CVE-2023-23951

Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application...

@aws-amplify/geo (>=2.0.13-push-notification-dryrun.43 <=2.0.35-unstable.15353e0.2), @aws-amplify/interactions (>=5.0.13-push-notification-dryrun.43 <=5.1.1-unstable.15353e0.2) +98 more potentially affected by CVE-2023-34104 via fast-xml-parser (>=4.1.3 <=4.2.3)

fast-xml-parser NPM version =4.1.3, =2.0.13-push-notification-dryrun.43, =5.0.13-push-notification-dryrun.43, =1.0.13-push-notification-dryrun.43, =5.0.13-push-notification-dryrun.43, =5.1.3-push-notification-dryrun.43, =1.1.6-exodus.1, =6.2.44, =9.1.0, =9.1.0, =9.53.0 and more Source cves:...

CVE-2023-23951

Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application...

PHP-Nuke 6.x/7.0/7.1 Image Tag Admin Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9895/info It has been reported that PHP-Nuke is prone to a remote admin command execution vulnerability. This issue is due to a design error that allows an attacker to specify arbitrary URI values in bbCode tags contained...