PT-2023-23519 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 3.0 commit 05dbbd1 Description: An Assertion Failure was discovered in Jerryscript via the jcontext raise exception at jerry-core/jcontext/jcontext.c. Recommendations: For Jerryscript version 3.0 commit 05dbbd1, consider...

PT-2023-23517 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 3.0 commit 1a2c047 Description: An Assertion Failure was discovered in Jerryscript via the jmem heap finalize function at jerry-core/jmem/jmem-heap.c. Recommendations: For Jerryscript version 3.0 commit 1a2c047, consider...

PT-2023-23516 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 3.0 commit 05dbbd1 Description: The issue is related to an out-of-memory problem in the malloc function. Recommendations: For Jerryscript version 3.0 commit 05dbbd1, consider restricting memory allocation to prevent...

PT-2023-12581 · Unknown · Asp Bootloader

Name of the Vulnerable Software and Affected Versions: ASP Bootloader affected versions not specified Description: The issue is related to insufficient syscall input validation, which may allow a privileged attacker to execute arbitrary DMA copies. This can potentially lead to code execution...

PT-2023-15758 · Unknown · Modem Control Device

Name of the Vulnerable Software and Affected Versions: Modem control device affected versions not specified Description: The issue is related to a possible out of bounds write due to a missing bounds check in the modem control device. This could lead to local denial of service and requires System...

PT-2023-23547 · Yasm +1 · Yasm +1

Name of the Vulnerable Software and Affected Versions: yasm version 1.3.0 Description: A use after free issue was discovered in the pp getline function at /nasm/nasm-pp.c. Note that multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy...

PT-2023-19999 · Unknown · Control Id Rhid

Name of the Vulnerable Software and Affected Versions: Control iD RHiD version 23.3.19.0 Description: A critical vulnerability has been found in Control iD RHiD, affecting an unknown part of the file /v2//. The manipulation leads to direct request and can be initiated remotely. The vendor was...

PT-2023-2523 · Frrouting +3 · Frrouting +3

Name of the Vulnerable Software and Affected Versions: FRRouting versions through 8.4 Description: An issue in bgpd allows attackers to cause a denial of service by crafting a BGP OPEN message with an option of type 0xff, leading to inconsistent boundary checks and potential out-of-bounds read or...

PT-2023-15510 · Jedox · Jedox

Name of the Vulnerable Software and Affected Versions: Jedox version 2020.2.5 Description: The issue is related to incorrect input validation for the default-storage-path in the settings page, allowing remote, authenticated users to specify the location as the Webroot directory. This can lead to...

PT-2023-22357 · Tenda · Tenda N301

Name of the Vulnerable Software and Affected Versions: Tenda N301 version 6.0, Firmware version 12.02.01.61 multi Description: The issue allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password due to cleartext transmission in...

PT-2023-2824 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The issue results from the lack of control of resource consumption when handling SMB2 SESSION SET...

PT-2023-21342 · Unknown · Online Jewelry Shop

Name of the Vulnerable Software and Affected Versions: Online Jewelry Shop version 1.0 Description: A cross-site scripting XSS issue was discovered that allows attackers to execute arbitrary script via a crafted URL. Recommendations: For Online Jewelry Shop version 1.0, consider disabling the...

PT-2023-22448 · Wbce Cms · Wbce Cms

Name of the Vulnerable Software and Affected Versions: WBCE CMS version 1.5.3 Description: The issue is a command execution vulnerability. It can be exploited via the admin/languages/install.php endpoint. Recommendations: For WBCE CMS version 1.5.3, consider disabling access to the...

PT-2023-3156 · Totolink · Totolink X18

Name of the Vulnerable Software and Affected Versions: TOTOLINK X18 version V9.1.0cu.2024 B20220329 Description: The issue is related to insufficient argument validation in the UploadFirmwareFile function of the TOTOLINK X18 router's firmware, allowing a remote attacker to execute arbitrary...

PT-2023-22328 · Bloofox · Bloofox

Name of the Vulnerable Software and Affected Versions: bloofox version 0.5.2 Description: The issue is related to a SQL injection vulnerability. It affects the component "/index.php?mode=content&page=pages&action=edit&eid=1". Recommendations: For bloofox version 0.5.2, consider restricting access...

PT-2023-22761 · Jenkins · Jenkins Turboscript Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TurboScript Plugin versions 1.3 and earlier Description: A missing permission check in the plugin allows attackers with Item/Read permission to trigger builds of jobs corresponding to the attacker-specified repository. Recommendations...

PT-2023-22316 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A segmentation violation was discovered in the AP4 TrunAtom::SetDataOffsetint function in Ap4TrunAtom.h. Recommendations: For Bento4 version 1.6.0-639, as a temporary workaround, consider disabling the AP...

PT-2023-2467 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in the Win32k component of the Windows operating system. This can allow an attacker to elevate their privileges. There is no information...

PT-2023-19989 · Tenda · Tenda Ac5

Name of the Vulnerable Software and Affected Versions: Tenda AC5 version US AC5V1.0RTL V15.03.06.28 Description: The issue is related to a stack overflow via the form fast setting wifi set function, which can be exploited to cause a Denial of Service DoS or execute arbitrary code using a crafted...

PT-2023-17353 · Unknown · Zhenfeng13 My-Blog

Name of the Vulnerable Software and Affected Versions: zhenfeng13 My-Blog affected versions not specified Description: A problematic issue was found in the software, affecting an unknown function of the file /admin/configurations/userInfo. The manipulation of the arguments yourAvatar, yourName, a...