209 matches found
CVE-2023-6817
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nftpipapowalk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO Pile Packet Policies elements, leadi...
CVE-2023-46722 Pimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previews
The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Use...
CVE-2023-37910 org.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with the introduction of attachment move support in version 14.0-rc-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, an attacker with edit access on any document can be the use...
PT-2023-27875 · Plixer · Plixer Scrutinizer
Name of the Vulnerable Software and Affected Versions: Plixer Scrutinizer versions prior to 19.3.1 Description: An issue was discovered in the /fcgi/scrut fcgi.fcgi endpoint, specifically in the csvExportReport endpoint action generateCSV, which is vulnerable to SQL injection through the sorting...
UBUNTU-CVE-2023-3389
A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...
DEBIAN-CVE-2023-32732
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyo...
PT-2023-17120 · WordPress · Ultimate Addons For Contact Form 7
Name of the Vulnerable Software and Affected Versions: The Ultimate Addons for Contact Form 7 plugin for WordPress versions up to and including 3.1.23 Description: The issue allows authenticated attackers of any authorization level to perform SQL Injection via the id parameter. This enables them ...
CVE-2023-30848 Pimcore SQL Injection Vulnerability in Admin Search Find API
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually...
CVE-2023-27472
quickentity-editor-next is an open source, system local, video game asset editor. In affected versions HTML tags in entity names are not sanitised XSS vulnerability. Allows arbitrary code execution within the browser sandbox, among other things, simply from loading a file containing a script tag ...
PT-2023-16767 · Pimcore · Pimcore
Name of the Vulnerable Software and Affected Versions: pimcore/pimcore versions prior to 10.5.18 Description: The issue is related to Cross-site Scripting XSS - Stored, which can be used by an attacker to send a malicious script to any user through the Image/Video thumbnail config. Recommendation...
CVE-2023-25156 Kiwi TCMS has no protection against brute-force attacks on login page
Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt brute-force attacks against the login page. Users should upgrade to v12.0 or later to receive a patch. As a workaround, users may install and configure a...
CVE-2023-25160 IDOR Vulnerability in Nextcloud Mail
Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can access the mail box by ID getting the subjects and the first characters of the emails. Users should upgrade to Mail 2.2.1 for Nextcloud 25, Mail 1.14.5 for...
CVE-2023-0549 YAFNET Private Message PostPrivateMessage cross site scripting
A vulnerability, which was classified as problematic, has been found in YAFNET up to 3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private Message Handler. The manipulation of the argument subject/message leads to cross site scripting. T...
CVE-2023-22491 gatsby-transformer-remark vulnerable to unsanitized JavaScript code injection
Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default...
CVE-2022-4882
CVE-2022-4882 affects kaltura mwEmbed (up to 2.91). The vulnerability resides in the Share Plugin’s file modules/KalturaSupport/components/share/share.js, where manipulating the res argument leads to cross-site scripting. The issue can be exploited remotely with high attack complexity and require...
CVE-2019-25098 soerennb eXtplorer Archive archive.php path traversal
A vulnerability was found in soerennb eXtplorer up to 2.1.12. It has been classified as critical. This affects an unknown part of the file include/archive.php of the component Archive Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The...
CVE-2022-4642 tatoeba2 Profile Name cross site scripting
A vulnerability was found in tatoeba2. It has been classified as problematic. This affects an unknown part of the component Profile Name Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...
CVE-2021-4243
Removed by vendor...
CVE-2022-39375 Cross-Site Scripting (XSS) through public RSS feed in GLPI
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Users may be able to create a public RSS feed to inject malicious code in dashboards of other users...
CVE-2022-39373 Stored Cross-Site Scripting (XSS) in entity name in GLPI
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Administrator may store malicious code in entity name. This issue has been patched, please upgrade to...