364797 matches found
CVE-2023-39959
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.9, 26.0.4, and 27.0.1, unauthenticated users could send a DAV request which reveals whether a calendar or an address book with the given identifier exists for...
CVE-2023-39955
Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a...
CVE-2023-20562
Insufficient validation in the IOCTL Input Output Control input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution...
CVE-2023-4173
A vulnerability, which was classified as problematic, was found in mooSocial mooStore 3.1.6. Affected is an unknown function of the file /search/index. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this...
CVE-2023-37896
Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code SDK running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. Ther...
CVE-2023-38489
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites with user accounts unless Kirby's API and Panel are disabled in the config. It can only be abused if a Kirby user is logged in on a device or browser th...
CVE-2023-37907
Cryptomator is data encryption software for users who store their files in the cloud. Prior to version 1.9.2, the MSI installer provided on the homepage allows local privilege escalation LPE for low privileged users, if already installed. The problem occurs as the repair function of the MSI spawn...
CVE-2023-37477
1Panel is an open source Linux server operation and maintenance management panel. An OS command injection vulnerability exists in 1Panel firewall functionality. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger...
CVE-2023-36384
Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodePeople Booking Calendar Contact Form plugin = 1.2.40 versions...
CVE-2023-2507
CleverTap Cordova Plugin version 2.6.2 allows a remote attacker to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them...
CVE-2023-36833
A Use After Free vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. The process 'aftman-bt' will crash after...
CVE-2023-37944
A missing permission check in Jenkins Datadog Plugin 5.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2020-22597
An issue in Jerrscript- project Jerryscrip v. 2.3.0 allows a remote attacker to execute arbitrary code via the ecmabuiltinarrayprototypeobjectslice parameter...
CVE-2023-21150
In handlesetparametersctrl of halsocket.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-44276
In Responsive Filemanager 9.12.0, an attacker can bypass upload restrictions resulting in RCE...
CVE-2023-36346
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
CVE-2023-28060
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable...
CVE-2022-48506
A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct ICP and ICP2 and ImageCast Evolution ICE scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of...
CVE-2023-33305
A loop with unreachable exit condition 'infinite loop' in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0....
CVE-2023-32312
UmbracoIdentityExtensions is an Umbraco add-on package that enables easy extensibility points for ASP.Net Identity integration. In affected versions client secrets are not required which may expose some endpoints to untrusted actors. Since Umbraco is not a single-page application, the implicit fl...
CVE-2023-2866
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server...
CVE-2023-3027
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...
CVE-2023-33961
Leantime is a lean open source project management system. Starting in version 2.3.21, an authenticated user with commenting privileges can inject malicious Javascript into a comment. Once the malicious comment is loaded in the browser by a user, the malicious Javascript code executes. As of time ...
CVE-2023-20882
In Cloud foundry routing release versions from 0.262.0 and prior to 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the currently selected...
CVE-2022-41987
Cross-Site Request Forgery CSRF vulnerability in LearningTimes BadgeOS plugin = 3.7.1.6 versions...
CVE-2023-20881
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...
CVE-2022-30114
A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482FW230FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462FW261DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS...
CVE-2023-27564
The n8n package 0.218.0 for Node.js allows Information Disclosure...
CVE-2022-30759
In Nokia One-NDS aka Network Directory Server through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands...
CVE-2023-23710
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin = 7.5.14 versions...
CVE-2023-26494
lorawan-stack is an open source LoRaWAN network server. Prior to version 3.24.1, an open redirect exists on the login page of the lorawan stack server, allowing an attacker to supply a user controlled redirect upon sign in. This issue may allows malicious actors to phish users, as users assume th...
CVE-2023-30605
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. User input coming from the variablename and variablevalue parameter value in the sql/instance.py paramedit endpoint is...
CVE-2022-34128
The Cartography aka positions plugin before 6.0.1 for GLPI allows remote code execution via PHP code in the POST data to front/upload.php...
CVE-2023-27464
A vulnerability has been identified in Mendix Forgot Password Mendix 7 compatible All versions V3.7.1, Mendix Forgot Password Mendix 8 compatible All versions V4.1.1, Mendix Forgot Password Mendix 9 compatible All versions V5.1.1. The affected versions of the module contain an observable response...
CVE-2023-27727
Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njsfunctionframe at src/njsfunction.h...
CVE-2023-1865
The YourChannel plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check when resetting plugin settings via the yrcnuke GET parameter in versions up to, and including, 1.2.3. This makes it possible for unauthenticated attackers to delete YouTube channels...
CVE-2023-26991
SWFTools v0.9.2 was discovered to contain a stack-use-after-scope in the swfReadSWF2 function in lib/rfxswf.c...
CVE-2020-19278
Cross Site Request Forgery vulnerability found in Phachon mm-wiki v.0.1.2 allows a remote attacker to execute arbitrary code via the system/user/save parameter...
CVE-2023-28999
Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files,...
CVE-2022-43608
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.03 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of...
CVE-2022-36978
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification...
CVE-2022-28319
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28642
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28306
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-27641
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
CVE-2023-0497
The HT Portfolio WordPress plugin before 1.1.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2023-20107
A vulnerability in the deterministic random bit generator DRBG, also known as pseudorandom number generator PRNG, in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an...
CVE-2023-1314
A vulnerability has been discovered in cloudflared's installer = 2023.3.0 for Windows 32-bits devices that allows a local attacker with no administrative permissions to escalate their privileges on the affected device. This vulnerability exists because the MSI installer used by cloudflared relied...
CVE-2023-0340
The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. R...
CVE-2015-10091
A vulnerability has been found in ByWater Solutions bywater-koha-xslt and classified as critical. This vulnerability affects the function StringSearch of the file admin/systempreferences.pl. The manipulation of the argument name leads to sql injection. The attack can be initiated remotely...