CVE-2023-28079

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains Insecure File and Folder Permissions vulnerability. A regular user non-admin can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM...

USN-6117-1: Apache Batik vulnerabilities

It was discovered that Apache Batik incorrectly handled certain inputs. An attacker could possibly use this to perform a cross site request forgery attack. CVE-2019-17566, CVE-2020-11987, CVE-2022-38398, CVE-2022-38648 It was discovered that Apache Batik incorrectly handled Jar URLs in some...

Cross site scripting

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

Cisco Small Business Denial of Service Vulnerability (CNVD-2023-40906)

Cisco Small Business is a switch from the American company Cisco Cisco. A denial of service vulnerability exists in Cisco Small Business Series Switches, which arises from a device authentication error on requests sent to the web interface, and can be exploited by an unauthenticated, remote...

CVE-2023-20024 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...

CVE-2023-20160 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...

CVE-2023-20159 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...

CVE-2023-20189 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...

Ubuntu: Security Advisory (USN-6078-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-29862

An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters...

Code injection

An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters...

Microsoft Office 2019 Multiple RCE Vulnerabilities (May 2023) - Mac OS X

This host is missing an important security update for Microsoft Office 2019 on Mac OS X according to Microsoft security update May 2023 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox. An attacker can exploit this vulnerability to execute arbitrary code...

CVE-2023-0851

Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF740C...

CVE-2023-31148

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details...

CVE-2020-22755

File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943...

Huawei EulerOS: Security Advisory for libndp (EulerOS-SA-2023-1746)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.0 : libndp (EulerOS-SA-2023-1746)

According to the versions of the libndp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the ndpmsgoptdnssldomain function in libndp allows remote routers to cause a denial of service crash and possib...

CVE-2023-30090

Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMSUpfile.php. This vulnerability allows attackers to execute arbitrary code via uploading a crafted PHP file...

Cross site scripting

Out-of-bounds write vulnerability in TACommunicationmposencryptpin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...