1850 matches found
PT-2023-6631 · Octoprint · Octoprint
Name of the Vulnerable Software and Affected Versions: OctoPrint versions up to and including 1.9.2 Description: The issue allows malicious administrators to configure a specially crafted GCODE script, enabling code execution during the rendering of that script. This could be used to extract or...
WEBIGniter v28.7.23 File Upload - Remote Code Execution
Title: WEBIGniter v28.7.23 File Upload - Remote Code Execution Author: nu11secur1ty Date: 09/04/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/file-upload Description: The media function suffers from file upload...
CVE-2023-2315
CVE-2023-2315 is a path traversal vulnerability in OpenCart versions 4.0.0.0–4.0.2.2. An authenticated user with access/modify privileges on the Log component can empty arbitrary files on the server. Root cause: path traversal in the Log component. Impact: file deletion/emptiness on the server as...
CVE-2023-4238
The Prevent files / folders access WordPress plugin before 2.5.2 does not validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server...
CVE-2023-43767
Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 1...
CVE-2023-43766
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for...
CVE-2023-43767
Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 1...
CVE-2023-43765
Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure...
CVE-2023-43760
Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure...
CVE-2023-43766
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for...
CVE-2023-43761
Certain WithSecure products allow Denial of Service infinite loop. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements...
CVE-2023-43766
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for...
CVE-2023-43767
Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 1...
CVE-2023-43765
Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure...
CVE-2023-43761
Certain WithSecure products allow Denial of Service infinite loop. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements...
CVE-2023-43761
Certain WithSecure products allow Denial of Service infinite loop. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements...
CVE-2023-43760
Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure...
Code injection
Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure...
Code injection
Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure...
Design/Logic Flaw
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for...