1395 matches found
PT-2023-2951 · Cscape · Cscape Envision Rv +1
Name of the Vulnerable Software and Affected Versions: Cscape EnvisionRV affected versions not specified Cscape affected versions not specified Description: The issue is related to a lack of proper validation of user-supplied data when parsing font files, such as FNT. This can lead to an...
PT-2023-2950 · Horner Automation · Horner Automation Cscape Envisionrv +1
Name of the Vulnerable Software and Affected Versions: Horner Automation Cscape EnvisionRV affected versions not specified Cscape affected versions not specified Description: The issue is related to a lack of proper validation of user-supplied data when parsing project files, such as CSP. This ca...
CVE-2023-28649
The Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested devices connected to it. A vulnerability exists in which an attacker could impersonate a hub and send device requests to claim already claimed devices. The OvrC cloud platform receives the requests but do...
PT-2023-21078 · WordPress · Groundhogg
Name of the Vulnerable Software and Affected Versions: Groundhogg plugin for WordPress versions up to, and including, 2.7.9.8 Description: The issue is due to missing nonce validation in the ajax edit contact function, making it possible for authenticated attackers to elevate verified user...
CVE-2023-32993
Jenkins SAML Single Sign OnSSO Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections...
Ghost Directory Traversal Vulnerability
Ghost is an open source content management system . Ghost suffers from a directory traversal vulnerability that stems from a lack of validity checking of paths in frontend/web/middleware/static-theme.js when processing directory requests, which can be exploited by an attacker to read arbitrary...
Apache StreamPark 代码问题漏洞
Apache StreamPark is a streaming media application development framework from the Apache Foundation. Apache StreamPark suffers from a code issue vulnerability that stems from allowing any user to upload a jar as an application, but not forcing validation of the uploaded file type, leading to the...
CVE-2023-1967
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid...
CVE-2023-26058
An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to a Performance Manager page. Input validation and a proper XML parser configuration are missing. For an external attacker, it is very difficult to exploit this, because a few dynamically created parameters such as...
CVE-2023-26059
An issue was discovered in Nokia NetAct before 22 SP1037. On the Site Configuration Tool tab, attackers can upload a ZIP file which, when processed, exploits Stored XSS. The upload option of the Site Configuration tool does not validate the file contents. The application is in a demilitarised zon...
CVE-2023-1924
The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfctoolbarsavesettingscallback function. This makes it possible for unauthenticated attackers to change cache...
CVE-2023-0670
Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permissions to obtain remote code execution on the server through the image upload functionality. This occurs because the application does not validate that the uploaded image is actually an image...
CVE-2023-1866
The YourChannel plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.3. This is due to missing or incorrect nonce validation on the clearKeys function. This makes it possible for unauthenticated attackers to reset the plugin's channel settings via...
PT-2023-14274 · Bentley · Bentley View
Name of the Vulnerable Software and Affected Versions: Bentley View affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Bentley View. It requires user interaction, where the target must visit a malicious page or op...
CVE-2022-43637
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-37381
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-37359
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
CVE-2022-45597
ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. NOTE: the vendor does not consider this a vulnerability because the report is only about use of certificates at the application layer not the transport layer and "Certificates are exchanged in a controlled fashion between entities...
ComponentSpace SAML 信任管理问题漏洞
ComponentSpace SAML is ComponentSpace's SAML and OpenID solution for ASP.NET and ASP.NET Core. A trust management issue vulnerability exists in ComponentSpace SAML version 4.4.0, which stems from a lack of SSL certificate validation...
CVE-2023-1472
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to invoke those functions...