCVE-2023-38840
MISC
MISC
MISC
atlos -- atlos

 
An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function.2023-08-17not yet calculatedCVE-2023-38843
MISC
MISC
codedoc -- codedoc

 
Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker to cause a denial of service via the codedoc.c:1742 component.2023-08-15not yet calculatedCVE-2023-38850
MISC
langchain -- langchain

 
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter.2023-08-15not yet calculatedCVE-2023-38860
MISC
wavlink -- wl_wnj575a3

 
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.2023-08-15not yet calculatedCVE-2023-38861
MISC
comfast -- cf-xr11

 
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.2023-08-15not yet calculatedCVE-2023-38862
MISC
comfast -- cf-xr11

 
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.2023-08-15not yet calculatedCVE-2023-38863
MISC
comfast -- cf-xr11

 
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt.2023-08-15not yet calculatedCVE-2023-38864
MISC
comfast -- cf-xr11

 
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.2023-08-15not yet calculatedCVE-2023-38865
MISC
comfast -- cf-xr11

 
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and display_name.2023-08-15not yet calculatedCVE-2023-38866
MISC
alluxio -- alluxio

 
An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroups(java.lang.String).2023-08-15not yet calculatedCVE-2023-38889
MISC
online_shopping_portal_project -- online_shopping_portal_project

 
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.2023-08-18not yet calculatedCVE-2023-38890
MISC
tree-kit -- tree-kit

 
A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function.2023-08-16not yet calculatedCVE-2023-38894
MISC
MISC
MISC
langchain -- langchain

 
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions.2023-08-15not yet calculatedCVE-2023-38896
MISC
MISC
MISC
cpython -- cpython

 
An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component.2023-08-15not yet calculatedCVE-2023-38898
MISC
MISC
ruijie_networks -- multiple_products

 
A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field.2023-08-17not yet calculatedCVE-2023-38902
MISC
netlify_cms -- netlify_cms

 
A Cross Site Scripting (XSS) vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function.2023-08-16not yet calculatedCVE-2023-38904
MISC
jeecg-boot -- jeecg-boot

 
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.2023-08-17not yet calculatedCVE-2023-38905
MISC
MISC
cszcms-- cszcms

 
CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the 'Carousel Wiget' section and choosing our carousel widget created above, in 'Photo URL' and 'YouTube URL' plugin.2023-08-18not yet calculatedCVE-2023-38910
MISC
cszcms-- cszcms

 
A Cross-Site Scripting (XSS) vulnerability in CSZ CMS 1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Gallery parameter in the YouTube URL fields.2023-08-18not yet calculatedCVE-2023-38911
MISC
MISC
easyadmin8 -- easyadmin8 

 
File Upload vulnerability in Wolf-leo EasyAdmin8 v.1.0 allows a remote attacker to execute arbitrary code via the upload type function.2023-08-15not yet calculatedCVE-2023-38915
MISC
evotingsystem-php -- evotingsystem-php

 
SQL Injection vulnerability in eVotingSystem-PHP v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the user input fields.2023-08-15not yet calculatedCVE-2023-38916
MISC
campcodes -- online_matrimonial_website_system_script

 
install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document.2023-08-16not yet calculatedCVE-2023-39115
MISC
MISC
MISC
MISC
ntsc-crt_2.2.1 -- ntsc-crt_2.2.1

 
NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmp_rw.c because a file's width, height, and BPP are not validated. NOTE: the vendor's perspective is "this main application was not intended to be a well-tested program, it's just something to demonstrate it works and for the user to see how to integrate it into their own programs."2023-08-18not yet calculatedCVE-2023-39125
MISC
dell -- dell_storage_integration_tools_for_vmware

 
Dell Storage Integration Tools for VMware (DSITV) 06.01.00.016 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks.2023-08-16not yet calculatedCVE-2023-39250
MISC
mitel_networks_corp. -- mivoice_office_400_smb_controller

 
A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary database and management operations.2023-08-14not yet calculatedCVE-2023-39292
MISC
mitel_networks_corp. -- mivoice_office_400_smb_controller

 
A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to execute arbitrary commands within the context of the system.2023-08-14not yet calculatedCVE-2023-39293
MISC
north_grid_corporation -- multiple_products

 
Improper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote unauthenticated attacker to log in to the product's Control Panel and perform an unintended operation.2023-08-18not yet calculatedCVE-2023-39415
MISC
MISC
MISC
north_grid_corporation -- multiple_products

 
Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote authenticated attacker with an administrative privilege to execute arbitrary OS commands.2023-08-18not yet calculatedCVE-2023-39416
MISC
MISC
MISC
sap_se -- cla_assistant

 
A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. This allows an arbitrary authenticated user to read CLA information including information of the persons who signed them as well as custom fields the CLA requester had configured. In addition, an arbitrary authenticated user can update or delete the CLA-configuration for repositories or organizations using CLA-assistant. The stored access tokens for GitHub are not affected, as these are redacted from the API-responses.2023-08-15not yet calculatedCVE-2023-39438
MISC
logitec_corporation -- lan-wh300n/re

 
Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an unauthenticated attacker to execute arbitrary code by sending a specially crafted file to the product's certain management console.2023-08-18not yet calculatedCVE-2023-39445
MISC
MISC
elecom_co._ltd.-- multiple_products

 
Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code.2023-08-18not yet calculatedCVE-2023-39454
MISC
MISC
elecom_co._ltd. -- multiple_products

 
OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-F1167ACF2 all versions, WRC-1467GHBK-S all versions, and WRC-1900GHBK-S all versions.2023-08-18not yet calculatedCVE-2023-39455
MISC
MISC
recruit_co._ltd. -- rikunabi_next_app_for_androidImproper authorization in the custom URL scheme handler in "Rikunabi NEXT" App for Android prior to ver. 11.5.0 allows a malicious intent to lead the vulnerable App to access an arbitrary website.2023-08-16not yet calculatedCVE-2023-39507
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39534
MISC
MISC
MISC
MISC
MISC
langchain -- langchain

 
An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component.2023-08-15not yet calculatedCVE-2023-39659
MISC
MISC
pandas-ai -- pandas-ai

 
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the _is_jailbreak function.2023-08-15not yet calculatedCVE-2023-39661
MISC
llama_index -- llama_index

 
An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function.2023-08-15not yet calculatedCVE-2023-39662
MISC
d-link -- dir-842

 
D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters.2023-08-18not yet calculatedCVE-2023-39666
MISC
MISC
MISC
d-link -- dir-880

 
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824.2023-08-18not yet calculatedCVE-2023-39669
MISC
MISC
MISC
tenda -- ac6

 
Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets.2023-08-18not yet calculatedCVE-2023-39670
MISC
MISC
d-link -- dir-880

 
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68.2023-08-18not yet calculatedCVE-2023-39671
MISC
MISC
MISC
tenda -- wh450

 
Tenda WH450 v1.0.0.18 was discovered to contain a buffer overflow via the function fgets.2023-08-18not yet calculatedCVE-2023-39672
MISC
MISC
tenda -- ac15

 
Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34().2023-08-18not yet calculatedCVE-2023-39673
MISC
MISC
d-link -- dir-880

 
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets.2023-08-18not yet calculatedCVE-2023-39674
MISC
MISC
MISC
lrzip -- lrzip

 
lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.2023-08-17not yet calculatedCVE-2023-39741
MISC
MISC
lrzip-next_lzma -- lrzip-next_lzma

 
lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c.2023-08-17not yet calculatedCVE-2023-39743
MISC
MISC
etekcity -- 3-in-1_smart_door_lock

 
Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.2023-08-15not yet calculatedCVE-2023-39841
MISC
digoo -- dg-hamb_smart_home_security_system

 
Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.2023-08-15not yet calculatedCVE-2023-39842
MISC
suleve -- 5-in-1_smart_door_lock

 
Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.2023-08-15not yet calculatedCVE-2023-39843
MISC
konga -- konga

 
An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token.2023-08-16not yet calculatedCVE-2023-39846
MISC
yubico -- yubihsm_2_sdk

 
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory.2023-08-14not yet calculatedCVE-2023-39908
MISC
elecom_co._ltd. -- wrc-1167acf/wrc-1750ghbk3

 
OS command injection vulnerability in WRC-F1167ACF all versions, and WRC-1750GHBK all versions allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request.2023-08-18not yet calculatedCVE-2023-39944
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled `BadParamException` in fastcdr, which in turn crashes fastdds. Versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39945
MISC
MISC
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PID_PROPERTY_LIST parameter that contains a CDR string with length larger than the size of actual content. In `eprosima::fastdds::dds::ParameterPropertyList_t::push_back_helper`, `memcpy` is called to first copy the octet'ized length and then to copy the data into `properties_.data`. At the second memcpy, both `data` and `size` can be controlled by anyone that sends the CDR string to the discovery multicast port. This can remotely crash any Fast-DDS process. Versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39946
MISC
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed `PID_PROPERTY_LIST` parameters cause heap overflow at a different program counter. This can remotely crash any Fast-DDS process. Versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39947
MISC
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the `BadParamException` thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39948
MISC
MISC
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39949
MISC
MISC
MISC
MISC
siemens -- efibootguard

 
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. This is triggered when the affected components try to modify a manipulated environment, in particular its user variables. Furthermore, `bg_printenv` may crash over invalid read accesses or report invalid results. Not affected by this issue is EFI Boot Guard's bootloader EFI binary. EFI Boot Guard release v0.15 contains required patches to sanitize and validate the bootloader environment prior to processing it in userspace. Its library and tools should be updated, so should programs statically linked against it. An update of the bootloader EFI executable is not required. The only way to prevent the issue with an unpatched EFI Boot Guard version is to avoid accesses to user variables, specifically modifications to them.2023-08-14not yet calculatedCVE-2023-39950
MISC
MISC
MISC
MISC
MISC
joomla -- joomla

 
Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution.2023-08-17not yet calculatedCVE-2023-39970
MISC
joomla -- joomla

 
Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3.2023-08-17not yet calculatedCVE-2023-39971
MISC
MISC
joomla -- joomlaImproper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists.2023-08-17not yet calculatedCVE-2023-39972
MISC
MISC
joomla -- joomla

 
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns.2023-08-17not yet calculatedCVE-2023-39973
MISC
MISC
joomla -- joomla

 
Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list.2023-08-17not yet calculatedCVE-2023-39974
MISC
MISC
massachusetts_institute_of_technology -- kerberos_5

 
kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.2023-08-16not yet calculatedCVE-2023-39975
CONFIRM
MISC
MISC
svg-loader -- svg-loader

 
SVG Loader is a javascript library that fetches SVGs using XMLHttpRequests and injects the SVG code in the tag's place. According to the docs, svg-loader will strip all JS code before injecting the SVG file for security reasons, but the input sanitization logic is not sufficient and can be trivially bypassed. This allows an attacker to craft a malicious SVG which can result in Cross-site Scripting (XSS). When trying to sanitize the svg the lib removes event attributes such as `onmouseover`, `onclick` but the list of events is not exhaustive. Any website which uses external-svg-loader and allows its users to provide svg src, upload svg files would be susceptible to stored XSS attack. This issue has been addressed in commit `d3562fc08` which is included in releases from 1.6.9. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-14not yet calculatedCVE-2023-40013
MISC
MISC
MISC
MISC
privateuploader -- privateuploader

 
PrivateUploader is an open-source image hosting server written in Vue and TypeScript. In affected versions `app/routes/v3/admin.controller.ts` did not correctly verify whether the user was an administrator (High Level) or moderator (Low Level) causing the request to continue processing. The response would be a 403 with ADMIN_ONLY, however, next() would call leading to any updates/changes in the route to process. This issue has been addressed in version 3.2.49. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-14not yet calculatedCVE-2023-40020
MISC
MISC
oppia -- oppia

 
Oppia is an online learning platform. When comparing a received CSRF token against the expected token, Oppia uses the string equality operator (`==`), which is not safe against timing attacks. By repeatedly submitting invalid tokens, an attacker can brute force the expected CSRF token character by character. Once they have recovered the token, they can then submit a forged request on behalf of a logged-in user and execute privileged actions on that user's behalf. In particular the function to validate received CSRF tokens is at `oppia.core.controllers.base.CsrfTokenManager.is_csrf_token_valid`. An attacker who can lure a logged-in Oppia user to a malicious website can perform any change on Oppia that the user is authorized to do, including changing profile information; creating, deleting, and changing explorations; etc. Note that the attacker cannot change a user's login credentials. An attack would need to complete within 1 second because every second, the time used in computing the token changes. This issue has been addressed in commit `b89bf80837` which has been included in release `3.3.2-hotfix-2`. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-16not yet calculatedCVE-2023-40021
MISC
MISC
MISC
MISC
yaklang -- yaklang

 
yaklang is a programming language designed for cybersecurity. The Yak Engine has been found to contain a local file inclusion (LFI) vulnerability. This vulnerability allows attackers to include files from the server's local file system through the web application. When exploited, this can lead to the unintended exposure of sensitive data, potential remote code execution, or other security breaches. Users utilizing versions of the Yak Engine prior to 1.2.4-sp1 are impacted. This vulnerability has been patched in version 1.2.4-sp1. Users are advised to upgrade. users unable to upgrade may avoid exposing vulnerable versions to untrusted input and to closely monitor any unexpected server behavior until they can upgrade.2023-08-14not yet calculatedCVE-2023-40023
MISC
MISC
MISC
nexb -- scancode.io

 
ScanCode.io is a server to script and automate software composition analysis pipelines. In the `/license/` endpoint, the detailed view key is not properly validated and sanitized, which can result in a potential cross-site scripting (XSS) vulnerability when attempting to access a detailed license view that does not exist. Attackers can exploit this vulnerability to inject malicious scripts into the response generated by the `license_details_view` function. When unsuspecting users visit the page, their browsers will execute the injected scripts, leading to unauthorized actions, session hijacking, or stealing sensitive information. This issue has been addressed in release `32.5.2`. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-14not yet calculatedCVE-2023-40024
MISC
MISC
keystone -- keystone

 
Keystone is an open-source headless CMS for Node.js — built with GraphQL and React. When `ui.isAccessAllowed` is set as `undefined`, the `adminMeta` GraphQL query is publicly accessible (no session required). This is different to the behaviour of the default AdminUI middleware, which by default will only be publicly accessible (no session required) if a `session` strategy is not defined. This vulnerability does not affect developers using the `@keystone-6/auth` package, or any users that have written their own `ui.isAccessAllowed` (that is to say, `isAccessAllowed` is not `undefined`). This vulnerability does affect users who believed that their `session` strategy will, by default, enforce that `adminMeta` is inaccessible by the public in accordance with that strategy; akin to the behaviour of the AdminUI middleware. This vulnerability has been patched in `@keystone-6/core` version `5.5.1`. Users are advised to upgrade. Users unable to upgrade may opt to write their own `isAccessAllowed` functionality to work-around this vulnerability.2023-08-15not yet calculatedCVE-2023-40027
MISC
MISC
MISC
ghost -- ghost

 
Ghost is an open-source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder. Version 5.59.1 contains a fix for this issue. All users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-15not yet calculatedCVE-2023-40028
MISC
MISC
flarum -- flarum

 
Flarum is an open-source forum software. Flarum is affected by a vulnerability that allows an attacker to conduct a Blind Server-Side Request Forgery (SSRF) attack or disclose any file on the server, even with a basic user account on any Flarum forum. By uploading a file containing a URL and spoofing the MIME type, an attacker can manipulate the application to execute unintended actions. The vulnerability is due to the behavior of the `intervention/image` package, which attempts to interpret the supplied file contents as a URL, which then fetches its contents. This allows an attacker to exploit the vulnerability to perform SSRF attacks, disclose local file contents, or conduct a blind oracle attack. This has been patched in Flarum version 1.8.0. Users are advised to upgrade. Users unable to upgrade may disable PHP's `allow_url_fopen` which will prevent the fetching of external files via URLs as a temporary workaround for the SSRF aspect of the vulnerability.2023-08-16not yet calculatedCVE-2023-40033
MISC
MISC
woodpecker-ci -- woodpecker

 
Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data which lead to an update of the repository data that can e.g., allow the takeover of a repo. This is only critical if the CI is configured for public usage and connected to a forge which is also in public usage. This issue has been addressed in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should secure the CI system by making it inaccessible to untrusted entities, for example, by placing it behind a firewall.2023-08-16not yet calculatedCVE-2023-40034
MISC
MISC
MISC
MISC
apache -- nifi

 
Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connection URL validation using custom input formatting. The resolution enhances connection URL validation and introduces validation for additional related properties. Upgrading to Apache NiFi 1.23.1 is the recommended mitigation.2023-08-18not yet calculatedCVE-2023-40037
MISC
MISC
MISC
elecom_co._ltd. -- multiple_products

 
OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-F1167ACF all versions, WRC-1750GHBK all versions, WRC-1167GHBK2 all versions, WRC-1750GHBK2-I all versions, and WRC-1750GHBK-E all versions.2023-08-18not yet calculatedCVE-2023-40069
MISC
MISC
elecom_co._ltd. -- wab-s600-ps/wab-s300

 
OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allow an authenticated user to execute an arbitrary OS command by sending a specially crafted request.2023-08-18not yet calculatedCVE-2023-40072
MISC
MISC
rubygems -- rubygems

 
rubygems.org is the Ruby community's primary gem (library) hosting service. Insufficient input validation allowed malicious actors to replace any uploaded gem version that had a platform, version number, or gem name matching `/-\d/`, permanently replacing the legitimate upload in the canonical gem storage bucket and triggering an immediate CDN purge so that the malicious gem would be served immediately. The maintainers have checked all gems matching the `/-\d/` pattern and can confirm that no unexpected `.gem`s were found. As a result, we believe this vulnerability was _not_ exploited. The easiest way to ensure that a user's applications were not exploited by this vulnerability is to check that all of your downloaded .gems have a checksum that matches the checksum recorded in the RubyGems.org database. RubyGems contributor Maciej Mensfeld wrote a tool to automatically check that all downloaded .gem files match the checksums recorded in the RubyGems.org database. You can use it by running: `bundle add bundler-integrity` followed by `bundle exec bundler-integrity`. Neither this tool nor anything else can prove you were not exploited, but they can assist your investigation by quickly comparing RubyGems API-provided checksums with the checksums of files on your disk. The issue has been patched with improved input validation and the changes are live. No action is required on the part of the user. Users are advised to validate their local gems.2023-08-17not yet calculatedCVE-2023-40165
MISC
MISC
turbowarp -- desktop

 
TurboWarp is a desktop application that compiles scratch projects to JavaScript. TurboWarp Desktop versions prior to version 1.8.0 allowed a malicious project or custom extension to read arbitrary files from disk and upload them to a remote server. The only required user interaction is opening the sb3 file or loading the extension. The web version of TurboWarp is not affected. This bug has been addressed in commit `55e07e99b59` after an initial fix which was reverted. Users are advised to upgrade to version 1.8.0 or later. Users unable to upgrade should avoid opening sb3 files or loading extensions from untrusted sources.2023-08-17not yet calculatedCVE-2023-40168
MISC
MISC
MISC
MISC
dispatch -- dispatch

 
Dispatch is an open-source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the `Dispatch Plugin - Basic Authentication Provider` plugin encounters an error when attempting to decode a JWT token. Any Dispatch users who own their instance and rely on the `Dispatch Plugin - Basic Authentication Provider` plugin for authentication may be impacted, allowing for any account to be taken over within their own instance. This could be done by using the secret to sign attacker crafted JWTs. If you think that you may be impacted, we strongly suggest you rotate the secret stored in the `DISPATCH_JWT_SECRET` envvar in the `.env` file. This issue has been addressed in commit `b1942a4319` which has been included in the `20230817` release. users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-17not yet calculatedCVE-2023-40171
MISC
MISC
MISC
MISC
social_media_skeleton -- social_media_skeleton

 
Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery (CSRF) attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do. This can be done by sending the victim a malicious link or by exploiting a vulnerability in the website. Prior to version 1.0.5 Social media skeleton did not properly restrict CSRF attacks. This has been addressed in version 1.0.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-18not yet calculatedCVE-2023-40172
MISC
MISC
social_media_skeleton -- social_media_skeleton

 
Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue.2023-08-18not yet calculatedCVE-2023-40173
MISC
MISC
MISC
social_media_skeleton -- social_media_skeleton

 
Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Insufficient session expiration is a web application security vulnerability that occurs when a web application does not properly manage the lifecycle of a user's session. Social media skeleton releases prior to 1.0.5 did not properly limit manage user session lifecycles. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-18not yet calculatedCVE-2023-40174
MISC
MISC
puma -- puma

 
Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is highly dependent on the nature of the web site using puma is. This could be caused by either incorrect parsing of trailing fields in chunked transfer encoding bodies or by parsing of blank/zero-length Content-Length headers. Both issues have been addressed and this vulnerability has been fixed in versions 6.3.1 and 5.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-18not yet calculatedCVE-2023-40175
MISC
MISC
genians -- multiple_products

 
Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.2023-08-17not yet calculatedCVE-2023-40251
MISC
genians -- multiple_products

 
Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.2023-08-17not yet calculatedCVE-2023-40252
MISC
genians -- multiple_products

 
Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.2023-08-11not yet calculatedCVE-2023-40253
MISC
genians -- multiple_products

 
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.2023-08-11not yet calculatedCVE-2023-40254
MISC
apache -- airflow

 
Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not affected.2023-08-17not yet calculatedCVE-2023-40272
MISC
MISC
MISC
getzola -- getzola

 
An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handle_request function, used by the server to process HTTP requests, does not account for sequences of special path control characters (../) in the URL when serving a file, which allows one to escape the webroot of the server and read arbitrary files from the filesystem.2023-08-14not yet calculatedCVE-2023-40274
MISC
MISC
lenovo -- notebook

 
A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.2023-08-17not yet calculatedCVE-2023-4028
MISC
ec-cube_co._ltd. -- ec-cube_2_series

 
EC-CUBE 2.11.0 to 2.17.2-p1 contain a cross-site scripting vulnerability in "mail/template" and "products/product" of Management page. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the other administrator or the user who accessed the website using the product.2023-08-17not yet calculatedCVE-2023-40281
MISC
MISC
linux -- kernel

 
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of a sk are mishandled.2023-08-14not yet calculatedCVE-2023-40283
MISC
MISC
MISC
DEBIAN
lenovo -- thinkpad

 
A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code.2023-08-17not yet calculatedCVE-2023-4029
MISC
harman_international -- harman_automotive_infotainment

 
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name.2023-08-14not yet calculatedCVE-2023-40291
MISC
harman_international -- harman_automotive_infotainment

 
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets.2023-08-14not yet calculatedCVE-2023-40292
MISC
harman_international -- harman_automotive_infotainment

 
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.2023-08-14not yet calculatedCVE-2023-40293
MISC
boron_2.0.8-- boron_2.0.8

 
libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c.2023-08-14not yet calculatedCVE-2023-40294
MISC
boron_2.0.8-- boron_2.0.8

 
libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_strInitUtf8 at string.c.2023-08-14not yet calculatedCVE-2023-40295
MISC
async-sockets-cpp -- async-sockets-cpp

 
async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets.2023-08-14not yet calculatedCVE-2023-40296
MISC
lenovo -- thinkpad

 
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt.2023-08-17not yet calculatedCVE-2023-4030
MISC
gnu_inetutils -- gnu_inetutils

 
GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.2023-08-14not yet calculatedCVE-2023-40303
MISC
MISC
MISC
gnu_indent -- gnu_indent

 
GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.2023-08-14not yet calculatedCVE-2023-40305
MISC
MISC
opennms -- horizon

 
Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue.2023-08-14not yet calculatedCVE-2023-40311
MISC
MISC
MISC
opennms -- horizon

 
Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue.2023-08-14not yet calculatedCVE-2023-40312
MISC
MISC
opennms -- horizon

 
A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian versions which could allow arbitrary remote Java code execution. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet.2023-08-17not yet calculatedCVE-2023-40313
MISC
MISC
opennms -- horizon

 
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYSTEM_EDITOR can easily escalate their privileges to ROLE_ADMIN or any other role. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue.2023-08-17not yet calculatedCVE-2023-40315
MISC
MISC
jenkins -- jenkins

 
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders.2023-08-16not yet calculatedCVE-2023-40336
MISC
MISC
jenkins -- jenkins

 
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder.2023-08-16not yet calculatedCVE-2023-40337
MISC
MISC
jenkins -- jenkins

 
Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system.2023-08-16not yet calculatedCVE-2023-40338
MISC
MISC
jenkins -- jenkins

 
Jenkins Config File Provider Plugin 952.va_544a_6234b_46 and earlier does not mask (i.e., replace with asterisks) credentials specified in configuration files when they're written to the build log.2023-08-16not yet calculatedCVE-2023-40339
MISC
MISC
jenkins -- jenkins

 
Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs.2023-08-16not yet calculatedCVE-2023-40340
MISC
MISC
jenkins -- jenkins

 
A cross-site request forgery (CSRF) vulnerability in Jenkins Favorite View Plugin 5.v77a_37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar.2023-08-16not yet calculatedCVE-2023-40351
MISC
MISC
mariadb_maxscale -- mariadb_maxscale

 
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08.8, and 23.02.3.2023-08-14not yet calculatedCVE-2023-40354
MISC
xterm -- xterm

 
xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue.2023-08-14not yet calculatedCVE-2023-40359
MISC
qemu -- qemu

 
QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled.2023-08-14not yet calculatedCVE-2023-40360
MISC
MISC
MISC
litespeed/openlitespeed -- litespeed/openlitespeed

 
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers.2023-08-14not yet calculatedCVE-2023-40518
MISC
MISC
moxa -- nport_iaw5000a-i/o_series

 
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerability which poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate firmware manipulation.2023-08-16not yet calculatedCVE-2023-4204
MISC
cloudflare -- lol-html

 
lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected.2023-08-16not yet calculatedCVE-2023-4241
MISC
zephyrproject-rtos -- zephyr

 
Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis... https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis.c#L8412023-08-12not yet calculatedCVE-2023-4265
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3.2023-08-14not yet calculatedCVE-2023-4321
MISC
MISC
radareorg -- radare2

 
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.2023-08-14not yet calculatedCVE-2023-4322
MISC
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup.2023-08-15not yet calculatedCVE-2023-4323
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers.2023-08-15not yet calculatedCVE-2023-4324
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities.2023-08-15not yet calculatedCVE-2023-4325
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites.2023-08-15not yet calculatedCVE-2023-4326
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux.2023-08-15not yet calculatedCVE-2023-4327
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux.2023-08-15not yet calculatedCVE-2023-4328
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute.2023-08-15not yet calculatedCVE-2023-4329
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to Denial of Service which can be caused by an authenticated user to the REST API Interface.2023-08-15not yet calculatedCVE-2023-4330
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to an insecure default TLS configuration that support obsolete and vulnerable TLS protocols.2023-08-15not yet calculatedCVE-2023-4331
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file.2023-08-15not yet calculatedCVE-2023-4332
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows.2023-08-15not yet calculatedCVE-2023-4333
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication.2023-08-15not yet calculatedCVE-2023-4334
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux.2023-08-15not yet calculatedCVE-2023-4335
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute.2023-08-15not yet calculatedCVE-2023-4336
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation.2023-08-15not yet calculatedCVE-2023-4337
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers.2023-08-15not yet calculatedCVE-2023-4338
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions.2023-08-15not yet calculatedCVE-2023-4339
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file.2023-08-15not yet calculatedCVE-2023-4340
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI.2023-08-15not yet calculatedCVE-2023-4341
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy.2023-08-15not yet calculatedCVE-2023-4342
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter.2023-08-15not yet calculatedCVE-2023-4343
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection.2023-08-15not yet calculatedCVE-2023-4344
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user.2023-08-15not yet calculatedCVE-2023-4345
MISC
librenms -- librenms/librenms

 
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.2023-08-15not yet calculatedCVE-2023-4347
MISC
MISC
google -- chromeUse after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4349
MISC
MISC
MISC
MISC
google -- chrome_for_androidInappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4350
MISC
MISC
MISC
MISC
google -- chromeUse after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4351
MISC
MISC
MISC
MISC
google -- chromeType confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4352
MISC
MISC
MISC
MISC
google -- chromeHeap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4353
MISC
MISC
MISC
MISC
google -- chromeHeap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4354
MISC
MISC
MISC
MISC
google -- chromeOut of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4355
MISC
MISC
MISC
MISC
google -- chromeUse after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4356
MISC
MISC
MISC
MISC
google -- chromeInsufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4357
MISC
MISC
MISC
MISC
google -- chromeUse after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4358
MISC
MISC
MISC
MISC
google -- chrome_for_iosInappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4359
MISC
MISC
MISC
MISC
google -- chromeInappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4360
MISC
MISC
MISC
MISC
google -- chrome_for_androidInappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4361
MISC
MISC
MISC
MISC
google -- chromeHeap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4362
MISC
MISC
MISC
MISC
google -- chrome_for_androidInappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4363
MISC
MISC
MISC
MISC
google -- chromeInappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4364
MISC
MISC
MISC
MISC
google -- chromeInappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4365
MISC
MISC
MISC
MISC
google -- chromeUse after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4366
MISC
MISC
MISC
MISC
google -- chromeInsufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4367
MISC
MISC
MISC
MISC
google -- chromeInsufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4368
MISC
MISC
MISC
MISC
google -- chrome_for_chromeosInsufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4369
MISC
MISC
phprecdb -- phprecdbA vulnerability was found in phpRecDB 1.3.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument r/view leads to cross site scripting. The attack may be launched remotely. VDB-237194 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-15not yet calculatedCVE-2023-4371
MISC
MISC
instantsoft -- instantsoft/icms2

 
Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git.2023-08-16not yet calculatedCVE-2023-4381
MISC
MISC
tdevs -- hyip_rio

 
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be launched remotely. VDB-237314 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-16not yet calculatedCVE-2023-4382
MISC
MISC
MISC
microworld -- escan_anti-virus

 
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-16not yet calculatedCVE-2023-4383
MISC
MISC
MISC
maximatech -- portal_executivo

 
A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to missing encryption of sensitive data. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237316. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-16not yet calculatedCVE-2023-4384
MISC
MISC
MISC
linux -- kernelA NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check.2023-08-16not yet calculatedCVE-2023-4385
MISC
MISC
MISC
linux -- kernelA use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem.2023-08-16not yet calculatedCVE-2023-4387
MISC
MISC
MISC
linux -- kernelA flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.2023-08-16not yet calculatedCVE-2023-4389
MISC
MISC
MISC
control_id -- gerencia_web

 
A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected by this issue is some unknown functionality of the component Cookie Handler. The manipulation leads to cleartext storage of sensitive information. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237380. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-17not yet calculatedCVE-2023-4392
MISC
MISC
MISC
linux -- kernel

 
A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information2023-08-17not yet calculatedCVE-2023-4394
MISC
MISC
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.2023-08-17not yet calculatedCVE-2023-4395
MISC
MISC
codecanyon -- credit_lite

 
A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/account_statement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-237511.2023-08-18not yet calculatedCVE-2023-4407
MISC
MISC
nbs&happysoftwechat -- nbs&happysoftwechat

 
A vulnerability, which was classified as critical, has been found in NBS&HappySoftWeChat 1.1.6. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237512.2023-08-18not yet calculatedCVE-2023-4409
MISC
MISC
MISC
totolink -- ex1200l

 
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023. This affects the function setDiagnosisCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237513 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4410
MISC
MISC
MISC
totolink -- ex1200l

 
A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-237514 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4411
MISC
MISC
MISC
totolink -- ex1200l

 
A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This issue affects the function setWanCfg. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237515. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4412
MISC
MISC
MISC
rkhunter -- rootkit_hunter

 
A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It has been classified as problematic. Affected is an unknown function of the file /var/log/rkhunter.log. The manipulation leads to sensitive information in log files. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237516.2023-08-18not yet calculatedCVE-2023-4413
MISC
MISC
MISC
MISC
beijing_baichuo -- smart_s85f_management_platform

 
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237517 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4414
MISC
MISC
MISC
ruijie_networks -- rg-ew1200g

 
A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4415
MISC
MISC
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3.2023-08-18not yet calculatedCVE-2023-4422
MISC
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.2023-08-19not yet calculatedCVE-2023-4432
MISC
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.2023-08-19not yet calculatedCVE-2023-4433
MISC
MISC

Back to top



Vulnerability Summary for the Week of August 14, 2023
https://www.cisa.gov/news-events/bulletins/sb23-233

High Vulnerabilities
































































































































































































































































































































































































































































































































































































































Primary

Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
foldingathome -- client_advanced_controlAn issue was discovered in FoldingAtHome Client Advanced Control GUI before commit 9b619ae64443997948a36dda01b420578de1af77, allows remote attackers to execute arbitrary code via crafted payload to function parse_message in file Connection.py.2023-08-119.8CVE-2020-27544
MISC
sourcecodester -- school_faculty_scheduling_systemSQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php.2023-08-119.8CVE-2020-36034
MISC
MISC
MISC
bloofox -- bloofoxcmsFile Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module.2023-08-119.8CVE-2020-36082
MISC
hello.js_project -- hello.jsPrototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function.2023-08-119.8CVE-2021-26505
MISC
open-falcon -- dashboardAn issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface.2023-08-119.8CVE-2021-27523
MISC
ruoyi -- ruoyiAn issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges.2023-08-119.8CVE-2021-28411
MISC
intel(r) -- ethernet_controller_rdma_driver_for_linuxImproper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-08-119.8CVE-2023-25775
MISC
wordpress -- wordpressThe Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server.2023-08-129.8CVE-2023-3452
MISC
MISC
MISC
novel-plus -- novel-plusnovel-plus v3.6.2 was discovered to contain a SQL injection vulnerability.2023-08-149.8CVE-2023-37847
MISC
MISC
MISC
huawei -- emuiVulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges.2023-08-139.8CVE-2023-39405
MISC
MISC
schoolmate -- schoolmateSchoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php.2023-08-159.8CVE-2023-39850
MISC
MISC
veritas -- netbackup_snapshot_managerA vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers.2023-08-119.8CVE-2023-40256
MISC
gitpython -- gitpythonGitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.2023-08-119.8CVE-2023-40267
MISC
MISC
intel(r) -- manageability_commanderCross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-08-119.6CVE-2022-29887
MISC
intel(r) -- driver_support_assistantCross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may allow unauthenticated user to potentially enable escalation of privilege via network access.2023-08-119.6CVE-2023-27515
MISC
zrlog -- zrlogDirectory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service (DoS).2023-08-119.1CVE-2020-27514
MISC
huawei -- emuiVulnerability of defects introduced in the design process in the Multi-Device Task Center. Successful exploitation of this vulnerability will cause the hopped app to bypass the app lock and reset the device that initiates the hop.2023-08-139.1CVE-2021-46895
MISC
MISC
huawei -- emuiVulnerability of configuration defects in the media module of certain products. Successful exploitation of this vulnerability may cause unauthorized access.2023-08-139.1CVE-2023-39385
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39398
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39399
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39400
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39401
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39402
MISC
MISC
huawei -- emuiParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.2023-08-139.1CVE-2023-39403
MISC
MISC
yzmcms -- yzmcmsCross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint.2023-08-118.8CVE-2020-23595
MISC
xuxueli -- xxl-jobCross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file.2023-08-118.8CVE-2020-24922
MISC
thedaylightstudio -- fuel_cmsSQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.2023-08-118.8CVE-2020-24950
MISC
churchcrm -- churchcrmCSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file.2023-08-118.8CVE-2020-28848
MISC
wuzhicms -- wuzhicmsAn issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php.2023-08-118.8CVE-2020-36037
MISC
qpdf_project -- qpdfAn issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.2023-08-118.8CVE-2021-25786
MISC
pearadmin -- pear_admin_thinkSQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php.2023-08-118.8CVE-2021-29378
MISC
apple -- iphone_osThe issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.2023-08-148.8CVE-2022-48503
MISC
MISC
MISC
MISC
MISC
google -- androidIn SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-148.8CVE-2023-21273
MISC
MISC
apple -- macosA use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.2023-08-148.8CVE-2023-28198
MISC
MISC
intel(r) -- ai_hackathonUncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-08-118.8CVE-2023-28380
MISC
tigergraph -- tigergraph_enterpriseAn issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform installs a full development toolchain within every TigerGraph deployment. An attacker is able to compile new executables on each Tigergraph system and modify system and Tigergraph binaries.2023-08-158.8CVE-2023-28479
MISC
apple -- macosA type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.2023-08-148.8CVE-2023-32358
MISC
MISC
zyxel -- nbg6604

 
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.2023-08-148.8CVE-2023-33013
MISC
postgresql -- postgresqlIN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.2023-08-118.8CVE-2023-39417
MISC
MISC
MISC
jenkins -- jenkinsA cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.2023-08-168.8CVE-2023-40341
MISC
MISC
wordpress -- wordpress

 
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmpp_update_profile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'profile[role]' parameter during a profile update.2023-08-128.8CVE-2023-4293
MISC
MISC
MISC
wordpress -- wordpress

 
The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the 'notify_ping_remote' AJAX function in versions up to, and including, 1.2.12. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. This was partially patched in version 1.2.12 and fully patched in version 1.2.13.2023-08-168.5CVE-2023-3958
MISC
MISC
MISC
MISC
red_lion_europe -- mbnet

 
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker to store an arbitrary JavaScript payload on the diagnosis page of the device. That page is loaded immediately after login into the device and runs the stored payload, allowing the attacker to read and write browser data and reduce system performance.2023-08-178.3CVE-2023-34412
MISC
MISC
intel(r) -- celeron_j6413_firmwareImproper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.2023-08-118CVE-2022-44611
MISC
rockcarry -- ffjpegBuffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN.2023-08-117.8CVE-2020-24222
MISC
apple -- macosAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution.2023-08-147.8CVE-2020-36615
MISC
xnview -- xnviewBuffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.2023-08-117.8CVE-2021-28427
MISC
xnview -- xnviewBuffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.2023-08-117.8CVE-2021-28835
MISC
CONFIRM
intel(r) -- oneapi_math_kernel_libraryUncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2022-25864
MISC
intel(r) -- dynamic_tuning_technologyImproper access control in the Intel DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2022-29470
MISC
intel(r)-- multiple_productsImproper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2022-38076
MISC
intel(r) -- rapid_storage_technologyUncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2022-43456
MISC
apple -- mac_os_xA type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges.2023-08-147.8CVE-2022-46706
MISC
MISC
MISC
google -- androidIn registerServiceLocked of ManagedServices.java, there is a possible bypass of background activity launch restrictions due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-147.8CVE-2023-21229
MISC
google -- androidIn getIntentForButton of ButtonManager.java, there is a possible way for an unprivileged application to start a non-exported or permission-protected activity due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-147.8CVE-2023-21231
MISC
google -- androidIn readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-147.8CVE-2023-21272
MISC
MISC
intel(r) -- uniteUncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-25182
MISC
intel(r) -- uniteImproper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-25773
MISC
intel(r) -- vcust_toolUncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-25944
MISC
intel(r) -- easy_streaming_wizardImproper input validation for the Intel(R) Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-26587
MISC
intel(r) -- advanced_link_analyzerIncorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-27505
MISC
intel(r) -- optimization_for_tensorflowImproper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-27506
MISC
intel(r) -- ispc_software_installerImproper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.2023-08-117.8CVE-2023-27509
MISC
intel(r) -- openvinoUncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-28405
MISC
intel(r) -- oneapi_math_kernel_libraryInsecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-28658
MISC
onlyoffice -- document_serverA use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.2023-08-147.8CVE-2023-30186
MISC
MISC
MISC
MISC
MISC
MISC
onlyoffice -- document_serverAn out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.2023-08-147.8CVE-2023-30187
MISC
MISC
MISC
MISC
MISC
MISC
intel(r) -- intelligent_test_systemIncorrect default permissions in the Intel(R) ITS sofware before version 3.1 may allow authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-32543
MISC
intel(r) -- realsense_450_fa_firmwareImproper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-32656
MISC
intel(r) -- realsense_software_development_kitIncorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-32663
MISC
intel(r) -- realsense_450_fa_firmwareImproper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-33867
MISC
intel(r) -- realsense_450_fa_firmwareOut-of-bounds write in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-33877
MISC
intel(r) -- realsense_450_fa_firmwareProtection mechanism failure in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-34427
MISC
intel(r) -- nuc_biosRace condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-117.8CVE-2023-34438
MISC
faucet_sdn -- ryuAn issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).2023-08-117.5CVE-2020-35139
MISC
faucet_sdn -- ryuAn issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).2023-08-117.5CVE-2020-35141
MISC
cszcms-- cszcmsSQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pm_sendmail parameter in csz_model.php.2023-08-117.5CVE-2020-36136
MISC
ffmpeg -- ffmpegAn issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).2023-08-117.5CVE-2020-36138
MISC
MISC
MISC
dgtl -- huemagicDirectory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.2023-08-117.5CVE-2021-26504
MISC
google -- androidIn multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-147.5CVE-2023-21233
MISC
wordpress -- wordpress

 
The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges.2023-08-157.5CVE-2023-2916
MISC
MISC
MISC
faad2 -- faad2Buffer Overflow vulnerability in faad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.2023-08-157.5CVE-2023-38857
MISC
huawei -- harmonyosPermission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnormally.2023-08-137.5CVE-2023-39380
MISC
MISC
huawei -- emuiInput verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.2023-08-137.5CVE-2023-39381
MISC
MISC
huawei -- emuiInput verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.2023-08-137.5CVE-2023-39382
MISC
MISC
huawei -- emuiVulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security.2023-08-137.5CVE-2023-39383
MISC
MISC
huawei -- harmonyosVulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally.2023-08-137.5CVE-2023-39384
MISC
MISC
huawei -- emuiVulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart.2023-08-137.5CVE-2023-39386
MISC
MISC
huawei -- emuiVulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.2023-08-137.5CVE-2023-39388
MISC
MISC
huawei -- emuiVulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.2023-08-137.5CVE-2023-39389
MISC
MISC
huawei -- harmonyosVulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.2023-08-137.5CVE-2023-39390
MISC
MISC
huawei -- emuiVulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality.2023-08-137.5CVE-2023-39391
MISC
MISC
huawei -- harmonyosVulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten.2023-08-137.5CVE-2023-39392
MISC
MISC
huawei -- harmonyosVulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation of this vulnerability may cause ServiceWifiResources to be maliciously modified and overwritten.2023-08-137.5CVE-2023-39393
MISC
MISC
huawei -- emuiVulnerability of API privilege escalation in the wifienhance module. Successful exploitation of this vulnerability may cause the arp list to be modified.2023-08-137.5CVE-2023-39394
MISC
MISC
huawei -- emuiMismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability.2023-08-137.5CVE-2023-39395
MISC
MISC
huawei -- harmonyosDeserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability.2023-08-137.5CVE-2023-39396
MISC
MISC
huawei -- emuiInput parameter verification vulnerability in the communication system. Successful exploitation of this vulnerability may affect availability.2023-08-137.5CVE-2023-39397
MISC
MISC
huawei -- emuiVulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.2023-08-137.5CVE-2023-39404
MISC
MISC
huawei -- emuiPermission control vulnerability in the XLayout component. Successful exploitation of this vulnerability may cause apps to forcibly restart.2023-08-137.5CVE-2023-39406
MISC
MISC
tenda -- a18Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function.2023-08-147.5CVE-2023-39827
MISC
tenda -- a18Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.2023-08-147.5CVE-2023-39828
MISC
tenda -- a18Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function.2023-08-147.5CVE-2023-39829
MISC
mattermost -- mattermostMattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged2023-08-117.5CVE-2023-4108
MISC
intel(r) -- quartus_primeUncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.3CVE-2023-24016
MISC
intel(r) -- open_image_denoiseUncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-08-117.3CVE-2023-28823
MISC
supermicro-cms_project -- supermicro-cmsAn issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the font_type parameter to setup.php.2023-08-117.2CVE-2021-25857
MISC
intel(r) -- unisonImproper access control in some Intel(R) Unison(TM) software before version 10.12 may allow a privileged user to potentially enable escalation of privilege via network access.2023-08-117.2CVE-2023-25757
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php.2023-08-177.2CVE-2023-31938
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php.2023-08-177.2CVE-2023-31939
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the page_id parameter at article_edit.php.2023-08-177.2CVE-2023-31940
MISC
online_travel_agency_system_project -- online_travel_agency_systemFile Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the employee_insert.php.2023-08-177.2CVE-2023-31941
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the ticket_id parameter at ticket_detail.php.2023-08-177.2CVE-2023-31943
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_edit.php.2023-08-177.2CVE-2023-31944
MISC
online_travel_agency_system_project -- online_travel_agency_systemSQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php.2023-08-177.2CVE-2023-31945
MISC
online_travel_agency_system_project -- online_travel_agency_systemFile Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php.2023-08-177.2CVE-2023-31946
MISC
solarwinds -- serv-uA vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 2023-08-117.2CVE-2023-35179
MISC
MISC
snowsoftware -- snow_license_managerBlind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands via the web portal.2023-08-117.2CVE-2023-3864
MISC
wordpress -- wordpress

 
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.2023-08-157.2CVE-2023-4308
MISC
MISC
apple -- macosThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted AppleScript binary may result in unexpected app termination or disclosure of process memory.2023-08-147.1CVE-2023-28179
MISC

Back to top


 



Medium Vulnerabilities




























































































































































































































































































































































































































































































































































































Primary

Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
intel(r)-- multiple_productsImproper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-27635
MISC
intel(r)-- nuc_biosImproper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-36372
MISC
intel(r) -- nucImproper input validation in BIOS firmware for some Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-37336
MISC
intel(r)-- atom_c3338r_firmwareImproper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-37343
MISC
intel(r) -- multiple_productsImproper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-40964
MISC
intel(r) -- xeon(r)_processorsUnauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-41804
MISC
MISC
MISC
MISC
intel(r) -- proset/wireless_wifiProtection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2022-46329
MISC
intel(r) -- nuc_biosImproper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-22449
MISC
intel(r)-- open_image_denoiseImproper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-27391
MISC
intel(r) -- next_unit_of_computing_firmwareImproper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access.2023-08-116.7CVE-2023-28385
MISC
intel(r) -- nuc_biosImproper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-29494
MISC
intel(r) -- multiple_productsImproper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-32617
MISC
intel(r) -- nuc_biosImproper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.7CVE-2023-34086
MISC
cms-dev -- cmsPlaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs.2023-08-116.5CVE-2020-24804
MISC
gnome-gmail -- gnome-gmailAn issue was discovered in attach parameter in GNOME Gmail version 2.5.4, allows remote attackers to gain sensitive information via crafted "mailto" link.2023-08-116.5CVE-2020-24904
MISC
freedesktop -- popplerAn issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.2023-08-116.5CVE-2020-36023
MISC
MLIST
intel(r)-- multiple_productsImproper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.2023-08-116.5CVE-2022-36351
MISC
intel(r) -- processorsInformation exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.2023-08-116.5CVE-2022-40982
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
tigergraph -- tigergraph_enterpriseAn issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions (UDFs) from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An attacker who has filesystem access on a remote TigerGraph system can alter the behavior of the database against the will of the database administrator; thus, effectively bypassing the built in RBAC controls.2023-08-146.5CVE-2023-28480
MISC
zyxel -- multiple_products

 
Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.2023-08-146.5CVE-2023-28768
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018.2023-08-156.5CVE-2023-38851
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266.2023-08-156.5CVE-2023-38852
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015.2023-08-156.5CVE-2023-38853
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296.2023-08-156.5CVE-2023-38854
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.2023-08-156.5CVE-2023-38855
MISC
libxls-- libxlsBuffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.2023-08-156.5CVE-2023-38856
MISC
faad2 -- faad2Buffer Overflow vulnerability in faad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.2023-08-156.5CVE-2023-38858
MISC
jenkins -- jenkinsJenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to.2023-08-166.5CVE-2023-40345
MISC
MISC
jenkins -- jenkinsJenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to.2023-08-166.5CVE-2023-40347
MISC
MISC
mattermost -- mattermostMattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able to view, join, edit, export and archive public playbooks.2023-08-116.5CVE-2023-4106
MISC
mattermost -- mattermostMattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.2023-08-116.5CVE-2023-4107
MISC
intel(r) -- nuc_biosRace condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.2023-08-116.4CVE-2023-34349
MISC
jbt -- markdown_editorCross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file.2023-08-116.1CVE-2020-19952
MISC
CONFIRM
MISC
gilacms -- gila_cmsCross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation.2023-08-116.1CVE-2020-20523
MISC
laborator -- kaliumCross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code.2023-08-116.1CVE-2020-24075
MISC
lepton-cms -- epton-cmsCross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code.2023-08-116.1CVE-2020-24872
MISC
zoho_corporation -- manageengine_password_manager_proCross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload.2023-08-116.1CVE-2020-27449
MISC
MISC
kindsoft -- kindeditorCross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code.2023-08-116.1CVE-2020-28717
MISC
braft-editor -- braft-editorCross Site Scripting (XSS) vulnerability in margox braft-editor version 2.3.8, allows remote attackers to execute arbitrary code via the embed media feature.2023-08-116.1CVE-2021-27524
MISC
opennms -- horizonXXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to XML external entity (XXE) injection, which can be used for instance to force Horizon to make arbitrary HTTP requests to internal and external services. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter and Moshe Apelbaum for reporting this issue.2023-08-116.1CVE-2023-0871
MISC
MISC
wordpress -- wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <= 2.2.0 versions.2023-08-146.1CVE-2023-28535
MISC
wordpress -- wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin <= 5.4.5 versions.2023-08-146.1CVE-2023-30475
MISC
wordpress -- wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions.2023-08-146.1CVE-2023-30483
MISC
wordpress -- wordpressUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <= 1.2.16 versions.2023-08-146.1CVE-2023-30489
MISC
jenkins -- jenkinsJenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.2023-08-165.9CVE-2023-40343
MISC
MISC
jerryscript -- jerryscriptAn issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).2023-08-115.5CVE-2020-24187
MISC
MISC
ngiflib -- ngiflibAn issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop).2023-08-115.5CVE-2020-24221
MISC
foxit_software -- pdf_readerBuffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file.2023-08-115.5CVE-2020-35990
MISC
MISC
freedesktop -- popplerAn issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.2023-08-115.5CVE-2020-36024
MISC
MLIST
ffmpeg -- ffmpegInteger overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.2023-08-115.5CVE-2021-28429
MISC
vim -- vimvim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.2023-08-115.5CVE-2021-3236
MISC
apple -- macosThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to modify protected parts of the file system.2023-08-145.5CVE-2022-22646
MISC
apple -- macosAn access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4. An app may be able to leak sensitive user information.2023-08-145.5CVE-2022-22655
MISC
MISC
apple -- macosA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. An app may be able to cause a denial-of-service to Endpoint Security clients.2023-08-145.5CVE-2022-26699
MISC
intel(r) -- unisonUse of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.2023-08-115.5CVE-2022-44612
MISC
apple -- macosA logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system.2023-08-145.5CVE-2022-46722
MISC
google -- androidIn onAccessPointChanged of AccessPointPreference.java, there is a possible way for unprivileged apps to receive a broadcast about WiFi access point change and its BSSID or SSID due to a precondition check failure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-145.5CVE-2023-21230
MISC
google -- androidIn launchConfirmationActivity of ChooseLockSettingsHelper.java, there is a possible way to enable developer options without the lockscreen PIN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-145.5CVE-2023-21234
MISC
google -- androidIn parseInputs of ShimPreparedModel.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-145.5CVE-2023-21271
MISC
MISC
intel(r) -- onevpl_gpuOut-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access.2023-08-115.5CVE-2023-22338
MISC
intel(r) -- onevpl_gpuImproper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.2023-08-115.5CVE-2023-22840
MISC
apple -- macosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.2023-08-145.5CVE-2023-27939
MISC
apple -- macosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.2023-08-145.5CVE-2023-27947
MISC
apple -- macosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.2023-08-145.5CVE-2023-27948
MISC
apple -- macosAn out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. An app may be able to disclose kernel memory.2023-08-145.5CVE-2023-28199
MISC
intel(r) -- hyperscan_libraryInsufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access.2023-08-115.5CVE-2023-28711
MISC
onlyoffice -- document_serverMemory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.2023-08-145.5CVE-2023-30188
MISC
MISC
MISC
MISC
MISC
MISC
intel(r) -- realsense_450_fa_firmwareOut-of-bounds read in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable information disclosure via local access.2023-08-115.5CVE-2023-30760
MISC
intel(r) -- uniteImproper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access.2023-08-115.5CVE-2023-32609
MISC
hcl_software -- hcl_traveler_companionWhen the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.2023-08-115.5CVE-2023-37512
MISC
hcl_software-- traveler_to_doWhen the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.2023-08-115.5CVE-2023-37513
MISC
thinkcmf -- thinkcmfCross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login.2023-08-115.4CVE-2020-25915
MISC
churchcrm -- churchcrmCross Site Scripting (XSS) vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module.2023-08-115.4CVE-2020-28849
MISC
jenkins -- jenkinsJenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control JUnit report file contents.2023-08-165.4CVE-2023-40342
MISC
MISC
jenkins -- jenkinsJenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure shortcut jobs.2023-08-165.4CVE-2023-40346
MISC
MISC
jenkins -- jenkinsJenkins Docker Swarm Plugin 1.11 and earlier does not escape values returned from Docker before inserting them into the Docker Swarm Dashboard view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control responses from Docker.2023-08-165.4CVE-2023-40350
MISC
MISC
wordpress -- wordpress

 
The Comments Like Dislike plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the restore_settings function called via an AJAX action in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to reset the plugin's settings. NOTE: After attempting to contact the developer with no response, and reporting this to the WordPress plugin's team 30 days ago we are disclosing this issue as it still is not updated.2023-08-175.3CVE-2023-3244
MISC
MISC
juniper_networks -- junos_os

 
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify certain PHP environments variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series: * All versions prior to 20.4R3-S9; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R3-S1; * 22.4 versions prior to 22.4R2-S2, 22.4R3.2023-08-175.3CVE-2023-36844
MISC
juniper_networks -- junos_osA PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1-S1, 23.2R2.2023-08-175.3CVE-2023-36845
MISC
juniper_networks -- junos_os

 
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.2023-08-175.3CVE-2023-36846
MISC
juniper_networks -- junos_os

 
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.2023-08-175.3CVE-2023-36847
MISC
huawei -- emuiVulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.2023-08-135.3CVE-2023-39387
MISC
MISC
jenkins -- jenkinsThe webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs in its output.2023-08-165.3CVE-2023-40348
MISC
MISC
jenkins -- jenkinsJenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs.2023-08-165.3CVE-2023-40349
MISC
MISC
wordpress -- wordpress

 
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh_callback_handler function in versions up to, and including, 3.7.9. This makes it possible for unauthenticated attackers to modify the order status of arbitrary WooCommerce orders.2023-08-185.3CVE-2023-4040
MISC
MISC
supermicro-cms -- supermicro-cmsAn issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php.2023-08-114.9CVE-2021-25856
MISC
wordpress -- wordpressAuth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin <= 3.1.0 versions.2023-08-144.8CVE-2023-29097
MISC
wordpress -- wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <= 1.0 versions.2023-08-144.8CVE-2023-30477
MISC
wordpress -- wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <= 7.3.0 versions.2023-08-144.8CVE-2023-30749
MISC
wordpress -- wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <= 1.0.2 versions.2023-08-144.8CVE-2023-30751
MISC
wordpress -- wordpressAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <= 2.0.1 versions.2023-08-144.8CVE-2023-30752
MISC
online_travel_agency_system_project -- online_travel_agency_systemCross Site Scripting vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the description parameter in insert.php.2023-08-174.8CVE-2023-31942
MISC
code-projects -- hospital_information_systemCode Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS)2023-08-144.8CVE-2023-37070
MISC
MISC
MISC
snowsoftware -- snow_license_managerCross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser2023-08-114.8CVE-2023-3937
MISC
intel(r)-- pentium_j6426_firmwareImproper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2022-27879
MISC
intel(r)-- pcsd_biosImproper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2022-34657
MISC
intel(r) -- xeon_d-2745nx_firmwareImproper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2022-38083
MISC
intel(r) -- converged_security_management_engine_firmwareImproper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.2023-08-114.4CVE-2022-38102
MISC
intel(r)-- pentium_j6426_firmwareInsufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.2023-08-114.4CVE-2022-43505
MISC
intel(r) -- nuc_biosUse of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-22330
MISC
intel(r) -- nuc_biosImproper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-22356
MISC
intel(r) -- nucImproper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-22444
MISC
intel(r) -- supportIncorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-27392
MISC
intel(r) -- nuc_biosImproper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-27887
MISC
intel(r) -- realsense_450_fa_firmwareUnchecked return value in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow a priviledged user to potentially enable denial of service via local access.2023-08-114.4CVE-2023-29243
MISC
intel(r) -- nuc_biosExposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access.2023-08-114.4CVE-2023-29500
MISC
intel(r) -- nuc_biosImproper access control in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access.2023-08-114.4CVE-2023-32285
MISC
apple -- iphone_osA spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing.2023-08-144.3CVE-2022-46725
MISC
hcl_software -- traveler_to_doIf certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved.2023-08-114.3CVE-2023-37511
MISC
postgresql -- postgresqlA vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.2023-08-114.3CVE-2023-39418
MISC
MISC
MISC
MISC
jenkins -- jenkinsA missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.2023-08-164.3CVE-2023-40344
MISC
MISC
mattermost -- mattermostMattermost fails to delete the attachments when deleting a message in a thread allowing a simple user to still be able to access and download the attachment of a deleted message2023-08-114.3CVE-2023-4105
MISC
wordpress -- wordpress

 
The WP Remote Users Sync plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the 'refresh_logs_async' functions in versions up to, and including, 1.2.11. This makes it possible for authenticated attackers with subscriber privileges or above, to view logs.2023-08-164.3CVE-2023-4374
MISC
MISC
MISC

Back to top


 



Low Vulnerabilities



























Primary

Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
apple -- macosA logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13. A shortcut may be able to view the hidden photos album without authentication.2023-08-143.3CVE-2022-32876
MISC
google -- androidIn multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-143.3CVE-2023-21232
MISC
froxlor -- froxlorBusiness Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0.2023-08-112.7CVE-2023-4304
MISC
MISC
apple -- iphone_osThis issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen.2023-08-142.4CVE-2022-46724
MISC

Back to top


 



Severity Not Yet Assigned






























































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































Primary

Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
even_balance,_inc. -- punkbuster

 
Directory Traversal vulnerability in Server functionality in Even Balance Punkbuster version 1.902 before 1.905 allows remote attackers to execute arbitrary code.2023-08-16not yet calculatedCVE-2020-26037
MISC
MISC
MISC
apple -- macos

 
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.2023-08-14not yet calculatedCVE-2022-42828
MISC
wordpress -- wordpress

 
The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.2023-08-16not yet calculatedCVE-2022-4782
MISC
hp_inc. -- hp_and_samsung_printer_softwareCertain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.2023-08-16not yet calculatedCVE-2022-4894
MISC
wordpress -- wordpress

 
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs.2023-08-14not yet calculatedCVE-2022-4953
MISC
MISC
wordpress -- wordpress

 
The Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when creating and editing its shortcode, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack2023-08-16not yet calculatedCVE-2023-0058
MISC
wordpress -- wordpress

 
The URL Params WordPress plugin before 2.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-08-16not yet calculatedCVE-2023-0274
MISC
wordpress -- wordpress

 
The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments2023-08-16not yet calculatedCVE-2023-0551
MISC
wordpress -- wordpress

 
The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks.2023-08-16not yet calculatedCVE-2023-0579
MISC
opennms -- horizonThe Horizon REST API includes a user's endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to elevation of privilege. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue.2023-08-14not yet calculatedCVE-2023-0872
MISC
MISC
wordpress -- wordpress

 
The Yellow Yard Searchbar WordPress plugin before 2.8.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-08-16not yet calculatedCVE-2023-1110
MISC
wordpress -- wordpress

 
The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin2023-08-16not yet calculatedCVE-2023-1465
MISC
wordpress -- wordpress

 
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in its admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network.2023-08-16not yet calculatedCVE-2023-1977
MISC
cisco -- cisco_intersight_virtual_appliance

 
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.2023-08-16not yet calculatedCVE-2023-20013
MISC
cisco -- cisco_intersight_virtual_appliance

 
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.2023-08-16not yet calculatedCVE-2023-20017
MISC
cisco -- cisco_identity_services_engine

 
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to the improper storage of sensitive information within the web-based management interface. An attacker could exploit this vulnerability by logging in to the web-based management interface and viewing hidden fields within the application. A successful exploit could allow the attacker to access sensitive information, including device entry credentials, that could aid the attacker in further attacks.2023-08-16not yet calculatedCVE-2023-20111
MISC
cisco -- cisco_secure_endpoint_private_cloud_console

 
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog.2023-08-16not yet calculatedCVE-2023-20197
MISC
cisco -- cisco_prime_infrastructure

 
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.2023-08-16not yet calculatedCVE-2023-20201
MISC
cisco -- cisco_prime_infrastructure

 
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.2023-08-16not yet calculatedCVE-2023-20203
MISC
cisco -- cisco_prime_infrastructure

 
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.2023-08-16not yet calculatedCVE-2023-20205
MISC
cisco -- cisco_telepresence_video_communication_server_expressway

 
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges.2023-08-16not yet calculatedCVE-2023-20209
MISC
cisco -- cisco_unified_communications_manager

 
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by authenticating to the application as a user with read-only or higher privileges and sending crafted HTTP requests to an affected system. A successful exploit could allow the attacker to read or modify data in the underlying database or elevate their privileges.2023-08-16not yet calculatedCVE-2023-20211
MISC
cisco -- autoit_module_of_clamav

 
A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability by submitting a crafted AutoIt file to be scanned by ClamAV on the affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to restart unexpectedly, resulting in a DoS condition.2023-08-18not yet calculatedCVE-2023-20212
MISC
cisco -- cisco_thousandeyes_recorder_application

 
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing certain commands using sudo. A successful exploit could allow the attacker to view arbitrary files as root on the underlying operating system. The attacker must have valid credentials on the affected device.2023-08-16not yet calculatedCVE-2023-20217
MISC
MISC
MISC
cisco -- cisco_ip_phones_with_multiplatform_firmware

 
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform a factory reset of the affected device, resulting in a Denial of Service (DoS) condition.2023-08-16not yet calculatedCVE-2023-20221
MISC
cisco -- cisco_prime_infrastructure

 
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2023-08-16not yet calculatedCVE-2023-20222
MISC
cisco -- cisco_thousandeyes_recorder_application

 
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device.2023-08-16not yet calculatedCVE-2023-20224
MISC
MISC
MISC
cisco -- cisco_unified_computing_system

 
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.2023-08-16not yet calculatedCVE-2023-20228
MISC
cisco -- cisco_duo_device_health_application

 
A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks and overwrite arbitrary files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a directory traversal attack on an affected host. A successful exploit could allow an attacker to use a cryptographic key to overwrite arbitrary files with SYSTEM-level privileges, resulting in a denial of service (DoS) condition or data loss on the affected system.2023-08-16not yet calculatedCVE-2023-20229
MISC
cisco -- cisco_unified_contact_center_express

 
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper input validation of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a specific API endpoint on the Unified CCX Finesse Portal. A successful exploit could allow the attacker to cause the internal WebProxy to redirect users to an attacker-controlled host.2023-08-16not yet calculatedCVE-2023-20232
MISC
cisco -- cisco_intersight_virtual_appliance

 
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker access to internal subnets beyond the sphere of their intended access level.2023-08-16not yet calculatedCVE-2023-20237
MISC
cisco -- cisco_unified_communications_managerA vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM Presence Service (Unified CM IM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2023-08-16not yet calculatedCVE-2023-20242
MISC
amd -- ryzen(tm)_masterInsufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service.2023-08-15not yet calculatedCVE-2023-20560
MISC
amd -- ryzen(tm)_masterInsufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution.2023-08-15not yet calculatedCVE-2023-20564
MISC
google -- androidIn processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-20965
MISC
MISC
MISC
MISC
obsidian -- obsidianImproper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/". This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies text from a malicious webpage and paste it into Obsidian.2023-08-19not yet calculatedCVE-2023-2110
MISC
MISC
google -- androidIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21132
MISC
MISC
google -- androidIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21133
MISC
MISC
google -- androidIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21134
MISC
MISC
google -- androidIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21140
MISC
MISC
wordpress -- wordpress

 
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize and escape the iowd_tabs_active parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link.2023-08-16not yet calculatedCVE-2023-2122
MISC
wordpress -- wordpress

 
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.2023-08-16not yet calculatedCVE-2023-2123
MISC
MISC
google -- androidIn onCreate of LockSettingsActivity.java, there is a possible way set a new lock screen PIN without entering the existing PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21235
MISC
google -- androidIn isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21242
MISC
MISC
google -- androidIn multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21264
MISC
MISC
MISC
google -- androidIn multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21265
MISC
MISC
google -- androidIn doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21267
MISC
MISC
google -- androidIn update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21268
MISC
MISC
google -- androidIn startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21269
MISC
MISC
google -- androidIn convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21274
MISC
MISC
google -- androidIn decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21275
MISC
MISC
google -- androidIn writeToParcel of CursorWindow.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21276
MISC
MISC
google -- androidIn visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21277
MISC
MISC
google -- androidIn multiple locations, there is a possible way to obscure the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21278
MISC
MISC
google -- androidIn visitUris of RemoteViews.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21279
MISC
MISC
google -- androidIn setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21280
MISC
MISC
google -- androidIn multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21281
MISC
MISC
google -- androidIn TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.2023-08-14not yet calculatedCVE-2023-21282
MISC
MISC
google -- androidIn multiple functions of StatusHints.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.2023-08-14not yet calculatedCVE-2023-21283
MISC
MISC
MISC
google -- androidIn multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21284
MISC
MISC
google -- androidIn setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21285
MISC
MISC
google -- androidIn visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21286
MISC
MISC
google -- androidIn multiple locations, there is a possible code execution due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21287
MISC
MISC
google -- androidIn visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21288
MISC
MISC
google -- androidIn multiple locations, there is a possible bypass of a multiuser security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21289
MISC
MISC
google -- androidIn update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21290
MISC
MISC
google -- androidIn openContentUri of ActivityManagerService.java, there is a possible way for a third-party app to obtain restricted files due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-21292
MISC
MISC
wordpress -- wordpress

 
The SEO Alert WordPress plugin through 1.59 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).2023-08-16not yet calculatedCVE-2023-2225
MISC
wordpress -- wordpress

 
The Ko-fi Button WordPress plugin before 1.3.3 does not properly some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup), and we consider it a low risk.2023-08-16not yet calculatedCVE-2023-2254
MISC
wordpress -- wordpressThe Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attack2023-08-16not yet calculatedCVE-2023-2271
MISC
wordpress -- wordpress

 
The Tiempo.com WordPress plugin through 0.1.2 does not sanitize and escape the page parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin2023-08-16not yet calculatedCVE-2023-2272
MISC
audiocodes -- voip_desk_phones

 
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is able to store malicious firmware.2023-08-11not yet calculatedCVE-2023-22955
MISC
MISC
FULLDISC
MISC
audiocodes -- voip_desk_phones

 
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information.2023-08-11not yet calculatedCVE-2023-22956
MISC
MISC
FULLDISC
MISC
audiocodes -- voip_desk_phones

 
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.2023-08-11not yet calculatedCVE-2023-22957
MISC
MISC
FULLDISC
MISC
google -- chromeUse after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-2312
MISC
MISC
MISC
MISC
typora -- typora

 
Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.2023-08-19not yet calculatedCVE-2023-2316
MISC
MISC
typora -- typora

 
DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in tag. This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.2023-08-19not yet calculatedCVE-2023-2317
MISC
MISC
marktext -- marktext

 
DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into MarkText.2023-08-19not yet calculatedCVE-2023-2318
MISC
MISC
genesys -- genesys_administrator_extension

 
Genesys Administrator Extension (GAX) before 9.0.105.15 is vulnerable to Cross Site Scripting (XSS) via the Business Structure page of the iWD plugin, aka GAX-11261.2023-08-13not yet calculatedCVE-2023-23208
CONFIRM
intel(r) -- xeon(r)_scalable_processors

 
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.2023-08-11not yet calculatedCVE-2023-23908
MISC
MISC
MISC
MISC
intel(r) -- quartus(r)_prime_pro_edition_for_linux

 
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access.2023-08-15not yet calculatedCVE-2023-24478
MISC
zte -- multiple_products

 
There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event.2023-08-17not yet calculatedCVE-2023-25647
MISC
wordpress -- wordpress

 
The WP Brutal AI WordPress plugin before 2.06 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).2023-08-14not yet calculatedCVE-2023-2606
MISC
excalidraw -- excalidraw

 
Versions of the package @excalidraw/excalidraw from 0.0.0 are vulnerable to Cross-site Scripting (XSS) via embedded links in whiteboard objects due to improper input sanitization.2023-08-16not yet calculatedCVE-2023-26140
MISC
MISC
MISC
jorani -- jorani

 
In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.2023-08-17not yet calculatedCVE-2023-26469
MISC
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paul Kehrer Updraft plugin <= 0.6.1 versions.2023-08-17not yet calculatedCVE-2023-26530
MISC
thales -- safenet_authtentication_service_agent

 
Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation.2023-08-16not yet calculatedCVE-2023-2737
MISC
insyde_software -- insydeh20

 
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. Exploitation of this vulnerability could potentially lead to denial of service for the platform.2023-08-18not yet calculatedCVE-2023-27471
MISC
phplist -- phplist

 
An issue was discovered in phpList 3.6.12. Due to an access error, it was possible to manipulate and edit data of the system's super admin, allowing one to perform an account takeover of the user with super-admin permission.2023-08-18not yet calculatedCVE-2023-27576
MISC
wordpress -- wordpress

 
The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)2023-08-14not yet calculatedCVE-2023-2802
MISC
wordpress -- wordpress

 
The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.2023-08-14not yet calculatedCVE-2023-2803
MISC
dell -- cpg_bios

 
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.2023-08-16not yet calculatedCVE-2023-28075
MISC
tigergraph -- tigergraphdb_enterprise

 
An issue was discovered in Tigergraph Enterprise 3.7.0. There is unsecured write access to SSH authorized keys file. Any code running as the tigergraph user is able to add their SSH public key into the authorized keys file. This allows an attacker to obtain password-less SSH key access by using their own SSH key.2023-08-14not yet calculatedCVE-2023-28481
MISC
tigergraph -- tigergraphdb_enterprise

 
An issue was discovered in Tigergraph Enterprise 3.7.0. A single TigerGraph instance can host multiple graphs that are accessed by multiple different users. The TigerGraph platform does not protect the confidentiality of any data uploaded to the remote server. In this scenario, any user that has permissions to upload data can browse data uploaded by any other user (irrespective of their permissions).2023-08-14not yet calculatedCVE-2023-28482
MISC
tigergraph -- tigergraphdb_enterprise

 
An issue was discovered in Tigergraph Enterprise 3.7.0. The GSQL query language provides users with the ability to write data to files on a remote TigerGraph server. The locations that a query is allowed to write to are configurable via the GSQL.FileOutputPolicy configuration setting. GSQL queries that contain UDFs can bypass this configuration setting and, as a consequence, can write to any file location to which the administrative user has access.2023-08-14not yet calculatedCVE-2023-28483
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Williams Cab Grid plugin <= 1.5.15 versions.2023-08-17not yet calculatedCVE-2023-28533
MISC
wordpress -- wordpress

 
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions.2023-08-17not yet calculatedCVE-2023-28622
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Steinbrecher WP BrowserUpdate plugin <= 4.5 versions.2023-08-17not yet calculatedCVE-2023-28690
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Balasaheb Bhise Advanced Youtube Channel Pagination plugin <= 1.0 version.2023-08-17not yet calculatedCVE-2023-28693
MISC
wordpress -- wordpress

 
Auth. (shop manager+) Stored Cross-Site Scripting (XSS) vulnerability in PHPRADAR Woocommerce Tip/Donation plugin <= 1.2 versions.2023-08-17not yet calculatedCVE-2023-28783
MISC
asustor -- adm

 
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Printer service functionality in ASUSTOR Data Master (ADM) allows remote unauthorized users to execute arbitrary commands via unspecified vectors. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.2023-08-17not yet calculatedCVE-2023-2910
MISC
rockwell_automation -- thinmanager_thinserver

 
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial-of-service condition in the software.2023-08-17not yet calculatedCVE-2023-2914
MISC
rockwell_automation -- thinmanager_thinserver

 
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.2023-08-17not yet calculatedCVE-2023-2915
MISC
rockwell_automation -- thinmanager_thinserver

 
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.  Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed.  A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.2023-08-17not yet calculatedCVE-2023-2917
MISC
fortinet -- fortios

 
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.2023-08-17not yet calculatedCVE-2023-29182
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for Icomoon plugin <= 2.0 versions.2023-08-18not yet calculatedCVE-2023-29387
MISC
texas_instruments -- wilink8-wifi-mcp8

 
The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier.2023-08-14not yet calculatedCVE-2023-29468
MISC
typora -- typora

 
Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.2023-08-19not yet calculatedCVE-2023-2971
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov YML for Yandex Market plugin <= 3.10.7 versions.2023-08-16not yet calculatedCVE-2023-30473
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeFlavors Vimeotheque: Vimeo WordPress Plugin <= 2.2.1 versions.2023-08-15not yet calculatedCVE-2023-30498
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.32.7212 versions.2023-08-18not yet calculatedCVE-2023-30499
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPGem WooCommerce Easy Duplicate Product plugin <= 0.3.0.0 versions.2023-08-15not yet calculatedCVE-2023-30747
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt plugin <= 1.8.5 versions.2023-08-14not yet calculatedCVE-2023-30754
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry plugin <= 10.0.1 versions.2023-08-15not yet calculatedCVE-2023-30778
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jonathan Daggerhart Query Wrangler plugin <= 1.5.51 versions.2023-08-16not yet calculatedCVE-2023-30779
MISC
lenovo -- universal_device_client

 
An uncontrolled search path vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.2023-08-17not yet calculatedCVE-2023-3078
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.5 versions.2023-08-16not yet calculatedCVE-2023-30782
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kaya Studio Kaya QR Code Generator plugin <= 1.5.2 versions.2023-08-16not yet calculatedCVE-2023-30784
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Video Grid plugin <= 1.21 versions.2023-08-16not yet calculatedCVE-2023-30785
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Benjamin Guy Captcha Them All plugin <= 1.3.3 versions.2023-08-16not yet calculatedCVE-2023-30786
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PT Woo Plugins (by Webdados) Stock Exporter for WooCommerce plugin <= 1.1.0 versions.2023-08-16not yet calculatedCVE-2023-30871
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Steve Curtis, St. Pete Design Gps Plotter plugin <= 5.1.4 versions.2023-08-17not yet calculatedCVE-2023-30874
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in All My Web Needs Logo Scheduler plugin <= 1.2.0 versions.2023-08-18not yet calculatedCVE-2023-30875
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dave Ross Dave's WordPress Live Search plugin <= 4.8.1 versions.2023-08-17not yet calculatedCVE-2023-30876
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov XML for Google Merchant Center plugin <= 3.0.1 versions.2023-08-17not yet calculatedCVE-2023-30877
MISC
insyde_software -- insydeh20

 
An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.2023-08-14not yet calculatedCVE-2023-31041
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.14 versions.2023-08-17not yet calculatedCVE-2023-31071
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Praveen Goswami Advanced Category Template plugin <= 0.1 versions.2023-08-17not yet calculatedCVE-2023-31072
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in hupe13 Extensions for Leaflet Map plugin <= 3.4.1 versions.2023-08-17not yet calculatedCVE-2023-31074
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.6 versions.2023-08-17not yet calculatedCVE-2023-31076
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Roberts Tippy plugin <= 6.2.1 versions.2023-08-17not yet calculatedCVE-2023-31079
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pradeep Singh Dynamically Register Sidebars plugin <= 1.0.1 versions.2023-08-17not yet calculatedCVE-2023-31091
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin <= 2.4.0 versions.2023-08-18not yet calculatedCVE-2023-31094
MISC
wordpress -- wordpress

 
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions.2023-08-18not yet calculatedCVE-2023-31218
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions.2023-08-18not yet calculatedCVE-2023-31228
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Artiss Plugins List plugin <= 2.5 versions.2023-08-18not yet calculatedCVE-2023-31232
MISC
zoho_corporation -- manageengine_admanager_plus

 
Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated attackers to view user passwords after executing backup or recovery operations on user accounts.2023-08-17not yet calculatedCVE-2023-31492
MISC
eset,_spol._s_r.o. -- multiple_products

 
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.2023-08-14not yet calculatedCVE-2023-3160
MISC
node.js -- node.js

 
`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.2023-08-15not yet calculatedCVE-2023-32003
MISC
MISC
MISC
node.js -- node.js

 
A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.2023-08-15not yet calculatedCVE-2023-32004
MISC
MISC
MISC
node.js -- node.js

 
The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.2023-08-15not yet calculatedCVE-2023-32006
MISC
MISC
MISC
wordpress -- wordpress

 
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Theme Palace TP Education plugin <= 4.4 versions.2023-08-18not yet calculatedCVE-2023-32103
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.17.1 versions.2023-08-18not yet calculatedCVE-2023-32105
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fahad Mahmood WP Docs plugin <= 1.9.9 versions.2023-08-18not yet calculatedCVE-2023-32106
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions.2023-08-18not yet calculatedCVE-2023-32107
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio Online plugin <= 4.6.3 versions.2023-08-18not yet calculatedCVE-2023-32108
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio Online plugin <= 4.6.3 versions.2023-08-18not yet calculatedCVE-2023-32109
MISC
wordpress -- wordpress

 
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy Plugins Spiffy Calendar plugin <= 4.9.3 versions.2023-08-18not yet calculatedCVE-2023-32122
MISC
wordpress -- wordpress

 
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.6 versions.2023-08-18not yet calculatedCVE-2023-32130
MISC
dell -- cpg_bios

 
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security critical UEFI variable without knowledge of the BIOS administrator.2023-08-16not yet calculatedCVE-2023-32453
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges.2023-08-16not yet calculatedCVE-2023-32486
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure.2023-08-16not yet calculatedCVE-2023-32487
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.2023-08-16not yet calculatedCVE-2023-32488
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.  2023-08-16not yet calculatedCVE-2023-32489
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover.2023-08-16not yet calculatedCVE-2023-32490
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure.2023-08-16not yet calculatedCVE-2023-32491
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.2023-08-16not yet calculatedCVE-2023-32492
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.2023-08-16not yet calculatedCVE-2023-32493
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.2023-08-16not yet calculatedCVE-2023-32494
MISC
dell -- powerscale_onefs

 
Dell PowerScale OneFS, 8.2.x-9.5.x, contains an exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges.2023-08-16not yet calculatedCVE-2023-32495
MISC
cisco -- cisco_adaptive_security_appliance

 
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database. Successful exploitation allows the malicious agent to take actions with administrator privileges including, but not limited to, manipulating power levels, modifying user accounts, and exporting confidential user information.2023-08-14not yet calculatedCVE-2023-3259
MISC
cyberpower -- powerpanel_enterprise

 
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.2023-08-14not yet calculatedCVE-2023-3260
MISC
cyberpower -- powerpanel_enterprise

 
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.2023-08-14not yet calculatedCVE-2023-3261
MISC
cisco -- cisco_adaptive_security_appliance

 
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records.2023-08-14not yet calculatedCVE-2023-3262
MISC
logitec_corporation -- multiple_products

 
Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions allow an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands.2023-08-18not yet calculatedCVE-2023-32626
MISC
MISC
cisco -- cisco_adaptive_security_appliance

 
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials. Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.2023-08-14not yet calculatedCVE-2023-3263
MISC
cisco -- cisco_adaptive_security_appliance

 
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials. Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.2023-08-14not yet calculatedCVE-2023-3264
MISC
cyberpower -- powerpanel_enterprise

 
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character. An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials.2023-08-14not yet calculatedCVE-2023-3265
MISC
cyberpower -- powerpanel_enterprise

 
A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator by selecting LDAP authentication from a hidden HTML combo box. Successful exploitation of this vulnerability also requires the attacker to know at least one username on the device, but any password will authenticate successfully.2023-08-14not yet calculatedCVE-2023-3266
MISC
cyberpower -- powerpanel_enterprise

 
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.2023-08-14not yet calculatedCVE-2023-3267
MISC
mitel_networks_corp. -- mivoice_connect

 
The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.2023-08-14not yet calculatedCVE-2023-32748
MISC
MISC
moxa -- tn-5900_series

 
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors. 2023-08-17not yet calculatedCVE-2023-33237
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices.2023-08-17not yet calculatedCVE-2023-33238
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient input validation in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices.2023-08-17not yet calculatedCVE-2023-33239
MISC
wordpress -- wordpress

 
The Custom Field For WP Job Manager WordPress plugin before 1.2 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)2023-08-14not yet calculatedCVE-2023-3328
MISC
prestashop -- prestashop

 
In the module “Customization fields fee for your store” (aicustomfee) from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue.2023-08-16not yet calculatedCVE-2023-33663
MISC
MISC
moxa -- tn-5900_series

 
TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices. 2023-08-17not yet calculatedCVE-2023-34213
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious users to execute remote code on affected devices.2023-08-17not yet calculatedCVE-2023-34214
MISC
moxa -- tn-5900_series

 
TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the certification-generation function, which could potentially allow malicious users to execute remote code on affected devices. 2023-08-17not yet calculatedCVE-2023-34215
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.2023-08-17not yet calculatedCVE-2023-34216
MISC
moxa -- tn-4900_series/tn-5900_series

 
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-delete function, which could potentially allow malicious users to delete arbitrary files.2023-08-17not yet calculatedCVE-2023-34217
MISC
wordpress -- wordpress

 
The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitize and escape several parameters before using it in a SQL statement as part of its exportation feature, allowing unauthenticated attackers to conduct SQL injection attacks.2023-08-14not yet calculatedCVE-2023-3435
MISC
lenovo -- notebook

 
A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.2023-08-17not yet calculatedCVE-2023-34419
MISC
ibm -- cognos_analytics

 
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system information without authentication which could be used in reconnaissance to gather information that could be used for future attacks. IBM X-Force ID: 257703.2023-08-16not yet calculatedCVE-2023-35009
MISC
MISC
ibm -- cognos_analytics

 
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 257705.2023-08-16not yet calculatedCVE-2023-35011
MISC
MISC
ivanti -- epmm

 
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.2023-08-15not yet calculatedCVE-2023-35082
MISC
google -- androidIn checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.2023-08-14not yet calculatedCVE-2023-35689
MISC
ibm -- security_guardiumIBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824.2023-08-16not yet calculatedCVE-2023-35893
MISC
MISC
logitec_corporation -- multiple_productsHidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions.2023-08-18not yet calculatedCVE-2023-35991
MISC
MISC
wordpress -- wordpressThe Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.2023-08-14not yet calculatedCVE-2023-3601
MISC
powerjob -- powerjobAn incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list.2023-08-17not yet calculatedCVE-2023-36106
MISC
MISC
wordpress -- wordpressThe Contact Form Builder by Bit Form WordPress plugin before 2.2.0 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)2023-08-14not yet calculatedCVE-2023-3645
MISC
asustor -- admPrinter service fails to adequately handle user input, allowing a remote unauthorized user to navigate beyond the intended directory structure and create files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.2023-08-17not yet calculatedCVE-2023-3697
MISC
asustor -- admPrinter service fails to adequately handle user input, allowing a remote unauthorized user to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.2023-08-17not yet calculatedCVE-2023-3698
MISC
wordpress -- wordpressThe WP-EMail WordPress plugin before 2.69.1 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)2023-08-14not yet calculatedCVE-2023-3721
MISC
xwiki -- xwiki-platformXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can view `Invitation.WebHome` can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. This vulnerability has been patched on XWiki 14.4.8, 15.2-rc-1, and 14.10.6. Users are advised to upgrade. Users unable to upgrade may manually apply the patch on `Invitation.InvitationCommon` and `Invitation.InvitationConfig`, but there are otherwise no known workarounds for this vulnerability.2023-08-17not yet calculatedCVE-2023-37914
MISC
MISC
MISC
logitec_corporation -- lan-w451ngrLAN-W451NGR all versions provided by LOGITEC CORPORATION contains an improper access control vulnerability, which allows an unauthenticated attacker to log in to telnet service.2023-08-18not yet calculatedCVE-2023-38132
MISC
MISC
hewlett_packard_enterprise -- hpe_aruba_networking_virtual_intranet_accessA vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.2023-08-15not yet calculatedCVE-2023-38401
MISC
hewlett_packard_enterprise -- hpe_aruba_networking_virtual_intranet_accessA vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.2023-08-15not yet calculatedCVE-2023-38402
MISC
logitec_corporation -- lan-wh300n/reHidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console.2023-08-18not yet calculatedCVE-2023-38576
MISC
MISC
svelecte -- svelecteSvelecte is a flexible autocomplete/select component written in Svelte. Svelecte item names are rendered as raw HTML with no escaping. This allows the injection of arbitrary HTML into the Svelecte dropdown. This can be exploited to execute arbitrary JavaScript whenever a Svelecte dropdown is opened. Item names given to Svelecte appear to be directly rendered as HTML by the default item renderer. This means that any HTML tags in the name are rendered as HTML elements not as text. Note that the custom item renderer shown in https://mskocik.github.io/svelecte/#item-rendering is also vulnerable to the same exploit. Any site that uses Svelecte with dynamically created items either from an external source or from user-created content could be vulnerable to an XSS attack (execution of untrusted JavaScript), clickjacking or any other attack that can be performed with arbitrary HTML injection. The actual impact of this vulnerability for a specific application depends on how trustworthy the sources that provide Svelecte items are and the steps that the application has taken to mitigate XSS attacks. XSS attacks using this vulnerability are mostly mitigated by a Content Security Policy that blocks inline JavaScript. This issue has been addressed in version 3.16.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-14not yet calculatedCVE-2023-38687
MISC
ibm -- i

 
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173.2023-08-14not yet calculatedCVE-2023-38721
MISC
MISC
ibm -- webspher_application_server_liberty

 
IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 262567.2023-08-16not yet calculatedCVE-2023-38737
MISC
MISC
ibm -- txseries_for_multiplatforms

 
IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905.2023-08-14not yet calculatedCVE-2023-38741
MISC
MISC
kidus_minimati -- kidus_minimati

 
SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component.2023-08-17not yet calculatedCVE-2023-38838
MISC
MISC
MISC
kidus_minimati -- kidus_minimati

 
SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via theID parameter in the fulldelete.php component.2023-08-18not yet calculatedCVE-2023-38839
MISC
bitwarden -- bitwarden

 
Bitwarden Windows Desktop v2023.5.1 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process.2023-08-15not yet calculatedCVE-2023-38840
MISC
MISC
MISC
atlos -- atlos

 
An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function.2023-08-17not yet calculatedCVE-2023-38843
MISC
MISC
codedoc -- codedoc

 
Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker to cause a denial of service via the codedoc.c:1742 component.2023-08-15not yet calculatedCVE-2023-38850
MISC
langchain -- langchain

 
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter.2023-08-15not yet calculatedCVE-2023-38860
MISC
wavlink -- wl_wnj575a3

 
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.2023-08-15not yet calculatedCVE-2023-38861
MISC
comfast -- cf-xr11

 
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.2023-08-15not yet calculatedCVE-2023-38862
MISC
comfast -- cf-xr11

 
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.2023-08-15not yet calculatedCVE-2023-38863
MISC
comfast -- cf-xr11

 
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt.2023-08-15not yet calculatedCVE-2023-38864
MISC
comfast -- cf-xr11

 
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.2023-08-15not yet calculatedCVE-2023-38865
MISC
comfast -- cf-xr11

 
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and display_name.2023-08-15not yet calculatedCVE-2023-38866
MISC
alluxio -- alluxio

 
An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroups(java.lang.String).2023-08-15not yet calculatedCVE-2023-38889
MISC
online_shopping_portal_project -- online_shopping_portal_project

 
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.2023-08-18not yet calculatedCVE-2023-38890
MISC
tree-kit -- tree-kit

 
A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function.2023-08-16not yet calculatedCVE-2023-38894
MISC
MISC
MISC
langchain -- langchain

 
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions.2023-08-15not yet calculatedCVE-2023-38896
MISC
MISC
MISC
cpython -- cpython

 
An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component.2023-08-15not yet calculatedCVE-2023-38898
MISC
MISC
ruijie_networks -- multiple_products

 
A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field.2023-08-17not yet calculatedCVE-2023-38902
MISC
netlify_cms -- netlify_cms

 
A Cross Site Scripting (XSS) vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function.2023-08-16not yet calculatedCVE-2023-38904
MISC
jeecg-boot -- jeecg-boot

 
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.2023-08-17not yet calculatedCVE-2023-38905
MISC
MISC
cszcms-- cszcms

 
CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the 'Carousel Wiget' section and choosing our carousel widget created above, in 'Photo URL' and 'YouTube URL' plugin.2023-08-18not yet calculatedCVE-2023-38910
MISC
cszcms-- cszcms

 
A Cross-Site Scripting (XSS) vulnerability in CSZ CMS 1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Gallery parameter in the YouTube URL fields.2023-08-18not yet calculatedCVE-2023-38911
MISC
MISC
easyadmin8 -- easyadmin8 

 
File Upload vulnerability in Wolf-leo EasyAdmin8 v.1.0 allows a remote attacker to execute arbitrary code via the upload type function.2023-08-15not yet calculatedCVE-2023-38915
MISC
evotingsystem-php -- evotingsystem-php

 
SQL Injection vulnerability in eVotingSystem-PHP v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the user input fields.2023-08-15not yet calculatedCVE-2023-38916
MISC
campcodes -- online_matrimonial_website_system_script

 
install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document.2023-08-16not yet calculatedCVE-2023-39115
MISC
MISC
MISC
MISC
ntsc-crt_2.2.1 -- ntsc-crt_2.2.1

 
NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmp_rw.c because a file's width, height, and BPP are not validated. NOTE: the vendor's perspective is "this main application was not intended to be a well-tested program, it's just something to demonstrate it works and for the user to see how to integrate it into their own programs."2023-08-18not yet calculatedCVE-2023-39125
MISC
dell -- dell_storage_integration_tools_for_vmware

 
Dell Storage Integration Tools for VMware (DSITV) 06.01.00.016 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks.2023-08-16not yet calculatedCVE-2023-39250
MISC
mitel_networks_corp. -- mivoice_office_400_smb_controller

 
A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary database and management operations.2023-08-14not yet calculatedCVE-2023-39292
MISC
mitel_networks_corp. -- mivoice_office_400_smb_controller

 
A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to execute arbitrary commands within the context of the system.2023-08-14not yet calculatedCVE-2023-39293
MISC
north_grid_corporation -- multiple_products

 
Improper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote unauthenticated attacker to log in to the product's Control Panel and perform an unintended operation.2023-08-18not yet calculatedCVE-2023-39415
MISC
MISC
MISC
north_grid_corporation -- multiple_products

 
Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote authenticated attacker with an administrative privilege to execute arbitrary OS commands.2023-08-18not yet calculatedCVE-2023-39416
MISC
MISC
MISC
sap_se -- cla_assistant

 
A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. This allows an arbitrary authenticated user to read CLA information including information of the persons who signed them as well as custom fields the CLA requester had configured. In addition, an arbitrary authenticated user can update or delete the CLA-configuration for repositories or organizations using CLA-assistant. The stored access tokens for GitHub are not affected, as these are redacted from the API-responses.2023-08-15not yet calculatedCVE-2023-39438
MISC
logitec_corporation -- lan-wh300n/re

 
Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an unauthenticated attacker to execute arbitrary code by sending a specially crafted file to the product's certain management console.2023-08-18not yet calculatedCVE-2023-39445
MISC
MISC
elecom_co._ltd.-- multiple_products

 
Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code.2023-08-18not yet calculatedCVE-2023-39454
MISC
MISC
elecom_co._ltd. -- multiple_products

 
OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-F1167ACF2 all versions, WRC-1467GHBK-S all versions, and WRC-1900GHBK-S all versions.2023-08-18not yet calculatedCVE-2023-39455
MISC
MISC
recruit_co._ltd. -- rikunabi_next_app_for_androidImproper authorization in the custom URL scheme handler in "Rikunabi NEXT" App for Android prior to ver. 11.5.0 allows a malicious intent to lead the vulnerable App to access an arbitrary website.2023-08-16not yet calculatedCVE-2023-39507
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39534
MISC
MISC
MISC
MISC
MISC
langchain -- langchain

 
An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component.2023-08-15not yet calculatedCVE-2023-39659
MISC
MISC
pandas-ai -- pandas-ai

 
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the _is_jailbreak function.2023-08-15not yet calculatedCVE-2023-39661
MISC
llama_index -- llama_index

 
An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function.2023-08-15not yet calculatedCVE-2023-39662
MISC
d-link -- dir-842

 
D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters.2023-08-18not yet calculatedCVE-2023-39666
MISC
MISC
MISC
d-link -- dir-880

 
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824.2023-08-18not yet calculatedCVE-2023-39669
MISC
MISC
MISC
tenda -- ac6

 
Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets.2023-08-18not yet calculatedCVE-2023-39670
MISC
MISC
d-link -- dir-880

 
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68.2023-08-18not yet calculatedCVE-2023-39671
MISC
MISC
MISC
tenda -- wh450

 
Tenda WH450 v1.0.0.18 was discovered to contain a buffer overflow via the function fgets.2023-08-18not yet calculatedCVE-2023-39672
MISC
MISC
tenda -- ac15

 
Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34().2023-08-18not yet calculatedCVE-2023-39673
MISC
MISC
d-link -- dir-880

 
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets.2023-08-18not yet calculatedCVE-2023-39674
MISC
MISC
MISC
lrzip -- lrzip

 
lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.2023-08-17not yet calculatedCVE-2023-39741
MISC
MISC
lrzip-next_lzma -- lrzip-next_lzma

 
lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c.2023-08-17not yet calculatedCVE-2023-39743
MISC
MISC
etekcity -- 3-in-1_smart_door_lock

 
Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.2023-08-15not yet calculatedCVE-2023-39841
MISC
digoo -- dg-hamb_smart_home_security_system

 
Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.2023-08-15not yet calculatedCVE-2023-39842
MISC
suleve -- 5-in-1_smart_door_lock

 
Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.2023-08-15not yet calculatedCVE-2023-39843
MISC
konga -- konga

 
An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token.2023-08-16not yet calculatedCVE-2023-39846
MISC
yubico -- yubihsm_2_sdk

 
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory.2023-08-14not yet calculatedCVE-2023-39908
MISC
elecom_co._ltd. -- wrc-1167acf/wrc-1750ghbk3

 
OS command injection vulnerability in WRC-F1167ACF all versions, and WRC-1750GHBK all versions allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request.2023-08-18not yet calculatedCVE-2023-39944
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled `BadParamException` in fastcdr, which in turn crashes fastdds. Versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39945
MISC
MISC
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PID_PROPERTY_LIST parameter that contains a CDR string with length larger than the size of actual content. In `eprosima::fastdds::dds::ParameterPropertyList_t::push_back_helper`, `memcpy` is called to first copy the octet'ized length and then to copy the data into `properties_.data`. At the second memcpy, both `data` and `size` can be controlled by anyone that sends the CDR string to the discovery multicast port. This can remotely crash any Fast-DDS process. Versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39946
MISC
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed `PID_PROPERTY_LIST` parameters cause heap overflow at a different program counter. This can remotely crash any Fast-DDS process. Versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39947
MISC
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the `BadParamException` thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39948
MISC
MISC
MISC
MISC
eprosima -- fast-dds

 
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.2023-08-11not yet calculatedCVE-2023-39949
MISC
MISC
MISC
MISC
siemens -- efibootguard

 
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. This is triggered when the affected components try to modify a manipulated environment, in particular its user variables. Furthermore, `bg_printenv` may crash over invalid read accesses or report invalid results. Not affected by this issue is EFI Boot Guard's bootloader EFI binary. EFI Boot Guard release v0.15 contains required patches to sanitize and validate the bootloader environment prior to processing it in userspace. Its library and tools should be updated, so should programs statically linked against it. An update of the bootloader EFI executable is not required. The only way to prevent the issue with an unpatched EFI Boot Guard version is to avoid accesses to user variables, specifically modifications to them.2023-08-14not yet calculatedCVE-2023-39950
MISC
MISC
MISC
MISC
MISC
joomla -- joomla

 
Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution.2023-08-17not yet calculatedCVE-2023-39970
MISC
joomla -- joomla

 
Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3.2023-08-17not yet calculatedCVE-2023-39971
MISC
MISC
joomla -- joomlaImproper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists.2023-08-17not yet calculatedCVE-2023-39972
MISC
MISC
joomla -- joomla

 
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns.2023-08-17not yet calculatedCVE-2023-39973
MISC
MISC
joomla -- joomla

 
Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list.2023-08-17not yet calculatedCVE-2023-39974
MISC
MISC
massachusetts_institute_of_technology -- kerberos_5

 
kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.2023-08-16not yet calculatedCVE-2023-39975
CONFIRM
MISC
MISC
svg-loader -- svg-loader

 
SVG Loader is a javascript library that fetches SVGs using XMLHttpRequests and injects the SVG code in the tag's place. According to the docs, svg-loader will strip all JS code before injecting the SVG file for security reasons, but the input sanitization logic is not sufficient and can be trivially bypassed. This allows an attacker to craft a malicious SVG which can result in Cross-site Scripting (XSS). When trying to sanitize the svg the lib removes event attributes such as `onmouseover`, `onclick` but the list of events is not exhaustive. Any website which uses external-svg-loader and allows its users to provide svg src, upload svg files would be susceptible to stored XSS attack. This issue has been addressed in commit `d3562fc08` which is included in releases from 1.6.9. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-14not yet calculatedCVE-2023-40013
MISC
MISC
MISC
MISC
privateuploader -- privateuploader

 
PrivateUploader is an open-source image hosting server written in Vue and TypeScript. In affected versions `app/routes/v3/admin.controller.ts` did not correctly verify whether the user was an administrator (High Level) or moderator (Low Level) causing the request to continue processing. The response would be a 403 with ADMIN_ONLY, however, next() would call leading to any updates/changes in the route to process. This issue has been addressed in version 3.2.49. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-14not yet calculatedCVE-2023-40020
MISC
MISC
oppia -- oppia

 
Oppia is an online learning platform. When comparing a received CSRF token against the expected token, Oppia uses the string equality operator (`==`), which is not safe against timing attacks. By repeatedly submitting invalid tokens, an attacker can brute force the expected CSRF token character by character. Once they have recovered the token, they can then submit a forged request on behalf of a logged-in user and execute privileged actions on that user's behalf. In particular the function to validate received CSRF tokens is at `oppia.core.controllers.base.CsrfTokenManager.is_csrf_token_valid`. An attacker who can lure a logged-in Oppia user to a malicious website can perform any change on Oppia that the user is authorized to do, including changing profile information; creating, deleting, and changing explorations; etc. Note that the attacker cannot change a user's login credentials. An attack would need to complete within 1 second because every second, the time used in computing the token changes. This issue has been addressed in commit `b89bf80837` which has been included in release `3.3.2-hotfix-2`. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-16not yet calculatedCVE-2023-40021
MISC
MISC
MISC
MISC
yaklang -- yaklang

 
yaklang is a programming language designed for cybersecurity. The Yak Engine has been found to contain a local file inclusion (LFI) vulnerability. This vulnerability allows attackers to include files from the server's local file system through the web application. When exploited, this can lead to the unintended exposure of sensitive data, potential remote code execution, or other security breaches. Users utilizing versions of the Yak Engine prior to 1.2.4-sp1 are impacted. This vulnerability has been patched in version 1.2.4-sp1. Users are advised to upgrade. users unable to upgrade may avoid exposing vulnerable versions to untrusted input and to closely monitor any unexpected server behavior until they can upgrade.2023-08-14not yet calculatedCVE-2023-40023
MISC
MISC
MISC
nexb -- scancode.io

 
ScanCode.io is a server to script and automate software composition analysis pipelines. In the `/license/` endpoint, the detailed view key is not properly validated and sanitized, which can result in a potential cross-site scripting (XSS) vulnerability when attempting to access a detailed license view that does not exist. Attackers can exploit this vulnerability to inject malicious scripts into the response generated by the `license_details_view` function. When unsuspecting users visit the page, their browsers will execute the injected scripts, leading to unauthorized actions, session hijacking, or stealing sensitive information. This issue has been addressed in release `32.5.2`. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-14not yet calculatedCVE-2023-40024
MISC
MISC
keystone -- keystone

 
Keystone is an open-source headless CMS for Node.js — built with GraphQL and React. When `ui.isAccessAllowed` is set as `undefined`, the `adminMeta` GraphQL query is publicly accessible (no session required). This is different to the behaviour of the default AdminUI middleware, which by default will only be publicly accessible (no session required) if a `session` strategy is not defined. This vulnerability does not affect developers using the `@keystone-6/auth` package, or any users that have written their own `ui.isAccessAllowed` (that is to say, `isAccessAllowed` is not `undefined`). This vulnerability does affect users who believed that their `session` strategy will, by default, enforce that `adminMeta` is inaccessible by the public in accordance with that strategy; akin to the behaviour of the AdminUI middleware. This vulnerability has been patched in `@keystone-6/core` version `5.5.1`. Users are advised to upgrade. Users unable to upgrade may opt to write their own `isAccessAllowed` functionality to work-around this vulnerability.2023-08-15not yet calculatedCVE-2023-40027
MISC
MISC
MISC
ghost -- ghost

 
Ghost is an open-source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder. Version 5.59.1 contains a fix for this issue. All users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-15not yet calculatedCVE-2023-40028
MISC
MISC
flarum -- flarum

 
Flarum is an open-source forum software. Flarum is affected by a vulnerability that allows an attacker to conduct a Blind Server-Side Request Forgery (SSRF) attack or disclose any file on the server, even with a basic user account on any Flarum forum. By uploading a file containing a URL and spoofing the MIME type, an attacker can manipulate the application to execute unintended actions. The vulnerability is due to the behavior of the `intervention/image` package, which attempts to interpret the supplied file contents as a URL, which then fetches its contents. This allows an attacker to exploit the vulnerability to perform SSRF attacks, disclose local file contents, or conduct a blind oracle attack. This has been patched in Flarum version 1.8.0. Users are advised to upgrade. Users unable to upgrade may disable PHP's `allow_url_fopen` which will prevent the fetching of external files via URLs as a temporary workaround for the SSRF aspect of the vulnerability.2023-08-16not yet calculatedCVE-2023-40033
MISC
MISC
woodpecker-ci -- woodpecker

 
Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data which lead to an update of the repository data that can e.g., allow the takeover of a repo. This is only critical if the CI is configured for public usage and connected to a forge which is also in public usage. This issue has been addressed in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should secure the CI system by making it inaccessible to untrusted entities, for example, by placing it behind a firewall.2023-08-16not yet calculatedCVE-2023-40034
MISC
MISC
MISC
MISC
apache -- nifi

 
Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connection URL validation using custom input formatting. The resolution enhances connection URL validation and introduces validation for additional related properties. Upgrading to Apache NiFi 1.23.1 is the recommended mitigation.2023-08-18not yet calculatedCVE-2023-40037
MISC
MISC
MISC
elecom_co._ltd. -- multiple_products

 
OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-F1167ACF all versions, WRC-1750GHBK all versions, WRC-1167GHBK2 all versions, WRC-1750GHBK2-I all versions, and WRC-1750GHBK-E all versions.2023-08-18not yet calculatedCVE-2023-40069
MISC
MISC
elecom_co._ltd. -- wab-s600-ps/wab-s300

 
OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allow an authenticated user to execute an arbitrary OS command by sending a specially crafted request.2023-08-18not yet calculatedCVE-2023-40072
MISC
MISC
rubygems -- rubygems

 
rubygems.org is the Ruby community's primary gem (library) hosting service. Insufficient input validation allowed malicious actors to replace any uploaded gem version that had a platform, version number, or gem name matching `/-\d/`, permanently replacing the legitimate upload in the canonical gem storage bucket and triggering an immediate CDN purge so that the malicious gem would be served immediately. The maintainers have checked all gems matching the `/-\d/` pattern and can confirm that no unexpected `.gem`s were found. As a result, we believe this vulnerability was _not_ exploited. The easiest way to ensure that a user's applications were not exploited by this vulnerability is to check that all of your downloaded .gems have a checksum that matches the checksum recorded in the RubyGems.org database. RubyGems contributor Maciej Mensfeld wrote a tool to automatically check that all downloaded .gem files match the checksums recorded in the RubyGems.org database. You can use it by running: `bundle add bundler-integrity` followed by `bundle exec bundler-integrity`. Neither this tool nor anything else can prove you were not exploited, but they can assist your investigation by quickly comparing RubyGems API-provided checksums with the checksums of files on your disk. The issue has been patched with improved input validation and the changes are live. No action is required on the part of the user. Users are advised to validate their local gems.2023-08-17not yet calculatedCVE-2023-40165
MISC
MISC
turbowarp -- desktop

 
TurboWarp is a desktop application that compiles scratch projects to JavaScript. TurboWarp Desktop versions prior to version 1.8.0 allowed a malicious project or custom extension to read arbitrary files from disk and upload them to a remote server. The only required user interaction is opening the sb3 file or loading the extension. The web version of TurboWarp is not affected. This bug has been addressed in commit `55e07e99b59` after an initial fix which was reverted. Users are advised to upgrade to version 1.8.0 or later. Users unable to upgrade should avoid opening sb3 files or loading extensions from untrusted sources.2023-08-17not yet calculatedCVE-2023-40168
MISC
MISC
MISC
MISC
dispatch -- dispatch

 
Dispatch is an open-source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the `Dispatch Plugin - Basic Authentication Provider` plugin encounters an error when attempting to decode a JWT token. Any Dispatch users who own their instance and rely on the `Dispatch Plugin - Basic Authentication Provider` plugin for authentication may be impacted, allowing for any account to be taken over within their own instance. This could be done by using the secret to sign attacker crafted JWTs. If you think that you may be impacted, we strongly suggest you rotate the secret stored in the `DISPATCH_JWT_SECRET` envvar in the `.env` file. This issue has been addressed in commit `b1942a4319` which has been included in the `20230817` release. users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-17not yet calculatedCVE-2023-40171
MISC
MISC
MISC
MISC
social_media_skeleton -- social_media_skeleton

 
Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery (CSRF) attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do. This can be done by sending the victim a malicious link or by exploiting a vulnerability in the website. Prior to version 1.0.5 Social media skeleton did not properly restrict CSRF attacks. This has been addressed in version 1.0.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-18not yet calculatedCVE-2023-40172
MISC
MISC
social_media_skeleton -- social_media_skeleton

 
Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue.2023-08-18not yet calculatedCVE-2023-40173
MISC
MISC
MISC
social_media_skeleton -- social_media_skeleton

 
Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Insufficient session expiration is a web application security vulnerability that occurs when a web application does not properly manage the lifecycle of a user's session. Social media skeleton releases prior to 1.0.5 did not properly limit manage user session lifecycles. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-18not yet calculatedCVE-2023-40174
MISC
MISC
puma -- puma

 
Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is highly dependent on the nature of the web site using puma is. This could be caused by either incorrect parsing of trailing fields in chunked transfer encoding bodies or by parsing of blank/zero-length Content-Length headers. Both issues have been addressed and this vulnerability has been fixed in versions 6.3.1 and 5.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.2023-08-18not yet calculatedCVE-2023-40175
MISC
MISC
genians -- multiple_products

 
Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.2023-08-17not yet calculatedCVE-2023-40251
MISC
genians -- multiple_products

 
Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.2023-08-17not yet calculatedCVE-2023-40252
MISC
genians -- multiple_products

 
Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.2023-08-11not yet calculatedCVE-2023-40253
MISC
genians -- multiple_products

 
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.2023-08-11not yet calculatedCVE-2023-40254
MISC
apache -- airflow

 
Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not affected.2023-08-17not yet calculatedCVE-2023-40272
MISC
MISC
MISC
getzola -- getzola

 
An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handle_request function, used by the server to process HTTP requests, does not account for sequences of special path control characters (../) in the URL when serving a file, which allows one to escape the webroot of the server and read arbitrary files from the filesystem.2023-08-14not yet calculatedCVE-2023-40274
MISC
MISC
lenovo -- notebook

 
A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.2023-08-17not yet calculatedCVE-2023-4028
MISC
ec-cube_co._ltd. -- ec-cube_2_series

 
EC-CUBE 2.11.0 to 2.17.2-p1 contain a cross-site scripting vulnerability in "mail/template" and "products/product" of Management page. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the other administrator or the user who accessed the website using the product.2023-08-17not yet calculatedCVE-2023-40281
MISC
MISC
linux -- kernel

 
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of a sk are mishandled.2023-08-14not yet calculatedCVE-2023-40283
MISC
MISC
MISC
DEBIAN
lenovo -- thinkpad

 
A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code.2023-08-17not yet calculatedCVE-2023-4029
MISC
harman_international -- harman_automotive_infotainment

 
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name.2023-08-14not yet calculatedCVE-2023-40291
MISC
harman_international -- harman_automotive_infotainment

 
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets.2023-08-14not yet calculatedCVE-2023-40292
MISC
harman_international -- harman_automotive_infotainment

 
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.2023-08-14not yet calculatedCVE-2023-40293
MISC
boron_2.0.8-- boron_2.0.8

 
libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c.2023-08-14not yet calculatedCVE-2023-40294
MISC
boron_2.0.8-- boron_2.0.8

 
libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_strInitUtf8 at string.c.2023-08-14not yet calculatedCVE-2023-40295
MISC
async-sockets-cpp -- async-sockets-cpp

 
async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets.2023-08-14not yet calculatedCVE-2023-40296
MISC
lenovo -- thinkpad

 
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt.2023-08-17not yet calculatedCVE-2023-4030
MISC
gnu_inetutils -- gnu_inetutils

 
GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.2023-08-14not yet calculatedCVE-2023-40303
MISC
MISC
MISC
gnu_indent -- gnu_indent

 
GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.2023-08-14not yet calculatedCVE-2023-40305
MISC
MISC
opennms -- horizon

 
Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue.2023-08-14not yet calculatedCVE-2023-40311
MISC
MISC
MISC
opennms -- horizon

 
Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue.2023-08-14not yet calculatedCVE-2023-40312
MISC
MISC
opennms -- horizon

 
A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian versions which could allow arbitrary remote Java code execution. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet.2023-08-17not yet calculatedCVE-2023-40313
MISC
MISC
opennms -- horizon

 
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYSTEM_EDITOR can easily escalate their privileges to ROLE_ADMIN or any other role. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue.2023-08-17not yet calculatedCVE-2023-40315
MISC
MISC
jenkins -- jenkins

 
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders.2023-08-16not yet calculatedCVE-2023-40336
MISC
MISC
jenkins -- jenkins

 
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder.2023-08-16not yet calculatedCVE-2023-40337
MISC
MISC
jenkins -- jenkins

 
Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system.2023-08-16not yet calculatedCVE-2023-40338
MISC
MISC
jenkins -- jenkins

 
Jenkins Config File Provider Plugin 952.va_544a_6234b_46 and earlier does not mask (i.e., replace with asterisks) credentials specified in configuration files when they're written to the build log.2023-08-16not yet calculatedCVE-2023-40339
MISC
MISC
jenkins -- jenkins

 
Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs.2023-08-16not yet calculatedCVE-2023-40340
MISC
MISC
jenkins -- jenkins

 
A cross-site request forgery (CSRF) vulnerability in Jenkins Favorite View Plugin 5.v77a_37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar.2023-08-16not yet calculatedCVE-2023-40351
MISC
MISC
mariadb_maxscale -- mariadb_maxscale

 
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08.8, and 23.02.3.2023-08-14not yet calculatedCVE-2023-40354
MISC
xterm -- xterm

 
xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue.2023-08-14not yet calculatedCVE-2023-40359
MISC
qemu -- qemu

 
QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled.2023-08-14not yet calculatedCVE-2023-40360
MISC
MISC
MISC
litespeed/openlitespeed -- litespeed/openlitespeed

 
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers.2023-08-14not yet calculatedCVE-2023-40518
MISC
MISC
moxa -- nport_iaw5000a-i/o_series

 
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerability which poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate firmware manipulation.2023-08-16not yet calculatedCVE-2023-4204
MISC
cloudflare -- lol-html

 
lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected.2023-08-16not yet calculatedCVE-2023-4241
MISC
zephyrproject-rtos -- zephyr

 
Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis... https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis.c#L8412023-08-12not yet calculatedCVE-2023-4265
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3.2023-08-14not yet calculatedCVE-2023-4321
MISC
MISC
radareorg -- radare2

 
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.2023-08-14not yet calculatedCVE-2023-4322
MISC
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup.2023-08-15not yet calculatedCVE-2023-4323
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers.2023-08-15not yet calculatedCVE-2023-4324
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities.2023-08-15not yet calculatedCVE-2023-4325
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites.2023-08-15not yet calculatedCVE-2023-4326
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux.2023-08-15not yet calculatedCVE-2023-4327
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux.2023-08-15not yet calculatedCVE-2023-4328
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute.2023-08-15not yet calculatedCVE-2023-4329
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to Denial of Service which can be caused by an authenticated user to the REST API Interface.2023-08-15not yet calculatedCVE-2023-4330
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to an insecure default TLS configuration that support obsolete and vulnerable TLS protocols.2023-08-15not yet calculatedCVE-2023-4331
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file.2023-08-15not yet calculatedCVE-2023-4332
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows.2023-08-15not yet calculatedCVE-2023-4333
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication.2023-08-15not yet calculatedCVE-2023-4334
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux.2023-08-15not yet calculatedCVE-2023-4335
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute.2023-08-15not yet calculatedCVE-2023-4336
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation.2023-08-15not yet calculatedCVE-2023-4337
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers.2023-08-15not yet calculatedCVE-2023-4338
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions.2023-08-15not yet calculatedCVE-2023-4339
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file.2023-08-15not yet calculatedCVE-2023-4340
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI.2023-08-15not yet calculatedCVE-2023-4341
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy.2023-08-15not yet calculatedCVE-2023-4342
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter.2023-08-15not yet calculatedCVE-2023-4343
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection.2023-08-15not yet calculatedCVE-2023-4344
MISC
broadcom -- raid_controller_web_interface

 
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user.2023-08-15not yet calculatedCVE-2023-4345
MISC
librenms -- librenms/librenms

 
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.2023-08-15not yet calculatedCVE-2023-4347
MISC
MISC
google -- chromeUse after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4349
MISC
MISC
MISC
MISC
google -- chrome_for_androidInappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4350
MISC
MISC
MISC
MISC
google -- chromeUse after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4351
MISC
MISC
MISC
MISC
google -- chromeType confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4352
MISC
MISC
MISC
MISC
google -- chromeHeap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4353
MISC
MISC
MISC
MISC
google -- chromeHeap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4354
MISC
MISC
MISC
MISC
google -- chromeOut of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)2023-08-15not yet calculatedCVE-2023-4355
MISC
MISC
MISC
MISC
google -- chromeUse after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4356
MISC
MISC
MISC
MISC
google -- chromeInsufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4357
MISC
MISC
MISC
MISC
google -- chromeUse after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4358
MISC
MISC
MISC
MISC
google -- chrome_for_iosInappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4359
MISC
MISC
MISC
MISC
google -- chromeInappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4360
MISC
MISC
MISC
MISC
google -- chrome_for_androidInappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4361
MISC
MISC
MISC
MISC
google -- chromeHeap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4362
MISC
MISC
MISC
MISC
google -- chrome_for_androidInappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4363
MISC
MISC
MISC
MISC
google -- chromeInappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4364
MISC
MISC
MISC
MISC
google -- chromeInappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4365
MISC
MISC
MISC
MISC
google -- chromeUse after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4366
MISC
MISC
MISC
MISC
google -- chromeInsufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4367
MISC
MISC
MISC
MISC
google -- chromeInsufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4368
MISC
MISC
MISC
MISC
google -- chrome_for_chromeosInsufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium)2023-08-15not yet calculatedCVE-2023-4369
MISC
MISC
phprecdb -- phprecdbA vulnerability was found in phpRecDB 1.3.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument r/view leads to cross site scripting. The attack may be launched remotely. VDB-237194 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-15not yet calculatedCVE-2023-4371
MISC
MISC
instantsoft -- instantsoft/icms2

 
Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git.2023-08-16not yet calculatedCVE-2023-4381
MISC
MISC
tdevs -- hyip_rio

 
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be launched remotely. VDB-237314 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-16not yet calculatedCVE-2023-4382
MISC
MISC
MISC
microworld -- escan_anti-virus

 
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-16not yet calculatedCVE-2023-4383
MISC
MISC
MISC
maximatech -- portal_executivo

 
A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to missing encryption of sensitive data. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237316. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-16not yet calculatedCVE-2023-4384
MISC
MISC
MISC
linux -- kernelA NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check.2023-08-16not yet calculatedCVE-2023-4385
MISC
MISC
MISC
linux -- kernelA use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem.2023-08-16not yet calculatedCVE-2023-4387
MISC
MISC
MISC
linux -- kernelA flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.2023-08-16not yet calculatedCVE-2023-4389
MISC
MISC
MISC
control_id -- gerencia_web

 
A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected by this issue is some unknown functionality of the component Cookie Handler. The manipulation leads to cleartext storage of sensitive information. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237380. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-17not yet calculatedCVE-2023-4392
MISC
MISC
MISC
linux -- kernel

 
A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information2023-08-17not yet calculatedCVE-2023-4394
MISC
MISC
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.2023-08-17not yet calculatedCVE-2023-4395
MISC
MISC
codecanyon -- credit_lite

 
A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/account_statement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-237511.2023-08-18not yet calculatedCVE-2023-4407
MISC
MISC
nbs&happysoftwechat -- nbs&happysoftwechat

 
A vulnerability, which was classified as critical, has been found in NBS&HappySoftWeChat 1.1.6. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237512.2023-08-18not yet calculatedCVE-2023-4409
MISC
MISC
MISC
totolink -- ex1200l

 
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023. This affects the function setDiagnosisCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237513 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4410
MISC
MISC
MISC
totolink -- ex1200l

 
A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-237514 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4411
MISC
MISC
MISC
totolink -- ex1200l

 
A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This issue affects the function setWanCfg. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237515. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4412
MISC
MISC
MISC
rkhunter -- rootkit_hunter

 
A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It has been classified as problematic. Affected is an unknown function of the file /var/log/rkhunter.log. The manipulation leads to sensitive information in log files. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237516.2023-08-18not yet calculatedCVE-2023-4413
MISC
MISC
MISC
MISC
beijing_baichuo -- smart_s85f_management_platform

 
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237517 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4414
MISC
MISC
MISC
ruijie_networks -- rg-ew1200g

 
A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2023-08-18not yet calculatedCVE-2023-4415
MISC
MISC
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3.2023-08-18not yet calculatedCVE-2023-4422
MISC
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.2023-08-19not yet calculatedCVE-2023-4432
MISC
MISC
cockpit-hq -- cockpit

 
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.2023-08-19not yet calculatedCVE-2023-4433
MISC
MISC

Back to top



Mon, 21 Aug 2023 07:27:53 EDT
CISA
/node/18651

Source: CISA Bulletins
Source Link: https://www.cisa.gov/news-events/bulletins/sb23-233


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)



Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.