CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

EUVD-2023-60535

Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...

CVE-2023-40711

Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service out-of-memory abort via crafted packet data, as exploited in the wild in August 2023...

EUVD-2023-35061

Malicious code in bioql PyPI...

EUVD-2023-35057

Malicious code in bioql PyPI...

EUVD-2023-45266

Malicious code in bioql PyPI...

EUVD-2023-35058

Malicious code in bioql PyPI...

CVE-2023-30681

An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write...

CVE-2023-30688

Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...

CVE-2023-30684

Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission...

CVE-2023-30696

An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write...

CVE-2023-30697

An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write...

CVE-2025-39395 WordPress WPAMS plugin <= 44.0 (17-08-2023) - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...

CVE-2025-39403

CVE-2025-39403 is an unauthenticated SQL Injection vulnerability in the WordPress WPAMS (Apartment Management System) plugin, affecting versioned releases up to 44.0 (as of 17-08-2023). The root cause is improper neutralization of special elements in SQL commands, enabling attackers to exploit th...

BIT-NODE-MIN-2023-44487

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

AMD Ryzen Master™ SDK August 2023 Security Update

AMD has informed HP of potential security vulnerabilities identified in the AMD® Ryzen Master™ SDK, which might allow arbitrary code execution, denial of service, or information disclosure. AMD has released software updates to mitigate the potential vulnerabilities. AMD has released updates to...

PT-2023-6923

Name of the Vulnerable Software and Affected Versions Qlik Sense Enterprise for Windows versions prior to August 2023 Patch 2 Description The issue is related to improper validation of HTTP headers, allowing a remote attacker to elevate their privilege by tunneling HTTP requests and execute HTTP...

Intel Dynamic Tuning Technology Software August 2023 Security Update

Intel has informed HP of a potential security vulnerability in the Intel® Dynamic Tuning Technology DTT software which may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerabilit...

AZL-35068 CVE-2023-44487 affecting package opa for versions less than 0.50.2-6

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

AZL-33343 CVE-2023-44487 affecting package helm for versions less than 3.14.0-1

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...