PT-2023-25109 · WordPress · Password Reset With Code For Wordpress Rest Api

Name of the Vulnerable Software and Affected Versions: Password Reset with Code for WordPress REST API versions 0.0.0 through 0.0.15 Description: The issue is related to an Improper Restriction of Excessive Authentication Attempts vulnerability in the Password Reset with Code for WordPress REST...

PT-2023-9063 · Oracle · Oracle E-Business Suite +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.13 Description: The issue is related to insufficient input validation in the Campaign LOV component of Oracle Marketing, allowing an unauthenticated attacker with network access via HTTP to...

CVE-2023-44295

Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to loss of information, and information disclosure...

PT-2023-27878 · Samsung · Escargot

Name of the Vulnerable Software and Affected Versions: Escargot versions 3.0.0 through 4.0.0 Description: The issue is related to improper input validation in Samsung Open Source Escargot, which can lead to a stack overflow and segmentation fault. Recommendations: For Escargot versions 3.0.0...

PT-2023-28825 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R versions V9.4.0cu.652 B20230116 through V9.4.0cu.852 B20230719 Description: The issue allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component. Recommendations: For versions...

Joomla CMS Security Vulnerability

Joomla is an open source, cross-platform content management system CMS developed by the US Open Source Matters team using PHP and MySQL. A security vulnerability exists in Joomla CMS versions 1.6.0 through 4.4.0, and 5.0.0. The vulnerability stems from the fact that an attacker can disclose...

aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +1263 more potentially affected by CVE-2023-49083 via cryptography (>=3.1.0 <=41.0.5)

cryptography PYPI version =3.1.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =0.1.1, =0.4.7, =0.0.1, =0.1.1, =0.0.1, =1.77.3, =1.2.4, =0.0.3, =0.0.8 - aioasuswrt =1.3.3 and more Source cves: CVE-2023-49083 Source advisory: OSV:GHSA-JFHM-5GHH-2F97...

Zyxel ATP Security Vulnerability

Zyxel ATP is a firewall from China-based Zyxel. A security vulnerability exists in the Zyxel ATP series, which stems from a buffer overflow vulnerability. An attacker could exploit this vulnerability by executing a CLI command to dump system logs on an affected device and cause a denial of servic...

PT-2023-7600 · Hashicorp +2 · Hashicorp Vault +3

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault and Vault Enterprise versions 1.12.0 through 1.15.3 HashiCorp Vault and Vault Enterprise versions 1.13.0 through 1.13.11 HashiCorp Vault and Vault Enterprise versions 1.14.0 through 1.14.7 Description: The issue is related to...

Perl Buffer Error Vulnerability

Perl is a general-purpose, interpreted, dynamic cross-platform programming language from the PERL community. A buffer error vulnerability exists in Perl versions 5.30.0 through 5.38.0 that originates when Perl compiles a carefully crafted regular expression, allowing an attacker to control a byte...

CVE-2023-41792

Cross-Site Request Forgery CSRF vulnerability in Pandora FMS on all allows Cross-Site Scripting XSS. This vulnerability allowed Javascript code to be executed in the SNMP Trap Editor. This issue affects Pandora FMS: from 700 through 773...

CVE-2023-41807

Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows a user to escalate permissions on the system shell. This issue affects Pandora FMS: from 700 through 773...

bitcoin-harness (=0.1.0), bitcoin_rpc_client (>=0.5.0 <=0.6.1) +81 more potentially affected by unknown CVE via openssl (>=0.10.22 <=0.10.57)

openssl CARGO version =0.10.22, =0.5.0, =0.2.0, =0.0.0, =0.0.1, =0.3.3, =0.6.25, =0.1.0-alpha.0, =0.1.24, =0.37.0, =0.4.0, =0.37.0, =0.37.0, =0.38.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0072...

Ironman Software PowerShell Universal Security Vulnerability

Ironman Software PowerShell Universal is a single pane for managing and delegating access to automation environments from Ironman Software. A security vulnerability exists in Ironman Software PowerShell Universal versions 3.0.0 through 4.2.0, which stems from an invalid filtering of input strings...

Artica Pandora FMS Security Vulnerability

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A security vulnerability exists in Artica Pandora FMS versions 700 through 773, which stems from improper management of...

PT-2023-28089 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 772 Description: The issue is related to an Uncontrolled Search Path Element vulnerability, which allows for Leveraging/Manipulating Configuration File Search Paths. This vulnerability enables access to files...

Artica Pandora FMS Security Vulnerability

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A security vulnerability exists in Artica Pandora FMS versions 700 through 773 that could allow an attacker to execute...

PYSEC-2023-238

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files...

PYSEC-2023-238

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files...

CVE-2023-47671

Cross-Site Request Forgery CSRF vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0...