CVE-2023-1998 affecting package kernel for versions less than 5.15.111.1-1

CVE-2023-1998 affecting package kernel for versions less than 5.15.111.1-1. A patched version of the package is available...

CVE-2023-1668 affecting package openvswitch for versions less than 2.17.5-2

CVE-2023-1668 affecting package openvswitch for versions less than 2.17.5-2. A patched version of the package is available...

CVE-2022-27406 affecting package qt5-qtbase for versions less than 5.15.9-1

CVE-2022-27406 affecting package qt5-qtbase for versions less than 5.15.9-1. A patched version of the package is available...

CVE-2023-32073 AVideo command injection vulnerability

WWBN AVideo is an open source video platform. In versions 12.4 and prior, a command injection vulnerability exists at plugin/CloneSite/cloneClient.json.php which allows Remote Code Execution if you CloneSite Plugin. This is a bypass to the fix for CVE-2023-30854, which affects WWBN AVideo up to...

PT-2023-23516 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 3.0 commit 05dbbd1 Description: The issue is related to an out-of-memory problem in the malloc function. Recommendations: For Jerryscript version 3.0 commit 05dbbd1, consider restricting memory allocation to prevent...

PT-2023-23519 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 3.0 commit 05dbbd1 Description: An Assertion Failure was discovered in Jerryscript via the jcontext raise exception at jerry-core/jcontext/jcontext.c. Recommendations: For Jerryscript version 3.0 commit 05dbbd1, consider...

PT-2023-15758 · Unknown · Modem Control Device

Name of the Vulnerable Software and Affected Versions: Modem control device affected versions not specified Description: The issue is related to a possible out of bounds write due to a missing bounds check in the modem control device. This could lead to local denial of service and requires System...

PT-2023-19999 · Unknown · Control Id Rhid

Name of the Vulnerable Software and Affected Versions: Control iD RHiD version 23.3.19.0 Description: A critical vulnerability has been found in Control iD RHiD, affecting an unknown part of the file /v2//. The manipulation leads to direct request and can be initiated remotely. The vendor was...

CVE-2023-1989 affecting package kernel for versions less than 5.15.107.1-2

CVE-2023-1989 affecting package kernel for versions less than 5.15.107.1-2. A patched version of the package is available...

CVE-2023-1652 affecting package kernel for versions less than 5.15.107.1-2

CVE-2023-1652 affecting package kernel for versions less than 5.15.107.1-2. A patched version of the package is available...

PT-2023-2523 · Frrouting +3 · Frrouting +3

Name of the Vulnerable Software and Affected Versions: FRRouting versions through 8.4 Description: An issue in bgpd allows attackers to cause a denial of service by crafting a BGP OPEN message with an option of type 0xff, leading to inconsistent boundary checks and potential out-of-bounds read or...

CVE-2023-2475

A vulnerability was found in Dromara J2eeFAST up to 2.6.0 and classified as problematic. This issue affects some unknown processing of the component System Message Handler. The manipulation of the argument 主题 leads to cross site scripting. The attack may be initiated remotely. The exploit has bee...

PT-2023-15509 · Jedox · Jedox

Name of the Vulnerable Software and Affected Versions: Jedox version 2020.2.5 Description: A Stored cross-site scripting issue allows remote, authenticated users to inject arbitrary web script or HTML in the Logs page via the log module log. This enables attackers to execute malicious scripts on...

PT-2023-15510 · Jedox · Jedox

Name of the Vulnerable Software and Affected Versions: Jedox version 2020.2.5 Description: The issue is related to incorrect input validation for the default-storage-path in the settings page, allowing remote, authenticated users to specify the location as the Webroot directory. This can lead to...

PT-2023-22357 · Tenda · Tenda N301

Name of the Vulnerable Software and Affected Versions: Tenda N301 version 6.0, Firmware version 12.02.01.61 multi Description: The issue allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password due to cleartext transmission in...

PT-2023-19405 · Sourcecodester · Sourcecodester Ac Repair/Services System

Name of the Vulnerable Software and Affected Versions: SourceCodester AC Repair and Services System version 1.0 Description: A critical issue affects the processing of the file /admin/inquiries/view inquiry.php, where the manipulation of the id argument leads to sql injection. The attack can be...

PT-2023-2824 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The issue results from the lack of control of resource consumption when handling SMB2 SESSION SET...

PT-2023-18928 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: pimcore/pimcore versions prior to 10.5.21 Description: The issue is related to Cross-site Scripting XSS - Reflected, which occurs when an application includes user input in its output without proper validation, allowing an attacker to inject...

PT-2023-13496 · Ibm · Ibm Cloud Pak For Data

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Data versions 4.5 through 4.6 Description: The issue allows a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. Recommendations: For versions 4...

CVE-2023-30545

PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, it is possible for a user with access to the SQL Manager Advanced Options - Database to arbitrarily read any file on the operating system when using SQL function LOADFILE in a SELECT request. This gives...