Lucene search
+L
CvelistMost viewed

367170 matches found

Cvelist
Cvelist
added 2023/08/10 12:0 a.m.55 views

CVE-2023-39806

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function...

10AI score0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/09 12:0 a.m.55 views

CVE-2023-32781

A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...

7.2AI score0.12342EPSS
Exploits3References3
Cvelist
Cvelist
added 2023/08/08 10:24 a.m.55 views

CVE-2023-4202 Stored Cross-Site Scripting

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the device name field of the web-interface...

9CVSS8.1AI score0.00818EPSS
Exploits2References3
Cvelist
Cvelist
added 2023/08/07 8:32 p.m.55 views

CVE-2023-39527 PrestaShop XSS vulnerability through Validate::isCleanHTML method

PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the isCleanHTML method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds...

8.3CVSS8.1AI score0.00445EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/03 12:0 a.m.55 views

CVE-2023-37364

In WS-Inc J WBEM Server 4.7.4 before 4.7.5, the CIM-XML protocol adapter does not disable entity resolution. This allows context-dependent attackers to read arbitrary files or cause a denial of service, a similar issue to CVE-2013-4152...

6.2AI score0.0054EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/02 10:30 p.m.55 views

CVE-2023-1437 CVE-2023-1437

All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw memory pointers for the server to use as-is. This could allow an attacker to gain access to the remote file system and the ability to execute...

9.8CVSS10AI score0.02798EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/02 7:52 p.m.55 views

CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff

A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...

6.5AI score0.00805EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/07/27 6:12 p.m.55 views

CVE-2023-38504 Sails DoS vulnerability for apps with sockets enabled

Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the sails.io.js client...

7.5CVSS7.7AI score0.0076EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/07/27 2:31 p.m.55 views

CVE-2023-38488 Kirby vulnerable to field injection in the KirbyData text storage handler

Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to update a Kirby content file e.g. via a...

7.1CVSS8.9AI score0.00799EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/07/19 7:39 p.m.55 views

CVE-2023-37276 aiohttp vulnerable to HTTP request smuggling

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. aiohttp v3.8.4 and earlier are bundled with llhttp v6.0.6. Vulnerable code is used by aiohttp for its HTTP request parser when available which is the default case when installing from a wheel. This vulnerability only...

5.3CVSS7.6AI score0.01422EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/07/19 2:56 p.m.55 views

CVE-2023-30799 MikroTik RouterOS Administrator Privilege Escalation

MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary...

9.1CVSS9.8AI score0.01313EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/18 8:37 a.m.55 views

CVE-2023-2433 YARPP – Yet Another Related Posts Plugin <= 5.30.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The YARPP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'className' parameter in versions up to, and including, 5.30.3 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers to inject arbitrary web scripts in page...

6.4CVSS5.9AI score0.00423EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/07/14 8:39 p.m.55 views

CVE-2023-37462 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-skin-ui

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document SkinsCode.XWikiSkinsSheet leads to an injection vector from view right on that document to programming rights, or in other words, it is possible to execute...

9.9CVSS10AI score0.91492EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/07/11 6:29 p.m.55 views

CVE-2023-20575

A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information...

6.5AI score0.00804EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/11 5:3 p.m.55 views

CVE-2023-33162 Microsoft Excel Information Disclosure Vulnerability

...

5.5CVSS6.1AI score0.00756EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/11 8:36 a.m.55 views

CVE-2023-34015 WordPress Advanced Flat rate shipping Woocommerce Plugin <= 1.6.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin = 1.6.4.4 versions...

5.4CVSS9AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/16 12:0 a.m.55 views

CVE-2023-35783

The kesearch aka Faceted Search extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data...

6.3CVSS6.2AI score0.00341EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/13 4:31 p.m.55 views

CVE-2023-34247 @keystone-6/auth Open Redirect vulnerability

Keystone is a content management system for Node.JS. There is an open redirect in the @keystone-6/auth package versions 7.0.0 and prior, where the redirect leading / filter can be bypassed. Users may be redirected to domains other than the relative host, thereby it might be used by attackers to...

6.1CVSS6.4AI score0.00407EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/12 2:19 p.m.55 views

CVE-2023-32961 WordPress Zotpress Plugin <= 7.3.3 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Katie Seaborn Zotpress plugin = 7.3.3 versions...

7.1CVSS6.3AI score0.0103EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/06/09 5:33 a.m.55 views

CVE-2023-1895 Getwid – Gutenberg Blocks <= 1.8.3 - Authenticated(Subscriber+) Server Side Request Forgery

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery via the getremotecontent REST API endpoint in versions up to, and including, 1.8.3. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary...

8.5CVSS9.2AI score0.00606EPSS
Exploits2References3
Cvelist
Cvelist
added 2023/06/09 5:33 a.m.55 views

CVE-2023-1888 Directorist <= 7.5.4 - Authenticated (Subscriber+) Arbitrary User Password Reset to Privilege Escalation

The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack of validation checks within login.php. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset th...

8.8CVSS8.8AI score0.00984EPSS
Exploits2References3
Cvelist
Cvelist
added 2023/06/07 1:51 a.m.55 views

CVE-2023-3125 B2BKing <= 4.6.00 - Missing Authorization to Authenticated(Subscriber+) Price Modification

The B2BKing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'b2bkingsavepriceimport' function in versions up to, and including, 4.6.00. This makes it possible for Authenticated attackers with subscriber or customer-level permissions...

6.5CVSS6.4AI score0.0074EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/06 6:20 p.m.55 views

CVE-2023-32682 Improper checks for deactivated users during login in synapse

Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. In affected versions it may be possible for a deactivated user to login when using uncommon configurations. This only applies if any of the following are true: 1. JSON Web Tokens are enabled for login via the...

5.4CVSS5.6AI score0.00752EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/06/03 4:35 a.m.55 views

CVE-2023-2405 CRM and Lead Management by vcita <= 2.7.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.0. This is due to missing nonce validation in the vcita-callback.php file. This makes it possible for unauthenticated attackers to modify the plugin's settin...

6.1CVSS6.3AI score0.00335EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/05/18 9:19 p.m.55 views

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

9.9AI score0.00891EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/12 12:0 a.m.55 views

CVE-2023-2088

A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality...

6.4AI score0.01198EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/11 8:55 p.m.55 views

CVE-2023-32058 Vyper vulnerable to integer overflow in loop

Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of...

7.5CVSS7.8AI score0.00913EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/05/08 8:56 p.m.55 views

CVE-2023-31133 Ghost vulnerable to disclosure of private API fields

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...

7.5CVSS7.7AI score0.45713EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/04/24 9:58 p.m.55 views

CVE-2023-30629 Vyper's raw_call with outsize=0 and revert_on_failure=False returns incorrect success value

Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the rawcall with revertonfailure=False and maxoutsize=0 receives the wrong response from rawcall. Depending on the...

7.5CVSS7.7AI score0.00883EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/04/24 8:6 p.m.55 views

CVE-2023-30626 Jellyfin vulnerable to directory traversal and file write causing arbitrary code execution

Jellyfin is a free-software media system. Versions starting with 10.8.0 and prior to 10.8.10 and prior have a directory traversal vulnerability inside the ClientLogController, specifically /ClientLog/Document. When combined with a cross-site scripting vulnerability CVE-2023-30627, this can result...

8.8CVSS9AI score0.01972EPSS
Exploits2References6
Cvelist
Cvelist
added 2023/04/19 5:18 p.m.55 views

CVE-2023-30610 AWS SDK for Rust will log AWS credentials when TRACE-level logging is enabled for request sending

aws-sigv4 is a rust library for low level request signing in the aws cloud platform. The awssigv4::SigningParams struct had a derived Debug implementation. When debug-formatted, it would include a user's AWS access key, AWS secret key, and security token in plaintext. When TRACE-level logging is...

5.5CVSS5.7AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/13 10:1 a.m.55 views

CVE-2022-45064 Apache Sling Engine: Include-based XSS

The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API resulting in a generic type of include-based cross-site scripting issues on the Apache Sling level. The vulnerability is exploitable by an attacker that is able to include a resource with specific content-type and...

8CVSS9.2AI score0.01121EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/05 12:0 a.m.55 views

CVE-2022-31890

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function...

10AI score0.01503EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/03/30 12:17 a.m.55 views

CVE-2023-25000 Vault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations

HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a...

5CVSS5.2AI score0.0021EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/28 12:0 a.m.55 views

CVE-2022-47529

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...

6.7AI score0.0157EPSS
Exploits5References8
Cvelist
Cvelist
added 2023/03/17 9:15 p.m.55 views

CVE-2023-28115 Snappy vulnerable to PHAR deserialization, allowing remote code execution

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...

9.8CVSS10AI score0.0276EPSS
Exploits1References6
Cvelist
Cvelist
added 2023/03/07 4:43 a.m.55 views

CVE-2022-33244 Reachable assertion in Modem

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout...

7.5CVSS7.7AI score0.00406EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/07 12:0 a.m.55 views

CVE-2023-1243 Cross-site Scripting (XSS) - Stored in answerdev/answer

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

6CVSS5.2AI score0.00526EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/02/27 12:0 a.m.55 views

CVE-2023-26609

ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wirelessmft ap field...

7.6AI score0.38722EPSS
Exploits5References3
Cvelist
Cvelist
added 2023/02/20 12:0 a.m.55 views

CVE-2021-32850 jQuery MiniColors vulnerable to Cross-site Scripting

jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6...

6.1CVSS6AI score0.00802EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/02/17 12:0 a.m.55 views

CVE-2023-21620 Adobe FrameMaker Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

FrameMaker 2020 Update 4 and earlier, 2022 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

5.5CVSS5.8AI score0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/16 2:11 p.m.55 views

CVE-2023-22578 Sequalize - Default support for “raw attributes” when using parentheses

Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections...

10CVSS9.8AI score0.00831EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/14 5:22 p.m.55 views

CVE-2023-22940 SPL Command Safeguards Bypass via the ‘collect’ SPL Command Aliases in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language SPL command, including ‘summaryindex’, ‘sumindex’, ‘stash’,’ mcollect’, and ‘meventcollect’, were not designated as safeguarded commands. The commands could potentially allow for the...

6.3CVSS6.5AI score0.00429EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/14 10:36 a.m.55 views

CVE-2022-31808

A vulnerability has been identified in SiPass integrated AC5102 ACC-G2 All versions V2.85.44, SiPass integrated ACC-AP All versions V2.85.43. Affected devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by...

7.8CVSS8AI score0.00229EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/14 1:13 a.m.55 views

CVE-2023-0814 Profile Builder – User Profile & User Registration Forms <= 3.9.0 - Sensitive Information Disclosure via Shortcode

The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the usermeta shortcode in versions up to, and including 3.9.0. This is due to insufficient restriction on sensitive user meta values that can be called via that...

6.5CVSS6.9AI score0.00769EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/02/09 4:12 p.m.56 views

CVE-2023-0575 Remote Code Execution

External Control of Critical State Data, Improper Control of Generation of Code 'Code Injection' vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS DevopsBase.Java:execCommand, TableManager.Java:runCommand modules allows API Manipulation, Privilege Abuse. This vulnerability...

7.2CVSS9.5AI score0.00776EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/08 10:45 p.m.55 views

CVE-2023-0250 CVE-2023-0250

Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code...

7.8CVSS8AI score0.02163EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/03 7:31 p.m.55 views

CVE-2023-23937 Missing file upload type validation in pimcore/pimcore

Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security check by adding a valid...

8.2CVSS8.3AI score0.00476EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/01/31 12:0 a.m.55 views

CVE-2022-45789

A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert All Versions, EcoStruxure Process Expert All Versions...

8.1CVSS9.6AI score0.01443EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/27 8:43 p.m.55 views

CVE-2022-39380 wire-webapp contains Improper Handling of Exceptional Conditions leading to a DoS via Markdown Rendering

Wire web-app is part of Wire communications. Versions prior to 2022-11-02 are subject to Improper Handling of Exceptional Conditions. In the wire-webapp, certain combinations of Markdown formatting can trigger an unhandled error in the conversion to HTML representation. The error makes it...

5.3CVSS5.2AI score0.00623EPSS
Exploits0References1
Total number of security vulnerabilities5000