Lucene search
K

4316 matches found

OSV
OSV
added 2023/10/20 10:15 p.m.2 views

CVE-2023-43355

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...

5.4CVSS6.1AI score0.00485EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/10/20 10:15 p.m.4 views

CVE-2023-43357

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component...

5.4CVSS6.2AI score0.00461EPSS
Exploits1References2
OSV
OSV
added 2023/10/20 10:15 p.m.3 views

CVE-2023-43356

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component...

5.4CVSS6.1AI score0.00461EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/10/20 10:15 p.m.3 views

CVE-2023-43353

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component...

5.4CVSS6.2AI score0.00473EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/20 12:0 a.m.4 views

PT-2023-28800 · Unknown · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMSmadesimple version 2.2.18 Description: The issue allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component. This enables the attacker to...

5.4CVSS5.7AI score0.00485EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2023/10/19 11:15 p.m.4 views

CVE-2023-43340

Cross-site scripting XSS vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters...

5.2CVSS6.1AI score0.00471EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/10/19 10:15 p.m.3 views

CVE-2023-43342

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component...

5.4CVSS6.1AI score0.00486EPSS
Exploits1References3
OSV
OSV
added 2023/10/19 10:15 p.m.4 views

CVE-2023-43359

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component...

5.4CVSS6.1AI score0.00462EPSS
Exploits1References1
OSV
OSV
added 2023/10/19 10:15 p.m.3 views

CVE-2023-43342

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component...

5.4CVSS6.1AI score0.00486EPSS
Exploits1References2
NCSC
NCSC
added 2023/10/19 12:0 a.m.2 views

Vulnerability fixed in Dell Openmanage

A vulnerability has been fixed in Dell OpenManage Server Administrator, version 11.0.0.0 and earlier. A local malicious user could exploit this security vulnerability to execute arbitrary execute code and obtain elevated user privileges. Dell has released updates to fix the vulnerability in OMSA...

7.8CVSS7AI score0.00164EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.4 views

PT-2023-29304 · Unknown · Expense Management System

Name of the Vulnerable Software and Affected Versions: Expense Management System version 1.0 Description: An issue in the Expense Management System allows a local attacker to execute arbitrary code via a crafted file uploaded to the "sign-up.php" component. Recommendations: For Expense Management...

7.8CVSS7.9AI score0.00321EPSS
Exploits1References8
VulnCheck KEV
VulnCheck KEV
added 2023/10/11 12:0 a.m.7 views

VulnCheck KEV: CVE-2022-23748

Dante Discovery contains a process control vulnerability in mDNSResponder.exe that all allows for a DLL sideloading attack. A local attacker can leverage this vulnerability in the Dante Application Library to execute arbitrary code...

7.8CVSS7.5AI score0.09092EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.5 views

PT-2023-6260 · Siemens · Simatic Cp 1623 +4

Name of the Vulnerable Software and Affected Versions: SIMATIC CP 1604 All versions SIMATIC CP 1616 All versions SIMATIC CP 1623 All versions SIMATIC CP 1626 All versions SIMATIC CP 1628 All versions Description: A vulnerability has been identified that exposes kernel memory of affected devices t...

6.7CVSS6.7AI score0.00184EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/10/07 12:15 a.m.3 views

CVE-2023-36123

Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information...

7.8CVSS6.1AI score0.00711EPSS
Exploits1References3
OSV
OSV
added 2023/10/06 2:15 p.m.3 views

CVE-2023-35897

IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246...

7.8CVSS6.1AI score0.00234EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/10/06 1:15 p.m.11 views

CVE-2023-44771

A Cross-Site Scripting XSS vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout...

5.4CVSS6.2AI score0.00536EPSS
Exploits1References2
CVE
CVE
added 2023/10/06 1:6 p.m.76 views

CVE-2023-35897

IBM Storage Protect Backup-Archive Client and IBM Storage Protect for Virtual Environments (Data Protection for VMware/Hyper-V) versions 8.1.0.0–8.1.19.0 are affected by a DLL hijacking flaw that could allow a local user to execute arbitrary code via a specially crafted file. The issue impacts Wi...

8.4CVSS7.9AI score0.00234EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2023/10/05 10:15 p.m.5 views

CVE-2023-43343

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component...

5.4CVSS6.1AI score0.00677EPSS
Exploits1References3
OSV
OSV
added 2023/10/04 4:15 a.m.3 views

CVE-2023-30733

Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows local privileged attackers to perform code execution...

7.8CVSS5.9AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2023/10/03 6:15 p.m.7 views

AZL-34733 CVE-2023-4911 affecting package glibc for versions less than 2.38-6

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS7.1AI score0.81422EPSS
Exploits26References1
Rows per page
Query Builder