363815 matches found
CVE-2023-45585
An insertion of sensitive information into log file vulnerability CWE-532 in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, versi...
CVE-2023-34378
Cross-Site Request Forgery CSRF vulnerability in scriptburn.Com WP Hide Post plugin = 2.0.10 versions...
CVE-2023-46733
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, SessionStrategyListener does not migrate the session after every successful login. It does so only in case the logged in...
CVE-2023-46254
capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...
CVE-2023-32741
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2...
CVE-2023-45823
Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which by using symbolic links in certain kinds of repositories load...
CVE-2023-45810
OpenFGA is a flexible authorization/permission engine built for developers and inspired by Google Zanzibar. Affected versions of OpenFGA are vulnerable to a denial of service attack. When a number of ListObjects calls are executed, in some scenarios, those calls are not releasing resources even...
CVE-2023-45660
Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0...
CVE-2023-5452
Cross-site Scripting XSS - Stored in GitHub repository snipe/snipe-it prior to v6.2.2...
CVE-2023-5192
Excessive Data Query Operations in a Large Data Table in GitHub repository pimcore/demo prior to 10.3.0...
CVE-2023-4505
The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 1.2.3. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative...
CVE-2023-43635
Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...
CVE-2022-28831
Adobe InDesign versions 17.1 and earlier and 16.4.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2023-4548
A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filterbrandid leads to sql injection. It is possible to initiate the attack remotely...
CVE-2023-40035
Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable...
CVE-2023-39662
An issue in llamaindex v.0.7.13 and before allows a remote attacker to execute arbitrary code via the exec parameter in PandasQueryEngine function...
CVE-2023-20555
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM...
CVE-2023-2423
A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event log. Threat actors could exploit this vulnerability by sending an influx of network commands, causing the product to generate an influx of event log traffic at...
CVE-2023-20214
A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco SD-WAN vManage instance. This vulnerability is...
CVE-2023-23646
Cross-Site Request Forgery CSRF vulnerability in A WP Life Album Gallery – WordPress Gallery plugin = 1.4.9 versions...
CVE-2023-37267
Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1...
CVE-2020-20021
An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon...
CVE-2023-37271
RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generat...
CVE-2023-34089
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code ...
CVE-2022-4361
Keycloak, an open-source identity and access management solution, has a cross-site scripting XSS vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirecturi...
CVE-2023-24018
A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability...
CVE-2023-36475
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 5.5.2 and 6.2.1, an attacker can use a prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. A patch is available in versions 5.5.2 and...
CVE-2023-2744
The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the type parameter in the erp/v1/accounting/v1/people REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2023-35930
SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Any user making a negative authorization decision based on the results of a LookupResources request with 1.22.0 is affected. For example, using LookupResources...
CVE-2023-35158
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the restore template to perform a XSS, e.g. by using URL such as:...
CVE-2023-35926
Backstage is an open platform for building developer portals. The Backstage scaffolder-backend plugin uses a templating library that requires sandbox, as it by design allows for code injection. The library used for this sandbox so far has been vm2, but in light of several past vulnerabilities and...
CVE-2023-35840
joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector...
CVE-2023-34092
Vite provides frontend tooling. Prior to versions 2.9.16, 3.2.7, 4.0.5, 4.1.5, 4.2.3, and 4.3.9, Vite Server Options server.fs.deny can be bypassed using double forward-slash // allows any unauthenticated user to read file from the Vite root-path of the application including the default fs.deny...
CVE-2023-33941
Multiple cross-site scripting XSS vulnerabilities in the Plugin for OAuth 2.0 module's OAuth2ProviderApplicationRedirect class in Liferay Portal 7.4.3.41 through 7.4.3.52, and Liferay DXP 7.4 update 41 through 52 allow remote attackers to inject arbitrary web script or HTML via the 1 code, or 2...
CVE-2023-31741
There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters wlssid, wlant, wlrate, WLattenctl, ttcpnum, ttcpsize in the httpd s StartEPI function,...
CVE-2022-45376
Cross-Site Request Forgery CSRF vulnerability in XootiX Side Cart Woocommerce Ajax 2.1 versions...
CVE-2023-1618
Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 Serial number 2310 and prior allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and i...
CVE-2023-22318
Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5...
CVE-2023-29032
An attacker that has gained access to certain private information can use this to act as other user. Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0...
CVE-2022-46378
An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs wh...
CVE-2022-38087
Exposure of resource to wrong sphere in BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...
CVE-2023-23793
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eightweb Interactive Read More Without Refresh plugin = 3.1 versions...
CVE-2023-22788
Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...
CVE-2023-30093
A cross-site scripting XSS vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard...
CVE-2023-25796
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Include WP BaiDu Submit plugin = 1.2.1 versions...
CVE-2023-31290
Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input...
CVE-2023-24545
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine Sfe can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually st...
CVE-2023-1986
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function deleteorder of the file /classes/master.php?f=deleteorder. The manipulation of the argument id leads to sql injection. It is possible to launch the attack...
CVE-2023-27808
H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted payload...
CVE-2023-29015
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core prior to version 23.03. An attacker could create a specially crafted comment, resulting ...