CVE-2023-35067 Plaintext Storage of a Password in Infodrom Sofwares E-Invoice Approval System

Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable. This issue affects E-Invoice Approval System: before v.20230701...

CVE-2023-35067 Plaintext Storage of a Password in Infodrom Sofwares E-Invoice Approval System

Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable. This issue affects E-Invoice Approval System: before v.20230701...

Infodrom Software E-Invoice Approval System 安全漏洞

Infodrom Software E-Invoice Approval System is an electronic invoice approval system from Infodrom Software, Turkey. A security vulnerability exists in Infodrom Software E-Invoice Approval System prior to version v.20230701, which stems from a plaintext stored password vulnerability that allows...

PT-2023-15101 · Vocera · Vocera Voice Server +2

Name of the Vulnerable Software and Affected Versions: Vocera Report Server and Voice Server versions 5.x through 5.8 Description: An issue was discovered in the software, allowing Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs executed on the server at...

CVE-2022-46900

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...

CVE-2023-3417

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...

CVE-2023-3322 Code Execution through overwriting service executable in utilities directory

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts...

Design/Logic Flaw

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the gue...

DEBIAN-CVE-2023-3417

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...

CVE-2023-3417

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...

CVE-2023-3417

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...

CVE-2023-3417 File Extension Spoofing using the Text Direction Override Character

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...

CVE-2023-3417

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...

CVE-2023-3417

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...

SUSE-SU-2023:2933-1 Security update for python-pip

This update for python-pip fixes the following issues: - Removed .exe files from the RPM package, to prevent issues with security scanners bsc1212015...

PT-2023-36234 · Unknown · Python-Pip

Name of the Vulnerable Software and Affected Versions: python-pip affected versions not specified Description: The issue with python-pip is related to the presence of .exe files in the RPM package, which could cause problems with security scanners. Recommendations: At the moment, there is no...

PT-2023-36233 · Unknown · Python-Pip

Name of the Vulnerable Software and Affected Versions: python-pip affected versions not specified Description: The issue with python-pip is related to the presence of .exe files in the RPM package, which could cause problems with security scanners. Recommendations: At the moment, there is no...

CVE-2023-37602

An arbitrary file upload vulnerability in the component /workplace!explorer of Alkacon OpenCMS v15.0 allows attackers to execute arbitrary code via uploading a crafted PNG file...

Design/Logic Flaw

It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...

CVE-2023-37289 InfoDoc Document On-line Submission and Approval System - Arbitrary File Upload

It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...