PT-2023-24498 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Contact Roles function, specifically at the /tenancy/contact-roles/ API endpoint, allowing attackers to execute arbitrary web scripts or HTML by...

PT-2023-24490 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Tenant Groups function, specifically at the /tenancy/tenant-groups/ API endpoint, allowing attackers to execute arbitrary web scripts or HTML by...

PT-2023-28311 · Unknown +2 · Openimageio +2

Name of the Vulnerable Software and Affected Versions: OpenImageIO oiio version 2.4.12.0 Description: The issue allows a remote attacker to execute arbitrary code and cause a denial of service via the read subimage data function. Recommendations: For OpenImageIO oiio version 2.4.12.0, consider...

PT-2023-22532 · Cesanta · Cesanta Mjs

Name of the Vulnerable Software and Affected Versions: Cesanta MJS version 1.26 Description: A Buffer Overflow issue allows a local attacker to cause a denial of service via the mjs mk string function in mjs.c. This issue can be exploited to disrupt service. Recommendations: For Cesanta MJS versi...

PT-2023-23554 · Sngrep +1 · Sngrep +1

Name of the Vulnerable Software and Affected Versions: Sngrep version 1.6.0 Description: A heap buffer overflow issue was discovered in the function capture packet reasm ip at /src/capture.c. This issue affects the specified version of Sngrep. Recommendations: For Sngrep version 1.6.0, consider...

PT-2023-22360 · H3C · H3C Gr-1200W

Name of the Vulnerable Software and Affected Versions: H3C GR-1200W version MiniGRW1A0V100R006 Description: A stack overflow issue was discovered via the function set tftp upgrad. Recommendations: For H3C GR-1200W version MiniGRW1A0V100R006, as a temporary workaround, consider disabling the set...

PT-2023-18773 · Sourcecodester · Sourcecodester Purchase Order Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Purchase Order Management System version 1.0 Description: A problematic issue has been found in the system, affecting an unknown part of the file classes/Master.php?f=save item. The manipulation of the description argument with...

PT-2023-22322 · Yasm +1 · Yasm +1

Name of the Vulnerable Software and Affected Versions: yasm version 1.3.0.55.g101bc Description: A stack overflow issue was discovered in yasm via the parse expr1 function at /nasm/nasm-parse.c. This issue has been disputed by third parties, who argue it is a bug rather than a security issue due ...

PT-2023-22785 · Archery · Archery

Name of the Vulnerable Software and Affected Versions: Archery affected versions not specified Description: The Archery project contains multiple SQL injection vulnerabilities that may allow an attacker to query the connected databases. User input coming from the db name in the sql/data...

PT-2023-22316 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A segmentation violation was discovered in the AP4 TrunAtom::SetDataOffsetint function in Ap4TrunAtom.h. Recommendations: For Bento4 version 1.6.0-639, as a temporary workaround, consider disabling the AP...

PT-2023-9521 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the mp box deserialize string function, which is vulnerable due to improper neutralization of special elements used in SQL commands. This can be exploited by a...

PT-2023-7316 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: Nginx NJS version 0.7.10 Description: The issue is related to a segmentation violation via the function njs dump is recursive at src/njs vmcode.c. This is caused by a memory boundary read issue in the njs dump is recursive function of the Ngi...

PT-2023-17371 · Unknown · Sourcecodester Online Computer/Laptop Store

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Computer and Laptop Store version 1.0 Description: A critical issue was found in the software, affecting an unknown part of the file /classes/Master.php?f=delete sub category. The manipulation of the id argument leads to...

PT-2023-20909 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: Prestashop cdesigner versions 3.1.3 through 3.1.8 Description: A code injection issue was found in the component CdesignerSaverotateModuleFrontController::initContent. This allows for code injection, potentially leading to unauthorized access...

PT-2023-19981 · Tenda · Tenda Ac5

Name of the Vulnerable Software and Affected Versions: Tenda AC5 version US AC5V1.0RTL V15.03.06.28 Description: The issue is related to a stack overflow via the fromSetSysTime function, allowing attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...

PT-2023-20897 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version US AC10V4.0si V16.03.10.13 cn Description: The issue is related to a stack overflow via the sub 46AC38 function, which can be exploited by attackers to cause a Denial of Service DoS or execute arbitrary code using a crafted...

PT-2023-20896 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 US AC10V4.0si V16.03.10.13 cn Description: The issue is related to a stack overflow via the get parentControl list Info function, allowing attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...

PT-2023-17288 · Unknown · Sourcecodester Online Computer/Laptop Store

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Computer and Laptop Store version 1.0 Description: A vulnerability was found in the software, classified as problematic. It affects some unknown functionality of the file "/admin/?page=product/manage product&id=2". The...

PT-2023-17249 · Sourcecodester · Sourcecodester Simple Task Allocation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Task Allocation System version 1.0 Description: A critical issue has been found in the manage user.php file, where the manipulation of the id argument leads to sql injection. This issue can be exploited remotely. The...

PT-2023-17230 · Sourcecodester · Sourcecodester Grade Point Average Gpa Calculator

Name of the Vulnerable Software and Affected Versions: SourceCodester Grade Point Average GPA Calculator version 1.0 Description: A critical issue has been found, affecting the function get scale of the file Master.php. The manipulation of the argument perc leads to sql injection. The attack can ...