367529 matches found
CVE-2022-46902
CVE-2022-46902 relates to Vocera Report Server/Voice Server 5.x–5.8. The issue is a path traversal vulnerability in an unzip operation used during a ZIP-based database restore via the Vocera Report Console’s websocket function. During extraction, the code uses file paths from the ZIP without suff...
CVE-2023-31999
CVE-2023-31999 affects all versions of @fastify/oauth2 due to a statically generated OAuth2 state parameter at startup, reused across requests for all users and sessions. This CSRF flaw could enable forged requests. The issue was addressed in v7.2.0, which switches to per-user state stored in a c...
CVE-2025-21702
The CVE CVE-2025-21702 concerns a bug in Linux kernel pfifo_tail_enqueue where, when sch->limit == 0, a path can cause qlen to be increased to one even if a preceding drop would have kept it at zero. This leads to a mismatch where a parent qlen no longer equals the sum of its children’s qlen, ...
CVE-2023-41904
CVE-2023-41904 affects Zoho ManageEngine ADManager Plus prior to version 7203, where the REST APIs suffer a 2FA bypass in AuthToken generation. This enables unauthorized access via REST endpoints, per multiple sources. Remediation is to upgrade to version 7203 or later; as a temporary measure, re...
CVE-2023-33237
CVE-2023-33237 affects Moxa TN-5900 Series firmware v3.3 and prior. Vulnerability arises from inadequate authentication in the web API handler, allowing low-privilege APIs to perform restricted actions typically allowed to high-privilege APIs. CVSS v3.1 base score 8.8 (High): Network access, low ...
CVE-2023-39531
CVE-2023-39531 affects Sentry. From version 10.0.0 up to, but not including, 23.7.2, an attacker with client-side exploits could obtain a valid access token for another user during the OAuth token exchange due to incorrect credential validation. The attack requires a known client_id and an API ap...
CVE-2023-26447
CVE-2023-26447 affects Open-Xchange AppSuite’s portal upsell widget, where a product description sourced from a user-controllable jslob is inserted into the DOM without proper escaping. The underlying issue is DOM-based XSS: unescaped jslob content can execute script in the victim’s browser, pote...
CVE-2023-37264
CVE-2023-37264 affects Tekton Pipelines: starting from 0.35.0, the Pipelines controller does not validate child TaskRun UIDs, allowing a user who can create TaskRuns to subvert ownership checks by creating a child TaskRun with the same name/owner reference. This can lead to the Pipeline controlle...
CVE-2023-42819
CVE-2023-42819 is a directory traversal vulnerability in JumpServer. Authenticated users can access and modify arbitrary files via the API endpoint /api/v1/ops/playbook/{playbook_id}/file/?key=../../../../../../../etc/passwd, enabling file disclosure (and potential modification) on affected syste...
CVE-2023-4209
CVE-2023-4209: The POEditor WordPress plugin prior to version 0.9.8 is vulnerable to CSRF due to missing checks in multiple areas, enabling an attacker to trick a logged-in admin into performing actions such as resetting settings or updating the API key. Public sources (NVD, Red Hat, CVE lists) c...
CVE-2023-38752
CVE-2023-38752 concerns an improper authorization vulnerability in the Special Interest Group Network for Analysis and Liaison (Inter-SOC Cooperation API). Affected versions are 4.4.0 through 4.7.7, where an authorized API user can view the attribute information of a poster marked as non-disclosu...
CVE-2023-26450
Open-Xchange CVE-2023-26450 affects the OX Count web service in Open-Xchange AppSuite. The root cause is that the OX Count service did not specify a media-type when processing responses from external resources, enabling malicious script code to execute in the victim’s context and potentially lead...
CVE-2022-46901
CVE-2022-46901 affects Vocera Report Server and Voice Server 5.x through 5.8. The issue is an Access Control Violation for database operations via the Vocera Report Console’s websocket interface, which permits unauthenticated execution of tasks and database functions, including system tasks and a...
CVE-2023-45288
CVE-2023-45288 concerns an HTTP/2 HPACK processing issue where an attacker can force an endpoint to parse excessive HEADERS and CONTINUATION frames, potentially reading large, even Huffman-encoded, header data beyond intended bounds. The vulnerability arises when request headers exceed MaxHeaderB...
CVE-2023-3958
CVE-2023-3958 affects the WP Remote Users Sync WordPress plugin. The vulnerability is a Server-Side Request Forgery (SSRF) via the notify_ping_remote AJAX function in versions up to and including 1.2.12. An authenticated attacker with subscriber-level permissions (or higher) can cause the web app...
CVE-2023-4242
CVE-2023-4242 affects the WordPress plugin FULL – Customer . The issue allows an authenticated user with subscriber-level permissions or higher to disclose sensitive site configuration information via the REST route /health . Affected versions are up to and including 2.2.3 ; the underlying cause ...
CVE-2023-36827
CVE-2023-36827 (Fides) : A path traversal vulnerability affects Fides webserver in versions below 2.15.1, enabling remote attackers to access arbitrary files on the webserver container filesystem. The issue is fixed in 2.15.1. If the webserver API is behind a reverse proxy and the proxy is an AWS...
CVE-2023-38344
Affected software: Ivanti Endpoint Manager prior to 2022 SU4. Vulnerability: GetFileContents SOAP action in /landesk/managementsuite/core/core.secure/OsdScript.asmx allows reading arbitrary remote files when user-supplied paths aren’t properly restricted. Impact: authenticated attacker can read s...
CVE-2023-24515
The CVE-2023-24515 entry describes a Server-Side Request Forgery (SSRF) vulnerability in the API checker of Pandora FMS. The root cause is that the application does not validate the URL scheme when retrieving the API URL, allowing schemes such as file in addition to http/https. This could enable ...
CVE-2023-26448
Open-Xchange AppSuite is affected by CVE-2023-26448 due to unsafe handling of customized login/logout locations defined as jslob, which were not validated for malicious protocol handlers. The underlying issue allows malicious script code to execute in the victim’s context, potentially enabling se...
CVE-2025-21660
Technical details for CVE-2025-21660 are not provided in the supplied documents. No affected products, root cause, or remediation are disclosed here; monitor for updates from official advisories.
CVE-2023-33368
CVE-2023-33368 affects Control ID IDSecure 4.7.26.0 and earlier. The issue concerns API routes that exfiltrate sensitive information and passwords to users accessing those routes. Impact: information disclosure (Confidentiality HIGH per CVSS). No fix version is publicly documented in the provided...
CVE-2023-3956
CVE-2023-3956 affects the InstaWP Connect WordPress plugin (versions up to and including 0.0.9.18). The vulnerability stems from a missing capability check in the events_receiver function, enabling unauthenticated attackers to add, modify, or delete posts and taxonomies, install/activate/deactiva...
CVE-2024-25737
VuFind 2.4–9.1 (pre-9.1.1) is affected by a Server-Side Request Forgery (SSRF) in the /Cover/Show route (ShowAction in CoverController.php). The vulnerability allows an attacker to proxy arbitrary URLs via the proxy GET parameter, enabling access to internal HTTP services and potentially enabling...
CVE-2023-4917
CVE-2023-4917 (Leyka WordPress plugin) affects Leyka versions
CVE-2023-41338
The CVE-2023-41338 issue affects gofiber (Fiber) prior to v2.49.2 where ctx.IsFromLocal() may return true for requests with X-Forwarded-For: 127.0.0.1, allowing access to localhost-scoped resources. Root cause: improper handling of the X-Forwarded-For header in the Ctx.IsFromLocal logic, enabling...
CVE-2023-0925
Summary (CVE-2023-0925): Software AG webMethods OneData 10.11 is exposed with an embedded Azul Zulu Java 11.0.15 that runs a Java RMI registry on port 2099 and two RMI interfaces on a high, dynamically assigned port. An unauthenticated attacker with network access to these ports can instruct the ...
CVE-2023-0551
The CVE CVE-2023-0551 affects the WordPress plugin REST API TO MiniProgram (through 4.6.1). The vulnerability is due to missing authorization checks and CSRF protection in an AJAX action, allowing any authenticated user (e.g., subscriber) to call and delete arbitrary attachments. Connected source...
CVE-2023-39404
CVE-2023-39404 concerns Huawei HarmonyOS and is tied to the window management module. The vulnerability stems from insufficient input parameter verification in certain APIs, which can be exploited to cause a device reboot (DoS). Public exploitation details are not provided in the supplied documen...
CVE-2023-34429
CVE-2023-34429 affects Weintek Weincloud v0.13.6, where processing of a forged JWT token can cause a denial-of-service. The connected ICS/nvd entries corroborate the DoS impact and indicate remediation: Weincloud account API updated to v0.13.8 (no action required by users beyond this update). No ...
CVE-2024-26977
CVE-2024-26977 — Linux kernel MMIO leak due to broken guarding of iounmap(). The vulnerability arises because the ARCH_HAS_GENERIC_IOPORT_MAP guard was applied to iounmap() in pci_iounmap(), causing MMIO mappings to leak. The fix relocates the guard so iounmap() is called for MMIO mappings, preve...
CVE-2023-41319
The CVE-2023-41319 vulnerability affects Fides versions 2.11.0–2.19.0, where the webserver API accepts ZIP uploads that may contain Python code executed in a sandbox that can be bypassed. An attacker with API access using the CONNECTOR_TEMPLATE_REGISTER scope (restricted in Admin UI to highly pri...
CVE-2023-36100
CVE-2023-36100 affects IceCMS 2.0.1. The issue is a privilege escalation and information disclosure via the UserID parameter in the endpoint api/User/ChangeUser. Root cause details are not fully disclosed in the provided documents, but multiple sources confirm the vulnerability in this specific v...
CVE-2019-11510
CVE-2019-11510 affects Pulse Secure Pulse Connect Secure (PCS). An unauthenticated remote attacker can exploit a crafted URI to perform an arbitrary file read on PCS appliances. Impact is described as reading arbitrary files from the device, which can facilitate further intrusion steps. Affected ...
CVE-2023-26451
CVE-2023-26451 concerns Open-Xchange AppSuite’s integrated oAuth Authorization Service, which used a weak randomness source to generate authorization tokens. This made authorization codes predictable to third parties, enabling interception of the client authorization process and potential account...
CVE-2023-3313
CVE-2023-3313 pertains to an OS command injection in the Trellix Enterprise Security Manager (ESM) certificate API, caused by insufficient neutralization of special elements. The vulnerability could let an unauthorized user with local access execute system commands, potentially escalating privile...
CVE-2023-4614
LG LED Assistant is affected by CVE-2023-4614 due to a path traversal flaw in the /api/installation/setThumbnailRc endpoint, caused by insufficient validation of a user-supplied path. This unauthenticated vulnerability can be leveraged to access files in the current user context; some sources des...
CVE-2023-40585
CVE-2023-40585 affects the Metal³ ironic-image container used to run OpenStack Ironic. Prior to capm3-v1.4.3, if TLS is not used and API/Conductor aren’t split, the Ironic API can be accessed without authentication over the host network. The vulnerability description notes that the API is otherwi...
CVE-2023-26430
CVE-2023-26430 affects Open-Xchange AppSuite. Attackers with user access can inject arbitrary control characters into SIEVE mail-filter rules, potentially enabling access to disallowed SIEVE extensions or corrupting per-user filter processing. The underlying issue is character injection into mail...
CVE-2023-37957
CVE-2023-37957 affects Jenkins Pipeline restFul API Plugin up to version 0.11. A CSRF flaw allows an attacker to cause the Jenkins instance to connect to an attacker-controlled URL, enabling capture of a newly generated JCLI token. The vulnerability’s description and Red Hat/GitHub/NVD references...
CVE-2023-3584
Mattermost CVE-2023-3584 affects the POST /api/v4/teams endpoint. The root cause is improper authorization checks when a team override scheme ID is supplied, enabling an authenticated attacker who knows a valid Team Override Scheme ID to create a new team using that scheme. Documents consistently...
CVE-2023-37238
The CVE-2023-37238 entry concerns Huawei HarmonyOS. Affected component: wireless projection module (and related screen casting interfaces). Root cause: incomplete verification of apps’ permission to access a specific API, enabling insufficient permission checks. Impact: exploitation could affect ...
CVE-2025-21648
CVE-2025-21648 affects the Linux kernel netfilter conntrack code. The vulnerability arises from the hashtable resize path where the maximum size could exceed practical limits, risking a WARN_ON_ONCE in __kvmalloc_node_noprof() when __GFP_NOWARN is unset. The fix clamps the conntrack hashtable siz...
CVE-2023-4559
CVE-2023-4559 affects Bettershop LaikeTui; the issue is in the POST Request Handler at index.php?module=api&action=user&m=upload, allowing unrestricted file upload. Root cause and details point to unknown affected versions due to rolling-release behavior; no version-specific fixes are disclosed i...
CVE-2023-37658
CVE-2023-37658 affects fast-poster v2.15.0. The vulnerability is in the file upload path: ApiUploadHandler.post in /server/fast.py, where the image check is based on binary data and does not strictly verify the file suffix, enabling stored XSS. Several connected sources confirm this issue; exploi...
CVE-2024-56709
CVE-2024-56709 — Linux kernel io_uring race condition : The vulnerability arises when a task’s work is queued after the task has gone through io_uring termination, potentially finding the io_wq pointer already killed and null. The fix adds a guard so that io_queue_iowq() will fail in this scenari...
CVE-2023-4400
Skyhigh Secure Web Gateway (SWG) is affected: versions 11.x prior to 11.2.14, 10.x prior to 10.2.25, and 12.x prior to 12.2.1 contain a password-management issue where authentication information stored in configuration files can be extracted via the SWG REST API because passwords are stored in pl...
CVE-2023-2746
Rockwell Automation Enhanced HIM is affected by CSRF due to an API that is not sufficiently protected and incorrect CORS settings. Exploitation could lead to sensitive information disclosure and full remote access to affected products. Judgment from multiple sources (ICS advisory ICSA-23-192-01, ...
CVE-2023-3263
CVE-2023-3263 affects the Dataprobe iBoot PDU (firmware 1.43.03312023 and earlier). The vulnerability is an authentication bypass in the REST API caused by mishandling of special characters when parsing credentials, enabling an attacker to obtain a valid authorization token and read the relays/po...
CVE-2023-39951
CVE-2023-39951 affects OpenTelemetry Java Instrumentation prior to 1.28.0. When instrumenting AWS SDK v2 calls to SES v1, the request query parameters are inserted into the trace url.path, causing the HTTP body (subject and message) to be exposed in telemetry backends. This information disclosure...