Vulnerability Summary for the Week of February 27, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
wago -- multiple_products | The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the device. | 2023-02-27 | 9.8 | CVE-2022-45138 MISC |
wago -- multiple_products | The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise. | 2023-02-27 | 9.8 | CVE-2022-45140 MISC |
sourcecodester -- dental_clinic_appointment_reservation_system | A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /APR/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221795. | 2023-02-26 | 9.8 | CVE-2023-1037 MISC MISC MISC |
sourcecodester -- online_reviewer_management_system | A vulnerability classified as critical has been found in SourceCodester Online Reviewer Management System 1.0. Affected is an unknown function of the file /reviewer_0/admins/assessments/pretest/questions-view.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221796. | 2023-02-26 | 9.8 | CVE-2023-1038 MISC MISC MISC |
sourcecodester -- online_graduate_tracer_system | A vulnerability, which was classified as critical, has been found in SourceCodester Online Graduate Tracer System 1.0. Affected by this issue is some unknown functionality of the file tracking/admin/add_acc.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-221798 is the identifier assigned to this vulnerability. | 2023-02-26 | 9.8 | CVE-2023-1040 MISC MISC MISC |
sourcecodester -- music_gallery_site | A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical. This issue affects some unknown processing of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221819. | 2023-02-27 | 9.8 | CVE-2023-1053 MISC MISC |
sourcecodester -- music_gallery_site | A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-221820. | 2023-02-27 | 9.8 | CVE-2023-1054 MISC MISC |
tenda -- w30e_firmware | Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | 2023-02-27 | 9.8 | CVE-2023-25231 MISC |
tenda -- ac500_firmware | Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | 2023-02-27 | 9.8 | CVE-2023-25233 MISC |
tenda -- ac500_firmware | Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via parameters entrys and mitInterface. | 2023-02-27 | 9.8 | CVE-2023-25234 MISC |
cerebrate-project -- cerebrate | Cerebrate 1.12 does not properly consider organisation_id during creation of API keys. | 2023-02-24 | 9.1 | CVE-2023-26468 MISC |
taogogo -- taocms | Cross Site Request Forgery (CSRF) vulnerability in taoCMS 3.0.2 allows remote attackers to gain escalated privileges via taocms/admin/admin.php. | 2023-02-24 | 8.8 | CVE-2021-34167 MISC |
abb -- infinity_dc_power_plant | Cross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415. | 2023-02-24 | 8.8 | CVE-2022-1607 MISC |
wordpress -- wordpress | The GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks | 2023-02-27 | 8.8 | CVE-2023-0381 MISC |
sourcecodester -- moosikay_e-commerce_system | A vulnerability was found in SourceCodester Moosikay E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Moosikay/order.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221732. | 2023-02-24 | 8.8 | CVE-2023-0997 MISC MISC MISC |
sourcecodester -- sales_tracker_management_system | A vulnerability classified as problematic was found in SourceCodester Sales Tracker Management System 1.0. This vulnerability affects unknown code of the file admin/?page=user/list. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221734 is the identifier assigned to this vulnerability. | 2023-02-24 | 8.8 | CVE-2023-0999 MISC MISC MISC |
sourcecodester -- clinics_patient_management_system | A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as critical. Affected is an unknown function of the file update_user.php. The manipulation of the argument user_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221784. | 2023-02-25 | 8.8 | CVE-2023-1035 MISC MISC MISC |
sourcecodester -- class_and_exam_timetabling_system | A vulnerability classified as critical was found in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index3.php of the component POST Parameter Handler. The manipulation of the argument password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221797 was assigned to this vulnerability. | 2023-02-26 | 8.8 | CVE-2023-1039 MISC MISC MISC |
muyucms -- muyucms | A vulnerability was found in MuYuCMS 2.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /editor/index.php. The manipulation of the argument file_path leads to relative path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221803. | 2023-02-26 | 8.8 | CVE-2023-1044 MISC MISC MISC |
muyucms -- muyucms | A vulnerability classified as critical has been found in MuYuCMS 2.2. This affects an unknown part of the file /admin.php/update/getFile.html. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221805 was assigned to this vulnerability. | 2023-02-26 | 8.8 | CVE-2023-1046 MISC MISC MISC |
sourcecodester -- doctors_appointment_system | A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edoc/doctor/patient.php. The manipulation of the argument search12 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221821 was assigned to this vulnerability. | 2023-02-27 | 8.8 | CVE-2023-1056 MISC MISC MISC |
sourcecodester -- doctors_appointment_system | A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been rated as critical. Affected by this issue is the function edoc of the file login.php. The manipulation of the argument usermail leads to sql injection. VDB-221822 is the identifier assigned to this vulnerability. | 2023-02-27 | 8.8 | CVE-2023-1057 MISC MISC MISC |
sourcecodester -- doctors_appointment_system | A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221823. | 2023-02-27 | 8.8 | CVE-2023-1058 MISC MISC MISC |
sourcecodester -- doctors_appointment_system | A vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/doctors.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221824. | 2023-02-27 | 8.8 | CVE-2023-1059 MISC MISC MISC |
sourcecodester -- doctors_appointment_system | A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/edit-doc.php. The manipulation of the argument oldmail leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221825 was assigned to this vulnerability. | 2023-02-27 | 8.8 | CVE-2023-1061 MISC MISC MISC |
sourcecodester -- doctors_appointment_system | A vulnerability, which was classified as critical, was found in SourceCodester Doctors Appointment System 1.0. Affected is an unknown function of the file /admin/add-new.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221826 is the identifier assigned to this vulnerability. | 2023-02-27 | 8.8 | CVE-2023-1062 MISC MISC MISC |
sourcecodester -- doctors_appointment_system | A vulnerability has been found in SourceCodester Doctors Appointment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/patient.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221827. | 2023-02-27 | 8.8 | CVE-2023-1063 MISC MISC MISC |
sourcecodester -- simple_customer_relationship_management_system | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter under the Admin Panel. | 2023-02-27 | 8.8 | CVE-2023-24364 MISC MISC MISC |
sourcecodester -- simple_customer_relationship_management_system | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function. | 2023-02-27 | 8.8 | CVE-2023-24652 MISC MISC MISC |
sourcecodester -- simple_customer_relationship_management_system | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the oldpass parameter under the Change Password function. | 2023-02-27 | 8.8 | CVE-2023-24653 MISC MISC MISC |
sourcecodester -- simple_customer_relationship_management_system | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Request a Quote function. | 2023-02-27 | 8.8 | CVE-2023-24654 MISC MISC MISC |
sourcecodester -- simple_customer_relationship_management_system | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function. | 2023-02-27 | 8.8 | CVE-2023-24656 MISC MISC MISC |
smeup -- erp | Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component. | 2023-02-27 | 8.8 | CVE-2023-26759 MISC |
smeup -- erp | Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability. | 2023-02-27 | 8.8 | CVE-2023-26762 MISC |
rangy_project -- rangy | All versions of the package rangy are vulnerable to Prototype Pollution when using the extend() function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype | 2023-02-24 | 8.2 | CVE-2023-26102 MISC MISC |
muyucms -- muyucms | A vulnerability was found in MuYuCMS 2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin.php/accessory/filesdel.html. The manipulation of the argument filedelur leads to relative path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221804. | 2023-02-26 | 8.1 | CVE-2023-1045 MISC MISC MISC |
marktext -- marktext | A vulnerability has been found in MarkText up to 0.17.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-221737 was assigned to this vulnerability. | 2023-02-24 | 7.8 | CVE-2023-1004 MISC MISC MISC |
markdown-electron_project -- markdown-electron | A vulnerability was found in JP1016 Markdown-Electron and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to code injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. VDB-221738 is the identifier assigned to this vulnerability. | 2023-02-24 | 7.8 | CVE-2023-1005 MISC MISC MISC |
filseclab -- twister_antivirus | A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects unknown code in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221740. | 2023-02-24 | 7.8 | CVE-2023-1007 MISC MISC MISC MISC |
techpowerup -- realtemp | A vulnerability classified as critical was found in TechPowerUp RealTemp 3.7.0.0. This vulnerability affects unknown code in the library WinRing0x64.sys. The manipulation leads to improper initialization. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. VDB-221806 is the identifier assigned to this vulnerability. | 2023-02-26 | 7.8 | CVE-2023-1047 MISC MISC MISC |
apple -- macos | The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges. | 2023-02-27 | 7.8 | CVE-2023-23507 MISC MISC |
linux -- kernel | In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size. | 2023-02-25 | 7.8 | CVE-2023-26544 MISC |
linux -- kernel | In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. | 2023-02-25 | 7.8 | CVE-2023-26545 MISC MISC MISC |
linux -- kernel | In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid. | 2023-02-26 | 7.8 | CVE-2023-26605 MISC |
linux -- kernel | In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c. | 2023-02-26 | 7.8 | CVE-2023-26606 MISC |
sourcecodester -- online_book_store | SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL. | 2023-02-24 | 7.5 | CVE-2021-34249 MISC MISC |
wordpress -- wordpress | The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing | 2023-02-27 | 7.5 | CVE-2022-4550 MISC |
wordpress -- wordpress | The Correos Oficial WordPress plugin through 1.2.0.2 does not have an authorization check user input validation when generating a file path, allowing unauthenticated attackers to download arbitrary files from the server. | 2023-02-27 | 7.5 | CVE-2023-0331 MISC |
rosariosis -- rosariosis | Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.8.2. | 2023-02-24 | 7.5 | CVE-2023-0994 MISC CONFIRM |
tenda -- ac500_firmware | Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function formOneSsidCfgSet via parameter ssid. | 2023-02-27 | 7.5 | CVE-2023-25235 MISC |
smeup -- erp | Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService. | 2023-02-27 | 7.5 | CVE-2023-26758 MISC |
smeup -- erp | Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows attackers to access cleartext credentials needed to authenticate to the AS400 system. | 2023-02-27 | 7.5 | CVE-2023-26760 MISC |
wordpress -- wordpress | The GeoDirectory WordPress plugin before 2.2.24 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. | 2023-02-27 | 7.2 | CVE-2023-0278 MISC MISC |
wordpress -- wordpress | The Media Library Assistant WordPress plugin before 3.06 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. | 2023-02-27 | 7.2 | CVE-2023-0279 MISC MISC |
wordpress -- wordpress | The My Sticky Elements WordPress plugin before 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement when deleting messages, leading to a SQL injection exploitable by high privilege users such as admin | 2023-02-27 | 7.2 | CVE-2023-0487 MISC |
arubanetworks -- arubaos | Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 2023-03-01 | 7.2 | CVE-2023-22762 MISC |
arubanetworks -- arubaos | Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 2023-03-01 | 7.2 | CVE-2023-22763 MISC |
arubanetworks -- arubaos | Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 2023-03-01 | 7.2 | CVE-2023-22764 MISC |
arubanetworks -- arubaos | Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 2023-03-01 | 7.2 | CVE-2023-22765 MISC |
arubanetworks -- arubaos | Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 2023-03-01 | 7.2 | CVE-2023-22766 MISC |
arubanetworks -- arubaos | Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 2023-03-01 | 7.2 | CVE-2023-22767 MISC |
arubanetworks -- arubaos | Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 2023-03-01 | 7.2 | CVE-2023-22768 MISC |
arubanetworks -- arubaos | Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 2023-03-01 | 7.2 | CVE-2023-22769 MISC |
arubanetworks -- arubaos | Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 2023-03-01 | 7.2 | CVE-2023-22770 MISC |
linux -- kernel | In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. | 2023-02-26 | 7.1 | CVE-2023-26607 MISC |
Medium Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
mv_idigital_clinic_enterprise_project -- mv_idigital_clinic_enterprise | MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext. | 2023-02-27 | 6.5 | CVE-2022-31405 MISC MISC MISC |
muyucms -- muyucms | A vulnerability, which was classified as problematic, has been found in MuYuCMS 2.2. This issue affects some unknown processing of the file index.php. The manipulation of the argument file_path leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221735. | 2023-02-24 | 6.5 | CVE-2023-1002 MISC MISC MISC |
arubanetworks -- arubaos | Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system. | 2023-03-01 | 6.5 | CVE-2023-22773 MISC |
arubanetworks -- arubaos | Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system. | 2023-03-01 | 6.5 | CVE-2023-22774 MISC |
apple -- macos | The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Visiting a website may lead to an app denial-of-service. | 2023-02-27 | 6.5 | CVE-2023-23512 MISC MISC MISC MISC |
heimgardtechnologies -- eagle_1200ac_firmware | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2 parameter at /goform/WifiBasicSet. | 2023-03-01 | 6.5 | CVE-2023-24128 MISC MISC MISC |
heimgardtechnologies -- eagle_1200ac_firmware | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4 parameter at /goform/WifiBasicSet. | 2023-03-01 | 6.5 | CVE-2023-24129 MISC MISC MISC |
heimgardtechnologies -- eagle_1200ac_firmware | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet. | 2023-03-01 | 6.5 | CVE-2023-24130 MISC MISC MISC |
heimgardtechnologies -- eagle_1200ac_firmware | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1_5g parameter at /goform/WifiBasicSet. | 2023-03-01 | 6.5 | CVE-2023-24131 MISC MISC MISC |
heimgardtechnologies -- eagle_1200ac_firmware | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3_5g parameter at /goform/WifiBasicSet. | 2023-03-01 | 6.5 | CVE-2023-24132 MISC MISC MISC |
heimgardtechnologies -- eagle_1200ac_firmware | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey_5g parameter at /goform/WifiBasicSet. | 2023-03-01 | 6.5 | CVE-2023-24133 MISC MISC MISC |
heimgardtechnologies -- eagle_1200ac_firmware | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3 parameter at /goform/WifiBasicSet. | 2023-03-01 | 6.5 | CVE-2023-24134 MISC MISC MISC |
wago -- multiple_products | The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser. This leads to a limited impact of confidentiality and integrity but no impact of availability. | 2023-02-27 | 6.1 | CVE-2022-45137 MISC |
paypal -- braintree\/sanitize-url | sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities. | 2023-02-24 | 6.1 | CVE-2022-48345 MISC MISC |
wordpress -- wordpress | The Custom Add User WordPress plugin through 2.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 2023-02-27 | 6.1 | CVE-2023-0043 MISC |
wordpress -- wordpress | The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin | 2023-02-27 | 6.1 | CVE-2023-0334 MISC |
sourcecodester -- online_boat_reservation_system | A vulnerability has been found in SourceCodester Online Boat Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /boat/login.php of the component POST Parameter Handler. The manipulation of the argument un leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221755. | 2023-02-24 | 6.1 | CVE-2023-1030 MISC MISC MISC |
sourcecodester -- dental_clinic_appointment_reservation_system | A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /APR/signup.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221794 is the identifier assigned to this vulnerability. | 2023-02-26 | 6.1 | CVE-2023-1036 MISC MISC MISC |
sourcecodester -- simple_responsive_tourism_website | A vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive Tourism Website 1.0. This affects an unknown part of the file /tourism/rate_review.php. The manipulation of the argument id with the input 1"><script>alert(1111)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221799. | 2023-02-26 | 6.1 | CVE-2023-1041 MISC MISC MISC |
sourcecodester -- online_pet_shop_we_app | A vulnerability has been found in SourceCodester Online Pet Shop We App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /pet_shop/admin/orders/update_status.php. The manipulation of the argument oid with the input 1"><script>alert(1111)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221800. | 2023-02-26 | 6.1 | CVE-2023-1042 MISC MISC MISC |
flatpress -- flatpress | Cross-site Scripting (XSS) - Reflected in GitHub repository flatpressblog/flatpress prior to 1.3. | 2023-03-02 | 6.1 | CVE-2023-1106 CONFIRM MISC |
ibm -- maximo_application_suite | IBM Maximo Application Suite 8.8.0 and 8.9.0 stores potentially sensitive information that could be read by a local user. IBM X-Force ID: 241584. | 2023-02-24 | 5.5 | CVE-2022-43923 MISC MISC |
filseclab -- twister_antivirus | A vulnerability was found in Twister Antivirus 8.17. It has been rated as problematic. This issue affects some unknown processing in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-221741 was assigned to this vulnerability. | 2023-02-24 | 5.5 | CVE-2023-1008 MISC MISC MISC MISC |
linux -- kernel | In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 2023-02-28 | 5.5 | CVE-2023-22998 MISC MISC |
apple -- macos | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. An app may be able to bypass Privacy preferences. | 2023-02-27 | 5.5 | CVE-2023-23508 MISC MISC MISC |
apple -- macos | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences. | 2023-02-27 | 5.5 | CVE-2023-23511 MISC MISC MISC MISC MISC |
wordpress -- wordpress | The Wufoo Shortcode WordPress plugin before 1.52 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 2023-02-27 | 5.4 | CVE-2022-4679 MISC |
wordpress -- wordpress | The List Pages Shortcode WordPress plugin before 1.7.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. | 2023-02-27 | 5.4 | CVE-2022-4757 MISC |
wordpress -- wordpress | The Embed PDF WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 2023-02-27 | 5.4 | CVE-2022-4788 MISC |
wordpress -- wordpress | The Galleries by Angie Makes WordPress plugin through 1.67 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 2023-02-27 | 5.4 | CVE-2022-4795 MISC |
wordpress -- wordpress | The Show-Hide / Collapse-Expand WordPress plugin through 1.2.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. | 2023-02-27 | 5.4 | CVE-2022-4829 MISC |
wordpress -- wordpress | The Olevmedia Shortcodes WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 2023-02-27 | 5.4 | CVE-2023-0168 MISC |
wordpress -- wordpress | The VK All in One Expansion Unit WordPress plugin before 9.86.0.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 2023-02-27 | 5.4 | CVE-2023-0230 MISC |
wordpress -- wordpress | The Donation Block For PayPal WordPress plugin before 2.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 2023-02-27 | 5.4 | CVE-2023-0535 MISC |
wordpress -- wordpress | The GS Insever Portfolio WordPress plugin before 1.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 2023-02-27 | 5.4 | CVE-2023-0539 MISC |
wordpress -- wordpress | The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability | 2023-02-27 | 5.4 | CVE-2023-0552 MISC |
wordpress -- wordpress | The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Contributor+ role to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-02-24 | 5.4 | CVE-2023-0586 MISC MISC MISC |
business_management_system_project -- business_management_system | Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to v2.0.1. | 2023-02-24 | 5.4 | CVE-2023-0995 CONFIRM MISC |
sourcecodester -- medical_certificate_generator_app | A vulnerability was found in SourceCodester Medical Certificate Generator App 1.0. It has been classified as problematic. This affects an unknown part of the component New Record Handler. The manipulation of the argument Firstname/Middlename/Lastname/Suffix/Nationality/Doctor Fullname/Doctor Suffix with the input "><script>prompt(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-221739. | 2023-02-24 | 5.4 | CVE-2023-1006 MISC MISC |
pimcore -- pimcore | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. | 2023-02-27 | 5.4 | CVE-2023-1067 CONFIRM MISC |
flatpress -- flatpress | Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. | 2023-03-02 | 5.4 | CVE-2023-1107 MISC CONFIRM |
pimcore -- pimcore | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. | 2023-03-01 | 5.4 | CVE-2023-1115 CONFIRM MISC |
pimcore -- pimcore | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. | 2023-03-01 | 5.4 | CVE-2023-1116 MISC CONFIRM |
pimcore -- pimcore | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. | 2023-03-01 | 5.4 | CVE-2023-1117 MISC CONFIRM |
flatpress -- flatpress | Cross-site Scripting (XSS) - Generic in GitHub repository flatpressblog/flatpress prior to 1.3. | 2023-03-02 | 5.4 | CVE-2023-1146 CONFIRM MISC |
flatpress -- flatpress | Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. | 2023-03-02 | 5.4 | CVE-2023-1147 CONFIRM MISC |
ss-proj -- shirasagi | Stored cross-site scripting vulnerability in Schedule function of SHIRASAGI v1.16.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script. | 2023-02-24 | 5.4 | CVE-2023-22425 MISC MISC MISC MISC |
wangeditor -- wangeditor | WangEditor v5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /dist/index.js. | 2023-02-27 | 5.4 | CVE-2023-24251 MISC |
simple_customer_relationship_management_system_project -- simple_customer_relationship_management_system | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter on the registration page. | 2023-02-27 | 5.4 | CVE-2023-24651 MISC MISC MISC |
opencats -- opencats | An open redirect vulnerability exposes OpenCATS to template injection due to improper validation of user-supplied GET parameters. | 2023-02-28 | 5.4 | CVE-2023-27292 MISC |
opencats -- opencats | Cross-site request forgery is facilitated by OpenCATS failure to require CSRF tokens in POST requests. An attacker can exploit this issue by creating a dummy page that executes Javascript in an authenticated user's session when visited. | 2023-02-28 | 5.4 | CVE-2023-27295 MISC |
wago -- multiple_products | A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver. In combination with CVE-2022-45138 this could lead to disclosure of device information like CPU diagnostics. As there is just a limited amount of information readable the impact only affects a small subset of confidentiality. | 2023-02-27 | 5.3 | CVE-2022-45139 MISC |
schneider-electric -- clearscada | A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions) | 2023-02-24 | 5.3 | CVE-2023-0595 MISC |
sourcecodester -- alphaware_simple_e-commerce_system | A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221733 was assigned to this vulnerability. | 2023-02-24 | 5.3 | CVE-2023-0998 MISC MISC MISC |
arubanetworks -- arubaos | An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files. | 2023-03-01 | 4.9 | CVE-2023-22776 MISC |
wordpress -- wordpress | The Arigato Autoresponder and Newsletter WordPress plugin before 2.1.7.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2023-02-27 | 4.8 | CVE-2023-0543 MISC |
wordpress -- wordpress | The Namaste! LMS WordPress plugin before 2.5.9.4 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 2023-02-27 | 4.8 | CVE-2023-0548 MISC |
wordpress -- wordpress | The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Administrator role or above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-02-24 | 4.8 | CVE-2023-0585 MISC MISC MISC MISC MISC MISC |
microweber -- microweber | Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3. | 2023-02-28 | 4.8 | CVE-2023-1081 MISC CONFIRM |
flatpress -- flatpress | Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. | 2023-03-02 | 4.8 | CVE-2023-1148 MISC CONFIRM |
ss-proj -- shirasagi | Stored cross-site scripting vulnerability in Theme switching function of SHIRASAGI v1.16.2 and earlier versions allows a remote attacker with an administrative privilege to inject an arbitrary script. | 2023-02-24 | 4.8 | CVE-2023-22427 MISC MISC MISC MISC |
wordpress -- wordpress | The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the regenerateSitemaps function. This makes it possible for unauthenticated attackers to regenerate Sitemaps via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-02-24 | 4.3 | CVE-2023-1029 MISC MISC |
muyucms -- muyucms | A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an unknown function of the file /editor/index.php. The manipulation of the argument dir_path leads to relative path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221802 is the identifier assigned to this vulnerability. | 2023-02-26 | 4.3 | CVE-2023-1043 MISC MISC MISC |
wordpress -- wordpress | The Download Read More Excerpt Link plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.0. This is due to missing or incorrect nonce validation on the read_more_excerpt_link_menu_options() function. This makes it possible for unauthenticated attackers to update he plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-02-27 | 4.3 | CVE-2023-1068 MISC MISC |
Low Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
arubanetworks -- arubaos | An insufficient session expiration vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability allows an attacker to keep a session running on an affected device after the removal of the impacted account | 2023-03-01 | 2.4 | CVE-2023-22771 MISC |
Severity Not Yet Assigned
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
media_downloader_plugin -- media_downloader_plugin | A vulnerability was found in Media Downloader Plugin 0.1.992. It has been declared as problematic. This vulnerability affects the function dl_file_resumable of the file getfile.php. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.1.993 is able to address this issue. The name of the patch is 77beb720c682b9300035ab5f96eee225181d8a92. It is recommended to upgrade the affected component. VDB-222262 is the identifier assigned to this vulnerability. | 2023-03-04 | not yet calculated | CVE-2014-125090 MISC MISC MISC |
codepeople -- cp-polls_plugin | A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is 6d7168cbf12d1c183bacc5cd5678f6f5b0d518d2. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222268. | 2023-03-04 | not yet calculated | CVE-2014-125091 MISC MISC MISC MISC |
opencyclecompass -- server-php | A vulnerability, which was classified as critical, was found in OpenCycleCompass server-php. Affected is an unknown function of the file api1/login.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The name of the patch is fa0d9bcf81c711a88172ad0d37a842f029ac3782. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-221808. | 2023-02-28 | not yet calculated | CVE-2015-10086 MISC MISC MISC |
dro.pm -- dro.pm | A vulnerability, which was classified as problematic, was found in dro.pm. This affects an unknown part of the file web/fileman.php. The manipulation of the argument secret/key leads to cross site scripting. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The name of the patch is fa73c3a42bc5c246a1b8f815699ea241aef154bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221763. | 2023-02-26 | not yet calculated | CVE-2019-25105 MISC MISC MISC |
hitachi -- multiple_products_on_linux_platform | Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer, Analyzer probe server components), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Automation Director: from 8.2.0-00 through 10.6.1-00; Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.0.0-00; Hitachi Ops Center Automator: before 10.9.1-00; Hitachi Ops Center Analyzer: before 10.9.1-00; Hitachi Ops Center Viewpoint: before 10.9.1-00. | 2023-02-28 | not yet calculated | CVE-2020-36652 MISC |
artesãos -- seotools | A vulnerability, which was classified as problematic, was found in Artesãos SEOTools up to 0.17.1. This affects the function makeTag of the file OpenGraph.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222231. | 2023-03-04 | not yet calculated | CVE-2020-36663 MISC MISC MISC MISC MISC |
artesãos -- seotools | A vulnerability has been found in Artesãos SEOTools up to 0.17.1 and classified as problematic. This vulnerability affects the function setTitle of the file SEOMeta.php. The manipulation of the argument title leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222232. | 2023-03-04 | not yet calculated | CVE-2020-36664 MISC MISC MISC MISC MISC |
artesãos -- seotools | A vulnerability was found in Artesãos SEOTools up to 0.17.1 and classified as critical. This issue affects the function eachValue of the file TwitterCards.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The identifier VDB-222233 was assigned to this vulnerability. | 2023-03-04 | not yet calculated | CVE-2020-36665 MISC MISC MISC MISC MISC |
ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 192953. | 2023-03-01 | not yet calculated | CVE-2020-5001 MISC MISC |
ibm -- financial_transaction_manager_for_digital_payments_for_multi-platform | IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 193662. | 2023-03-01 | not yet calculated | CVE-2020-5026 MISC MISC |
apple -- macos_monterey | A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs. | 2023-02-27 | not yet calculated | CVE-2020-9846 MISC |
abb -- multiple_products | Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1, ABB Relion protection relays - 620 series IEC/CN 2.0, ABB Relion protection relays - 620 series IEC/CN 2.0 FP1, ABB Relion protection relays - REX640 PCL1, ABB Relion protection relays - REX640 PCL2, ABB Relion protection relays - REX640 PCL3, ABB Relion protection relays - RER615, ABB Remote Monitoring and Control - REC615, ABB Merging Unit- SMU615 allows Communication Channel Manipulation.This issue affects Relion protection relays - 611 series: from 1.0.0 before 2.0.3; Relion protection relays - 615 series IEC 4.0 FP1: from 4.1.0 before 4.1.9; Relion protection relays - 615 series CN 4.0 FP1: from 4.1.0 before 4.1.8; Relion protection relays - 615 series IEC 5.0: from 5.0.0 before 5.0.12; Relion protection relays - 615 series IEC 5.0 FP1: from 5.1.0 before 5.1.20; Relion protection relays - 620 series IEC/CN 2.0: from 2.0.0 before 2.0.11; Relion protection relays - 620 series IEC/CN 2.0 FP1: from 2.1.0 before 2.1.15; Relion protection relays - REX640 PCL1: from 1.0.0 before 1.0.8; Relion protection relays - REX640 PCL2: from 1.1.0 before 1.1.4; Relion protection relays - REX640 PCL3: from 1.2.0 before 1.2.1; Relion protection relays - RER615: from 2.0.0 before 2.0.3; Remote Monitoring and Control - REC615: from 1.0.0 before 2.0.3; Merging Unit- SMU615: from 1.0.0 before 1.0.2. | 2023-02-28 | not yet calculated | CVE-2021-22283 MISC |
irz_electronics -- ruh2_gsm | Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter. | 2023-02-27 | not yet calculated | CVE-2021-32302 MISC MISC MISC |
zephyrproject-rtos -- zephyr | Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack | 2023-02-26 | not yet calculated | CVE-2021-3329 MISC |
streetside -- samourai_wallet | An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0.99.96i allows attackers to view sensitive information and decrypt data via a brute force attack that uses a recovered samourai.dat file. The PIN is 5 to 8 digits, which may be insufficient in this situation. | 2023-03-04 | not yet calculated | CVE-2021-36689 MISC MISC |
glox_technology -- useroam_hotspot | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15. | 2023-03-02 | not yet calculated | CVE-2021-3854 MISC |
liman_mys -- liman_mys | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Liman MYS (HTTP/Controllers, CronMail, Jobs modules) allows Command Injection.This issue affects Liman MYS: from 1.7.0 before 1.8.3-462. | 2023-03-01 | not yet calculated | CVE-2021-3855 MISC MISC |
open_mainframe_project -- zowe_cli | A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. Impacts Zowe CLI. | 2023-03-01 | not yet calculated | CVE-2021-4326 MISC |
serenityos -- serenityos | A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is the function initialize_typed_array_from_array_buffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. The manipulation leads to integer overflow. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is f6c6047e49f1517778f5565681fb64750b14bf60. It is recommended to apply a patch to fix this issue. VDB-222074 is the identifier assigned to this vulnerability. | 2023-03-01 | not yet calculated | CVE-2021-4327 MISC MISC MISC MISC |
狮子鱼cms -- 狮子鱼cms | A vulnerability has been found in ???CMS and classified as critical. Affected by this vulnerability is the function goods_detail of the file ApiController.class.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-222223. | 2023-03-02 | not yet calculated | CVE-2021-4328 MISC MISC MISC |
yordam_information_technologies -- library_automation_system | Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2. | 2023-03-02 | not yet calculated | CVE-2021-45477 MISC |
yordam_information_technologies -- library_automation_system | Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2. | 2023-03-02 | not yet calculated | CVE-2021-45478 MISC |
yordam_information_technologies -- library_automation_system | Improper Neutralization of Input During Web Page Generation vulnerability in Yordam Information Technologies Library Automation System allows Stored XSS.This issue affects Library Automation System: before 19.2. | 2023-03-02 | not yet calculated | CVE-2021-45479 MISC |
apple -- apple_music_for_android | This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity. | 2023-02-27 | not yet calculated | CVE-2021-46841 MISC |
gogs -- gogs | OS Command Injection in GitHub repository gogs/gogs prior to 0.12.11. | 2023-02-25 | not yet calculated | CVE-2022-2024 CONFIRM MISC |
google -- android | In addAutomaticZenRule of ZenModeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242537431 | 2023-02-28 | not yet calculated | CVE-2022-20455 MISC |
google -- android | In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241927115 | 2023-02-28 | not yet calculated | CVE-2022-20481 MISC |
google -- android | In createTrack of AudioFlinger.cpp, there is a possible way to record audio without a privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-243376549 | 2023-02-28 | not yet calculated | CVE-2022-20551 MISC |
cisco -- asyncos_software | A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked. This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device. | 2023-03-01 | not yet calculated | CVE-2022-20952 MISC |
apple -- macos_big_sur | A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write arbitrary files. | 2023-02-27 | not yet calculated | CVE-2022-22582 MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information. | 2023-02-27 | not yet calculated | CVE-2022-22668 MISC MISC |
netapp -- active iq_unified_manager | Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack. | 2023-02-28 | not yet calculated | CVE-2022-23239 MISC |
netapp -- active iq_unified_manager | Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors. | 2023-02-28 | not yet calculated | CVE-2022-23240 MISC |
apple -- ios/ipados | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A malicious application may be able to elevate privileges. | 2023-02-27 | not yet calculated | CVE-2022-26760 MISC |
amd -- multiple_products | When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. | 2023-03-01 | not yet calculated | CVE-2022-27672 MISC |
amd -- ryzen_master | Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user. | 2023-03-01 | not yet calculated | CVE-2022-27677 MISC |
coredns -- coredns | A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of <service>.<namespace>.svc. | 2023-03-03 | not yet calculated | CVE-2022-2835 MISC |
coredns -- coredns | A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD. | 2023-03-03 | not yet calculated | CVE-2022-2837 MISC |
kubernetes -- kubernetes | Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group. | 2023-03-01 | not yet calculated | CVE-2022-3162 CONFIRM MLIST |
apple -- multiple_products | The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data. | 2023-02-27 | not yet calculated | CVE-2022-32784 MISC MISC |
apple -- multiple_products | The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. | 2023-02-27 | not yet calculated | CVE-2022-32824 MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information. | 2023-02-27 | not yet calculated | CVE-2022-32830 MISC MISC |
apple -- apple_music_for_android | This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data. | 2023-02-27 | not yet calculated | CVE-2022-32836 MISC |
apple -- multiple_products | A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication. | 2023-02-27 | not yet calculated | CVE-2022-32844 MISC MISC MISC |
apple -- apple_music_for_android | A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data. | 2023-02-27 | not yet calculated | CVE-2022-32846 MISC |
apple -- ios/ipados | A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6. A user may be able to view restricted content from the lock screen. | 2023-02-27 | not yet calculated | CVE-2022-32855 MISC |
apple -- multiple_products | The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. | 2023-02-27 | not yet calculated | CVE-2022-32891 MISC MISC MISC MISC |
apple -- multiple_products | This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information. | 2023-02-27 | not yet calculated | CVE-2022-32896 MISC MISC |
apple -- macos | A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to gain elevated privileges. | 2023-02-27 | not yet calculated | CVE-2022-32900 MISC MISC |
apple -- macos | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences. | 2023-02-27 | not yet calculated | CVE-2022-32902 MISC MISC MISC |
apple -- apple_music_for_android | This issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. A user in a privileged network position may intercept SSL/TLS connections. | 2023-02-27 | not yet calculated | CVE-2022-32906 MISC |
kubernetes -- kubernetes | Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network. | 2023-03-01 | not yet calculated | CVE-2022-3294 CONFIRM MLIST |
apple -- multiple_products | This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel privileges. | 2023-02-27 | not yet calculated | CVE-2022-32949 MISC MISC |
aremis -- aremis_4_nomad | An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization to retrieve application data. | 2023-02-27 | not yet calculated | CVE-2022-34908 MISC MISC |
aremis -- aremis_4_nomad | An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database. | 2023-02-27 | not yet calculated | CVE-2022-34909 MISC MISC |
aremis -- aremis_4_nomad | An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device. | 2023-02-27 | not yet calculated | CVE-2022-34910 MISC MISC |
ibm -- maximo_asset_management | IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8 and 8.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 230958. | 2023-03-02 | not yet calculated | CVE-2022-35645 MISC MISC MISC |
redis -- redis | Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. | 2023-03-01 | not yet calculated | CVE-2022-36021 MISC MISC |
hewlett_packard_enterprise -- hpe_oneview_for_vmware_vcenter | HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password. | 2023-03-01 | not yet calculated | CVE-2022-37935 MISC |
hewlett_packard_enterprise -- hpe_serviceguard_for_linux | Unauthenticated Java deserialization vulnerability in Serviceguard Manager | 2023-03-01 | not yet calculated | CVE-2022-37936 MISC |
hewlett_packard_enterprise -- hpe_serviceguard_for_linux | Pre-auth memory corruption in HPE Serviceguard | 2023-03-01 | not yet calculated | CVE-2022-37937 MISC |
hewlett_packard_enterprise -- hpe_serviceguard_for_linux | Unauthenticated server side request forgery in HPE Serviceguard Manager | 2023-03-01 | not yet calculated | CVE-2022-37938 MISC |
quest -- kace_sma | An XSS vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.1 that may allow remote injection of arbitrary web script or HTML. | 2023-03-01 | not yet calculated | CVE-2022-38220 MISC MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin <= 3.28 leading to thumbnail alteration. | 2023-03-01 | not yet calculated | CVE-2022-38468 MISC |
netapp -- storagegrid | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service. | 2023-03-02 | not yet calculated | CVE-2022-38734 MISC |
hitachi -- hitachi_ops_center_analyzer | Incorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows (Hitachi Ops Center Analyzer RAID Agent component) allows local users to read and write specific files.This issue affects Hitachi Ops Center Analyzer: from 10.9.0-00 before 10.9.0-01. | 2023-02-28 | not yet calculated | CVE-2022-3884 MISC |
vantage6 -- vantage6 | vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is entered a number of times, the user account is blocked temporarily. This issue has been fixed in version 3.8.0. | 2023-03-01 | not yet calculated | CVE-2022-39228 MISC MISC MISC MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in StandaloneTech TeraWallet – For WooCommerce plugin <= 1.3.24 leading to plugin settings change. | 2023-03-01 | not yet calculated | CVE-2022-40198 MISC |
ibm -- mq_for_hpe_nonstop | IBM MQ for HPE NonStop 8.1.0 is vulnerable to a denial of service attack due to an error within the CCDT and channel synchronization logic. IBM X-Force ID: 235727. | 2023-02-27 | not yet calculated | CVE-2022-40237 MISC MISC |
rittal -- cmc_iii | A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks. | 2023-03-02 | not yet calculated | CVE-2022-40633 MISC |
go_on_windows -- go_on_windows | A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean function could transform an invalid path such as "a/../c:/b" into the valid path "c:\b". This transformation of a relative (if invalid) path into an absolute path could enable a directory traversal attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid) path ".\c:\b". | 2023-02-28 | not yet calculated | CVE-2022-41722 MISC MISC MISC MISC |
go -- go | A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. | 2023-02-28 | not yet calculated | CVE-2022-41723 MISC MISC MISC MISC MISC |
go -- go | Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth >= RequestClientCert). | 2023-02-28 | not yet calculated | CVE-2022-41724 MISC MISC MISC MISC |
go -- go | A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing "up to maxMemory bytes +10MB (reserved for non-file parts) in memory". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type's documentation states, "If stored on disk, the File's underlying concrete type will be an *os.File.". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader. | 2023-02-28 | not yet calculated | CVE-2022-41725 MISC MISC MISC MISC |
go -- go | An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service. | 2023-02-28 | not yet calculated | CVE-2022-41727 MISC MISC MISC MISC |
postgresql -- postgresql | In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes. | 2023-03-03 | not yet calculated | CVE-2022-41862 MISC MISC |
apple -- xcode | An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges. | 2023-02-27 | not yet calculated | CVE-2022-42797 MISC |
apple -- macos | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution. | 2023-02-27 | not yet calculated | CVE-2022-42826 MISC MISC MISC |
apple -- macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | 2023-02-27 | not yet calculated | CVE-2022-42833 MISC |
apple -- macos | An issue with app access to camera data was addressed with improved logic. This issue is fixed in macOS Ventura 13. A camera extension may be able to continue receiving video after the app which activated was closed. | 2023-02-27 | not yet calculated | CVE-2022-42838 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Forms by CaptainForm – Form Builder for WordPress plugin <= 2.5.3 versions. | 2023-02-28 | not yet calculated | CVE-2022-43459 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Mercado Pago Mercado Pago payments for WooCommerce plugin <= 6.3.1. | 2023-03-01 | not yet calculated | CVE-2022-45068 MISC MISC |
shenzhen_zhibotong_electronics -- we1626_router | An issue discovered in Shenzhen Zhibotong Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint. | 2023-03-03 | not yet calculated | CVE-2022-45551 MISC MISC MISC |
shenzhen_zhibotong_electronics -- we1626_router | An Insecure Permissions vulnerability in Shenzhen Zhibotong Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory. | 2023-03-03 | not yet calculated | CVE-2022-45552 MISC MISC MISC |
shenzhen_zhibotong_electronics -- we1626_router | An issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows attacker to execute arbitrary commands via serial connection to the UART port. | 2023-03-03 | not yet calculated | CVE-2022-45553 MISC MISC MISC |
thingsboard -- thingsboard | An issue was discovered in ThingsBoard 3.4.1, allows low privileged attackers (CUSTOMER_USER) to gain escalated privileges (vertically) and become an Administrator (TENANT_ADMIN) or (SYS_ADMIN) on the web application. It is important to note that in order to accomplish this, the attacker must know the corresponding API's parameter (authority : value). | 2023-03-01 | not yet calculated | CVE-2022-45608 MISC MISC |
razer -- razer_central | Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory. | 2023-02-27 | not yet calculated | CVE-2022-45697 MISC MISC |
robosoft -- rbs_image_gallery | Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.9 leading to galleries hierarchy change, included plugin deactivate & activate. | 2023-03-01 | not yet calculated | CVE-2022-45804 MISC |
coocare -- coocare | starsoftcomm CooCare 5.304 allows local attackers to escalate privileges and execute arbitrary commands via a crafted file upload. | 2023-03-03 | not yet calculated | CVE-2022-45988 MISC MISC |
libtiff -- libtiff | LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. | 2023-03-03 | not yet calculated | CVE-2022-4645 MISC MISC CONFIRM |
accruent -- accruent | Accruent LLC Maintenance Connection 2021 (all) & 2022.2 was discovered to contain a SQL injection vulnerability via the E-Mail to Work Order function. | 2023-03-02 | not yet calculated | CVE-2022-46501 MISC MISC |
apple -- macos | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to modify protected parts of the file system. | 2023-02-27 | not yet calculated | CVE-2022-46704 MISC MISC MISC |
apple -- multiple_products | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing. | 2023-02-27 | not yet calculated | CVE-2022-46705 MISC MISC MISC |
apple -- macos | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13. An app may be able to cause unexpected system termination or potentially execute code with kernel privileges. | 2023-02-27 | not yet calculated | CVE-2022-46712 MISC |
apple -- macos | A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system. | 2023-02-27 | not yet calculated | CVE-2022-46713 MISC MISC MISC |
apple -- macos | This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A remote user may be able to write arbitrary files. | 2023-02-27 | not yet calculated | CVE-2022-46723 MISC MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Conversios All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce plugin <= 5.2.3 leads to plugin settings change. | 2023-03-01 | not yet calculated | CVE-2022-46797 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change. | 2023-03-01 | not yet calculated | CVE-2022-46798 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 leading to activation/deactivation of plugin rulesets. | 2023-03-01 | not yet calculated | CVE-2022-46805 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification. | 2023-03-01 | not yet calculated | CVE-2022-46806 MISC |
report -- report | Report v0.9.8.6 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability. | 2023-03-03 | not yet calculated | CVE-2022-46973 MISC MISC |
smart_office_web -- smart_office_web | An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx. | 2023-02-28 | not yet calculated | CVE-2022-47075 MISC MISC MISC |
smart_office_web -- smart_office_web | An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.aspx. | 2023-02-28 | not yet calculated | CVE-2022-47076 MISC MISC MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin <= 3.2.5 leading to popup dismiss. | 2023-03-01 | not yet calculated | CVE-2022-47148 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Uwe Jacobs OWM Weather plugin <= 5.6.11 leads to post duplication as a draft. | 2023-02-28 | not yet calculated | CVE-2022-47179 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.5 leads to list column update. | 2023-02-28 | not yet calculated | CVE-2022-47612 MISC |
libde265 -- libde265 | Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse | 2023-03-03 | not yet calculated | CVE-2022-47664 MISC |
libde265 -- libde265 | Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int) | 2023-03-03 | not yet calculated | CVE-2022-47665 MISC |
huawei -- bisheng-wnm_fw | There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to DoS. | 2023-02-27 | not yet calculated | CVE-2022-48230 MISC |
huawei -- leia-b29 | There is a data processing error vulnerability in Leia-B29 2.0.0.49(M03). Successful exploitation could bypass lock screen authentication. | 2023-02-27 | not yet calculated | CVE-2022-48254 MISC |
huawei -- bisheng-wnm_fw | There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. | 2023-02-27 | not yet calculated | CVE-2022-48255 MISC |
huawei -- bisheng-wnm_fw | There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could allow attackers to gain higher privileges. | 2023-02-27 | not yet calculated | CVE-2022-48259 MISC |
huawei -- bisheng-wnm_fw | There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions. | 2023-02-27 | not yet calculated | CVE-2022-48260 MISC |
huawei -- bisheng-wnm_fw | There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation of this vulnerability may cause the printer service to be abnormal. | 2023-02-27 | not yet calculated | CVE-2022-48261 MISC |
huawei -- harmony_os | A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions. | 2023-02-27 | not yet calculated | CVE-2022-48283 MISC |
huawei -- harmony_os | A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions. | 2023-02-27 | not yet calculated | CVE-2022-48284 MISC |
huawei -- simba-al00 | There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail. | 2023-02-27 | not yet calculated | CVE-2022-48305 MISC |
sophos_connect -- sophos_connect | A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90. | 2023-03-01 | not yet calculated | CVE-2022-48309 CONFIRM |
sophos_connect -- sophos_connect | An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90. | 2023-03-01 | not yet calculated | CVE-2022-48310 CONFIRM |
zoho -- manageengine_desktop_central | Zoho ManageEngine Desktop Central and Desktop Central MSP before 10.1.2137.2 allow directory traversal via computerName to AgentLogUploadServlet. A remote, authenticated attacker could upload arbitrary code that would be executed when Desktop Central is restarted. (The attacker could authenticate by exploiting CVE-2021-44515.) | 2023-02-25 | not yet calculated | CVE-2022-48362 MISC |
pipewire -- pipewire | In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer. | 2023-02-26 | not yet calculated | CVE-2022-48363 MISC MISC MISC MISC |
hitachi -- multiple_products_on_linux_platform | Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.1-00. | 2023-02-28 | not yet calculated | CVE-2022-4895 MISC |
sophos_connect -- sophos_connect | Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim. | 2023-03-01 | not yet calculated | CVE-2022-4901 CONFIRM |
sauter_controls -- multiple_productssauter_controls -- multiple_products | SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could obtain sensitive information such as user credentials to gain access to the system. | 2023-03-02 | not yet calculated | CVE-2023-0053 MISC |
wordpress -- wordpress | The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via text areas on forms in versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, which is the submissions page. | 2023-03-02 | not yet calculated | CVE-2023-0084 MISC MISC MISC |
wordpress -- wordpress | The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to reCaptcha Bypass in versions up to, and including, 3.2.1. This is due to insufficient server side checking on the captcha value submitted during a form submission. This makes it possible for unauthenticated attackers to bypass Captcha restrictions and for attackers to utilize bots to submit forms. | 2023-03-02 | not yet calculated | CVE-2023-0085 MISC MISC MISC |
nvidia -- cuda_toolkit | NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service. | 2023-03-02 | not yet calculated | CVE-2023-0196 MISC |
abb -- symphony_plus | Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2. | 2023-03-02 | not yet calculated | CVE-2023-0228 MISC |
forgerock -- access_management | Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1 | 2023-02-28 | not yet calculated | CVE-2023-0339 MISC MISC |
mitsubishi_electric_corporation -- melsec_iq-f | Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U(C) CPU modules all models all versions, FX5UJ CPU modules all models all versions, FX5S CPU modules all models all versions, FX5-ENET all versions and FX5-ENET/IP all versions allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server. | 2023-03-03 | not yet calculated | CVE-2023-0457 MISC MISC MISC |
youtube -- youtube | The YouTube Embedded 1.2 SDK binds to a service within the YouTube Main App. After binding, a remote context is created with the flags Context.CONTEXT_INCLUDE_CODE | Context.CONTEXT_IGNORE_SECURITY. This allows the client app to remotely load code from YouTube Main App by retrieving the Main App’s ClassLoader. A potential vulnerability in the binding logic used by the client SDK where the SDK ends up calling bindService() on a malicious app rather than YT Main App. This creates a vulnerability where the SDK can load the malicious app’s ClassLoader instead, allowing the malicious app to load arbitrary code into the calling app whenever the embedded SDK is invoked. In order to trigger this vulnerability, an attacker must masquerade the Youtube app and install it on a device, have a second app that uses the Embedded player and typically distribute both to the victim outside of the Play Store. | 2023-03-01 | not yet calculated | CVE-2023-0460 MISC |
linux -- kernel | There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c | 2023-02-28 | not yet calculated | CVE-2023-0461 MISC MISC |
grafana -- grafana | Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. | 2023-03-01 | not yet calculated | CVE-2023-0507 MISC |
forgerock -- access_management_java_policy_agent | Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.1 | 2023-02-28 | not yet calculated | CVE-2023-0511 MISC MISC |
php_group -- php | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. | 2023-03-01 | not yet calculated | CVE-2023-0567 MISC MISC |
asos_information_technologies -- sobiad | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ASOS Information Technologies SOBIAD allows Cross-Site Scripting (XSS).This issue affects SOBIAD: before 23.02.01. | 2023-03-03 | not yet calculated | CVE-2023-0577 MISC |
asos_information_technologies -- book_cities | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ASOS Information Technologies Book Cites allows Cross-Site Scripting (XSS).This issue affects Book Cites: before 23.01.05. | 2023-03-03 | not yet calculated | CVE-2023-0578 MISC |
grafana -- grafana | Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded. An attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. | 2023-03-01 | not yet calculated | CVE-2023-0594 MISC |
sonicwall -- sonicos | A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash. | 2023-03-02 | not yet calculated | CVE-2023-0656 CONFIRM |
sub-iot -- dash_7_alliance_protocol_stack_implementation | The Sub-IoT implementation of the DASH 7 Alliance protocol has a vulnerability that can lead to an out-of-bounds write prior to implementation version 0.5.0. If the protocol has been compiled using default settings, this will only grant the attacker access to allocated but unused memory. However, if it was configured using non-default settings, there is the possibility that exploiting this vulnerability could lead to system crashes and remote code execution. | 2023-03-01 | not yet calculated | CVE-2023-0847 MISC MISC |
devolutions -- devolutions_server | Improper access controls on some API endpoints in Devolutions Server 2022.3.12 and earlier could allow a standard privileged user to perform privileged actions. | 2023-03-01 | not yet calculated | CVE-2023-0951 MISC |
devolutions -- devolutions_server | Improper access controls on entries in Devolutions Server 2022.3.12 and earlier could allow an authenticated user to access sensitive data without proper authorization. | 2023-03-01 | not yet calculated | CVE-2023-0952 MISC |
devolutions -- devolutions_server | Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources. | 2023-03-01 | not yet calculated | CVE-2023-0953 MISC |
gitpod -- gitpod | An issue was discovered in Gitpod versions prior to release-2022.11.2.16. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to the Gitpod JSONRPC server using a victim’s credentials, because the Origin header is not restricted. This can lead to the extraction of data from workspaces, to a full takeover of the workspace. | 2023-03-03 | not yet calculated | CVE-2023-0957 MISC MISC MISC MISC MISC MISC MISC |
wordpress -- wordpress | The Watu Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dn’, 'email', 'points', and 'date' parameters in versions up to, and including, 3.3.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | 2023-03-03 | not yet calculated | CVE-2023-0968 MISC MISC |
trusted_computing_group -- tpm2.0 | An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. | 2023-02-28 | not yet calculated | CVE-2023-1017 MISC MISC MISC |
trusted_computing_group -- tpm2.0 | An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. | 2023-02-28 | not yet calculated | CVE-2023-1018 MISC MISC MISC |
wordpress -- wordpress | The WP Meta SEO plugin for WordPress is vulnerable to unauthorized options update due to a missing capability check on the wpmsGGSaveInformation function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to update google analytics options maintained by the plugin. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role. | 2023-02-28 | not yet calculated | CVE-2023-1022 MISC MISC MISC |
wordpress -- wordpress | The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to change sitemap-related settings of the plugin. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role. | 2023-02-28 | not yet calculated | CVE-2023-1023 MISC MISC MISC |
wordpress -- wordpress | The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the regenerateSitemaps function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to generate sitemaps. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role. | 2023-02-28 | not yet calculated | CVE-2023-1024 MISC MISC MISC |
wordpress -- wordpress | The WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the listPostsCategory function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to get post listings by category as long as those posts are published. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role. | 2023-02-28 | not yet calculated | CVE-2023-1026 MISC MISC MISC |
wordpress -- wordpress | The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitemap function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to obtain post categories. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role. | 2023-02-28 | not yet calculated | CVE-2023-1027 MISC MISC MISC |
wordpress -- wordpress | The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the setIgnore function. This makes it possible for unauthenticated attackers to update plugin options via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-02-28 | not yet calculated | CVE-2023-1028 MISC MISC MISC |
froxlor -- froxlor | Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11. | 2023-02-25 | not yet calculated | CVE-2023-1033 CONFIRM MISC |
salesagility -- suitecrm | Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9. | 2023-02-25 | not yet calculated | CVE-2023-1034 CONFIRM MISC |
amd -- ryzen_dram_calculator | A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221807. | 2023-02-26 | not yet calculated | CVE-2023-1048 MISC MISC MISC |
red_hat_directory_server -- red_hat_directory_server | A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality. | 2023-02-27 | not yet calculated | CVE-2023-1055 MISC |
uzay_baskul -- weighbridge_automation_software | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Uzay Baskul Weighbridge Automation Software allows SQL Injection.This issue affects Weighbridge Automation Software: before 1.1. | 2023-03-01 | not yet calculated | CVE-2023-1064 MISC |
snyk -- snyk_kubernetes_monitor | This vulnerability in the Snyk Kubernetes Monitor can result in irrelevant data being posted to a Snyk Organization, which could in turn obfuscate other, relevant, security issues. It does not expose the user of the integration to any direct security risk and no user data can be leaked. To exploit the vulnerability the attacker does not need to be authenticated to Snyk but does need to know the target's Integration ID (which may or may not be the same as the Organization ID, although this is an unpredictable UUID in either case). | 2023-02-28 | not yet calculated | CVE-2023-1065 MISC MISC MISC MISC |
teampass -- teampass | External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22. | 2023-02-27 | not yet calculated | CVE-2023-1070 CONFIRM MISC |
wordpress -- wordpress | The GN Publisher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | 2023-02-28 | not yet calculated | CVE-2023-1080 MISC MISC |
linux -- kernel | In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference. | 2023-02-28 | not yet calculated | CVE-2023-1095 MISC MISC |
baicells -- eg7035-m11 | Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code exploitation via HTTP GET command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods have been tested and validated by a 3rd party analyst and have been confirmed exploitable special thanks to Lionel Musonza for the discovery. | 2023-03-01 | not yet calculated | CVE-2023-1097 MISC MISC |
sourcecodester -- online_student_management_system | A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php?editid=1. The manipulation of the argument editideditid leads to sql injection. The attack may be launched remotely. VDB-222002 is the identifier assigned to this vulnerability. | 2023-02-28 | not yet calculated | CVE-2023-1099 MISC MISC |
sourcecodester -- online_catering_reservation_system | A vulnerability classified as critical has been found in SourceCodester Online Catering Reservation System 1.0. This affects an unknown part of the file /reservation/add_message.php of the component POST Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222003. | 2023-02-28 | not yet calculated | CVE-2023-1100 MISC MISC MISC |
sonicwall -- sonicos | SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes. | 2023-03-02 | not yet calculated | CVE-2023-1101 CONFIRM |
flatpress -- flatpress | Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. | 2023-03-01 | not yet calculated | CVE-2023-1103 MISC CONFIRM |
flatpress -- flatpress | Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. | 2023-03-01 | not yet calculated | CVE-2023-1104 CONFIRM MISC |
flatpress -- flatpress | External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3. | 2023-03-01 | not yet calculated | CVE-2023-1105 CONFIRM MISC |
wordpress -- wordpress | A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1. It has been classified as critical. Affected is an unknown function of the file admin-ajax.php. The manipulation of the argument upload_name leads to relative path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222072. | 2023-03-01 | not yet calculated | CVE-2023-1112 MISC MISC MISC |
sourcecodester -- simple_payroll_system | A vulnerability was found in SourceCodester Simple Payroll System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=admin of the component POST Parameter Handler. The manipulation of the argument fullname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222073 was assigned to this vulnerability. | 2023-03-01 | not yet calculated | CVE-2023-1113 MISC MISC MISC |
e-belediye -- e-belediye | Improper Input Validation, Missing Authorization vulnerability in Eskom Bilgisayar e-Belediye allows Information Elicitation.This issue affects e-Belediye: from 1.0.0.95 before 1.0.0.100. | 2023-03-01 | not yet calculated | CVE-2023-1114 MISC |
linux -- kernel | A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | 2023-03-02 | not yet calculated | CVE-2023-1118 MISC |
vim -- vim | Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. | 2023-03-01 | not yet calculated | CVE-2023-1127 MISC CONFIRM FEDORA |
sourcecodester -- computer_parts_sales_and_inventory_system | A vulnerability, which was classified as critical, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. This affects an unknown part of the file processlogin. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222105 was assigned to this vulnerability. | 2023-03-01 | not yet calculated | CVE-2023-1130 MISC MISC MISC |
sourcecodester -- computer_parts_sales_and_inventory_system | A vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. This vulnerability affects unknown code of the file customer.php. The manipulation of the argument FIRST_NAME/LAST_NAME/PHONE_NUMBER leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222106 is the identifier assigned to this vulnerability. | 2023-03-01 | not yet calculated | CVE-2023-1131 MISC MISC MISC |
btcpayserver -- btcpayserver | Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0. | 2023-03-02 | not yet calculated | CVE-2023-1149 MISC CONFIRM |
sourcecodester -- electronic_medical_records_system | A vulnerability was found in SourceCodester Electronic Medical Records System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file administrator.php of the component Cookie Handler. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222163. | 2023-03-02 | not yet calculated | CVE-2023-1151 MISC MISC MISC |
wordpress -- wordpress | The Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the nd_cc_meta_box_cc_price_icon parameter in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-03-02 | not yet calculated | CVE-2023-1155 MISC MISC |
sourcecodester -- health_center_patient_record_management_system | A vulnerability classified as problematic was found in SourceCodester Health Center Patient Record Management System 1.0. This vulnerability affects unknown code of the file admin/fecalysis_form.php. The manipulation of the argument itr_no leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222220. | 2023-03-02 | not yet calculated | CVE-2023-1156 MISC MISC MISC |
elf_parser -- elf_parser | A vulnerability, which was classified as problematic, was found in finixbit elf-parser. Affected is the function elf_parser::Elf_parser::get_segments of the file elf_parser.cpp. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. VDB-222222 is the identifier assigned to this vulnerability. | 2023-03-02 | not yet calculated | CVE-2023-1157 MISC MISC MISC |
cockpit-hq -- cockpit-hq | Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0. | 2023-03-03 | not yet calculated | CVE-2023-1160 CONFIRM MISC |
draytek -- vigor_2960 | A vulnerability, which was classified as critical, was found in DrayTek Vigor 2960 1.5.1.4. Affected is the function sub_1225C of the file mainfunction.cgi. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222258 is the identifier assigned to this vulnerability. | 2023-03-03 | not yet calculated | CVE-2023-1162 MISC MISC MISC |
draytek -- vigor_2960 | A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4 and classified as problematic. Affected by this vulnerability is the function sub_1DA58 of the file mainfunction.cgi. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222259. | 2023-03-03 | not yet calculated | CVE-2023-1163 MISC MISC MISC |
kylinsoft -- kylin_os | A vulnerability was found in KylinSoft kylin-activation and classified as critical. Affected by this issue is some unknown functionality of the component File Import. The manipulation leads to improper authorization. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.11-23 and 1.30.10-5.p23 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222260. | 2023-03-03 | not yet calculated | CVE-2023-1164 MISC MISC MISC |
crmeb -- crmeb | A vulnerability was found in Zhong Bang CRMEB Java 1.3.4. It has been classified as critical. This affects an unknown part of the file /api/admin/system/store/order/list. The manipulation of the argument keywords leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-222261 was assigned to this vulnerability. | 2023-03-03 | not yet calculated | CVE-2023-1165 MISC MISC MISC |
vim -- vim | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. | 2023-03-03 | not yet calculated | CVE-2023-1170 MISC CONFIRM |
vim -- vim | Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. | 2023-03-04 | not yet calculated | CVE-2023-1175 MISC CONFIRM |
cisco -- secure_email_gateway/secure_email_and_web_manager | A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]]. The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device. | 2023-03-01 | not yet calculated | CVE-2023-20009 MISC |
cisco -- nexus_dashboard | A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vulnerability by sending a continuous stream of DNS requests to an affected device. A successful exploit could allow the attacker to cause the coredns service to stop working or cause the device to reload, resulting in a DoS condition. | 2023-03-01 | not yet calculated | CVE-2023-20014 MISC |
clamav -- clamav | On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition. For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"]. | 2023-03-01 | not yet calculated | CVE-2023-20032 MISC |
clamav -- clamav | On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process. | 2023-03-01 | not yet calculated | CVE-2023-20052 MISC |
cisco -- nexus_dashboard | A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | 2023-03-01 | not yet calculated | CVE-2023-20053 MISC |
cisco -- unified_intelligence_center | Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address these vulnerabilities. | 2023-03-03 | not yet calculated | CVE-2023-20061 CISCO |
cisco -- unified_intelligence_center | Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address these vulnerabilities. | 2023-03-03 | not yet calculated | CVE-2023-20062 CISCO |
cisco -- multiple_products | A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need to have valid credentials to access the web-based management interface of the affected device. | 2023-03-03 | not yet calculated | CVE-2023-20069 CISCO |
cisco -- secure_email_gateway | Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials. | 2023-03-01 | not yet calculated | CVE-2023-20075 MISC |
cisco -- ip_phones | Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-03-03 | not yet calculated | CVE-2023-20078 CISCO |
cisco -- ip_phones | Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-03-03 | not yet calculated | CVE-2023-20079 CISCO |
cisco -- identity_services_engine | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script in the context of the affected interface or access sensitive, browser-based information. | 2023-03-01 | not yet calculated | CVE-2023-20085 MISC |
cisco -- finesse | A vulnerability in the nginx configurations that are provided as part of the VPN-less reverse proxy for Cisco Finesse could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for new and existing users who are connected through a load balancer. This vulnerability is due to improper IP address filtering by the reverse proxy. An attacker could exploit this vulnerability by sending a series of unauthenticated requests to the reverse proxy. A successful exploit could allow the attacker to cause all current traffic and subsequent requests to the reverse proxy through a load balancer to be dropped, resulting in a DoS condition. | 2023-03-03 | not yet calculated | CVE-2023-20088 CISCO |
cisco -- webex_app_for_web | A vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending an arbitrary file to a user and persuading that user to browse to a specific URL. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | 2023-03-03 | not yet calculated | CVE-2023-20104 CISCO |
vmware -- workspace_one | VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with access to a users rooted device, may be able to bypass the VMware Workspace ONE Content passcode. | 2023-02-28 | not yet calculated | CVE-2023-20857 MISC MISC |
google -- android | In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-248251018 | 2023-02-28 | not yet calculated | CVE-2023-20932 MISC |
google -- android | In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-245860753 | 2023-02-28 | not yet calculated | CVE-2023-20933 MISC |
google -- android | In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-258672042 | 2023-02-28 | not yet calculated | CVE-2023-20934 MISC |
linux -- kernel | In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257443051References: Upstream kernel | 2023-02-28 | not yet calculated | CVE-2023-20937 MISC |
google -- android | In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel | 2023-02-28 | not yet calculated | CVE-2023-20938 MISC |
google -- android | In multiple functions of looper_backed_event_loop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-243362981 | 2023-02-28 | not yet calculated | CVE-2023-20939 MISC |
google -- android | In the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-256237041 | 2023-02-28 | not yet calculated | CVE-2023-20940 MISC |
google -- android | In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240267890 | 2023-02-28 | not yet calculated | CVE-2023-20943 MISC |
google -- android | In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-244154558 | 2023-02-28 | not yet calculated | CVE-2023-20944 MISC |
google -- android | In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-246932269 | 2023-02-28 | not yet calculated | CVE-2023-20945 MISC |
google -- android | In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-244423101 | 2023-02-28 | not yet calculated | CVE-2023-20946 MISC |
google -- android | In dropFramesUntilIframe of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-230630526 | 2023-02-28 | not yet calculated | CVE-2023-20948 MISC |
github -- enterprise_server | A code injection vulnerability was identified in GitHub Enterprise Server that allowed setting arbitrary environment variables from a single environment variable value in GitHub Actions when using a Windows based runner. To exploit this vulnerability, an attacker would need existing permission to control the value of environment variables for use with GitHub Actions. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.8.0 and was fixed in versions 3.4.15, 3.5.12, 3.6.8, 3.7.5. This vulnerability was reported via the GitHub Bug Bounty program. | 2023-03-02 | not yet calculated | CVE-2023-22381 MISC MISC MISC MISC MISC |
grafana -- grafana | Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on "Markdown" or "HTML" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4. | 2023-03-02 | not yet calculated | CVE-2023-22462 MISC MISC MISC |
fortiguard -- fortiweb | An unauthorized configuration download vulnerability in FortiWeb 6.3.6 through 6.3.21, 6.4.0 through 6.4.2 and 7.0.0 through 7.0.4 may allow a local attacker to access confidential configuration files via a crafted http request. | 2023-02-27 | not yet calculated | CVE-2023-22636 MISC |
vantage6 -- vantage6 | vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Assigning existing users to a different organizations is currently possible. It may lead to unintended access: if a user from organization A is accidentally assigned to organization B, they will retain their permissions and therefore might be able to access stuff they should not be allowed to access. This issue is patched in version 3.8.0. | 2023-03-01 | not yet calculated | CVE-2023-22738 MISC MISC |
aruba_networks -- arubaos | There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22747 MISC |
aruba_networks -- arubaos | There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22748 MISC |
aruba_networks -- arubaos | There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22749 MISC |
aruba_networks -- arubaos | There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22750 MISC |
aruba_networks -- arubaos | There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22751 MISC |
aruba_networks -- arubaos | There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22752 MISC |
aruba_networks -- arubaos | There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22753 MISC |
aruba_networks -- arubaos | There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22754 MISC |
aruba_networks -- arubaos | There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22755 MISC |
aruba_networks -- arubaos | There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22756 MISC |
aruba_networks -- arubaos | There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22757 MISC |
aruba_networks -- arubaos | Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS. | 2023-03-01 | not yet calculated | CVE-2023-22758 MISC |
aruba_networks -- arubaos | Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS. | 2023-03-01 | not yet calculated | CVE-2023-22759 MISC |
aruba_networks -- arubaos | Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS. | 2023-03-01 | not yet calculated | CVE-2023-22760 MISC |
aruba_networks -- arubaos | Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS. | 2023-03-01 | not yet calculated | CVE-2023-22761 MISC |
aruba_networks -- arubaos | An authenticated path traversal vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22772 MISC |
aruba_networks -- arubaos | A vulnerability exists which allows an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level. | 2023-03-01 | not yet calculated | CVE-2023-22775 MISC |
aruba_networks -- arubaos | An authenticated information disclosure vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system. | 2023-03-01 | not yet calculated | CVE-2023-22777 MISC |
aruba_networks -- arubaos | A vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. | 2023-03-01 | not yet calculated | CVE-2023-22778 MISC |
ibm -- cloud_pak_for_business_automation | IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244100. | 2023-02-27 | not yet calculated | CVE-2023-22860 MISC MISC |
linux -- kernel | In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls. | 2023-02-28 | not yet calculated | CVE-2023-22995 MISC MISC |
linux -- kernel | In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device. | 2023-02-28 | not yet calculated | CVE-2023-22996 MISC MISC |
linux -- kernel | In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 2023-02-28 | not yet calculated | CVE-2023-22997 MISC MISC |
linux -- kernel | In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 2023-02-28 | not yet calculated | CVE-2023-22999 MISC MISC |
linux -- kernel | In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used. | 2023-03-01 | not yet calculated | CVE-2023-23000 MISC MISC |
linux -- kernel | In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 2023-03-01 | not yet calculated | CVE-2023-23001 MISC MISC |
linux -- kernel | In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 2023-03-01 | not yet calculated | CVE-2023-23002 MISC MISC |
linux -- kernel | In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value. | 2023-03-01 | not yet calculated | CVE-2023-23003 MISC MISC |
linux -- kernel | In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 2023-03-01 | not yet calculated | CVE-2023-23004 MISC MISC |
linux -- kernel | In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 2023-03-01 | not yet calculated | CVE-2023-23006 MISC MISC |
tenda -- multiple_products | Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS<=V2209020914 and Tenda IT7-PRS Tenda IT7-PRS<=V2209020908. | 2023-02-27 | not yet calculated | CVE-2023-23080 MISC |
crasm -- crasm | In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a NULL pointer dereference in the function Xasc. | 2023-02-27 | not yet calculated | CVE-2023-23108 MISC MISC |
crasm -- crasm | In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a divide by zero fault in the function opdiv. | 2023-02-27 | not yet calculated | CVE-2023-23109 MISC MISC |
art_gallery_ms -- art_gallery_ms | Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login. | 2023-02-27 | not yet calculated | CVE-2023-23155 MISC MISC MISC |
art_gallery_ms -- art_gallery_ms | Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page. | 2023-02-27 | not yet calculated | CVE-2023-23156 MISC MISC MISC |
art_gallery_ms -- art_gallery_ms | A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullname parameter on the enquiry page. | 2023-02-27 | not yet calculated | CVE-2023-23157 MISC MISC MISC |
art_gallery_ms -- art_gallery_ms | A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter on the enquiry page. | 2023-02-27 | not yet calculated | CVE-2023-23158 MISC MISC MISC |
draytek -- multiple_products | Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2. | 2023-03-03 | not yet calculated | CVE-2023-23313 MISC MISC |
prestashop -- prestashop | The PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. The method `stripejsValidationModuleFrontController::initContent()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. | 2023-03-01 | not yet calculated | CVE-2023-23315 MISC |
apple -- multiple_products | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password. | 2023-02-27 | not yet calculated | CVE-2023-23493 MISC MISC |
apple -- multiple_products | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. | 2023-02-27 | not yet calculated | CVE-2023-23496 MISC MISC MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. An app may be able to gain root privileges. | 2023-02-27 | not yet calculated | CVE-2023-23497 MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account. | 2023-02-27 | not yet calculated | CVE-2023-23498 MISC MISC MISC |
apple -- multiple_products | This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access user-sensitive data. | 2023-02-27 | not yet calculated | CVE-2023-23499 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to leak sensitive kernel state. | 2023-02-27 | not yet calculated | CVE-2023-23500 MISC MISC MISC MISC MISC |
apple -- multiple_products | The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory.. | 2023-02-27 | not yet calculated | CVE-2023-23501 MISC |
apple -- multiple_products | An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to determine kernel memory layout. | 2023-02-27 | not yet calculated | CVE-2023-23502 MISC MISC MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences. | 2023-02-27 | not yet calculated | CVE-2023-23503 MISC MISC MISC MISC MISC |
apple -- multiple_products | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code with kernel privileges. | 2023-02-27 | not yet calculated | CVE-2023-23504 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access information about a user’s contacts. | 2023-02-27 | not yet calculated | CVE-2023-23505 MISC MISC MISC MISC MISC MISC |
apple -- macos | A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data. | 2023-02-27 | not yet calculated | CVE-2023-23506 MISC |
apple -- macos | A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user’s Safari history. | 2023-02-27 | not yet calculated | CVE-2023-23510 MISC |
apple -- multiple_products | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution. | 2023-02-27 | not yet calculated | CVE-2023-23513 MISC MISC MISC |
apple -- multiple_products | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges.. | 2023-02-27 | not yet calculated | CVE-2023-23514 MISC MISC |
apple -- multiple_products | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution. | 2023-02-27 | not yet calculated | CVE-2023-23517 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution. | 2023-02-27 | not yet calculated | CVE-2023-23518 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing an image may lead to a denial-of-service. | 2023-02-27 | not yet calculated | CVE-2023-23519 MISC MISC MISC MISC |
apple -- multiple_products | A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as root. | 2023-02-27 | not yet calculated | CVE-2023-23520 MISC MISC |
apple -- macos | A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data.. | 2023-02-27 | not yet calculated | CVE-2023-23522 MISC |
apple -- multiple_products | A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, tvOS 16.3.2, watchOS 9.3.1. Processing a maliciously crafted certificate may lead to a denial-of-service. | 2023-02-27 | not yet calculated | CVE-2023-23524 MISC MISC MISC MISC |
apple -- multiple_products | A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. | 2023-02-27 | not yet calculated | CVE-2023-23529 MISC MISC MISC |
apple -- multiple_products | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | 2023-02-27 | not yet calculated | CVE-2023-23530 MISC MISC |
apple -- multiple_products | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | 2023-02-27 | not yet calculated | CVE-2023-23531 MISC MISC |
dell -- powerscale | Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service. | 2023-02-28 | not yet calculated | CVE-2023-23689 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For WooCommerce plugin <= 1.4.10 leads to settings change. | 2023-02-28 | not yet calculated | CVE-2023-23865 MISC |
craft_cms – craft_cms | Craft is a platform for creating digital experiences. When you insert a payload inside a label name or instruction of an entry type, an cross-site scripting (XSS) happens in the quick post widget on the admin dashboard. This issue has been fixed in version 4.3.7. | 2023-03-03 | not yet calculated | CVE-2023-23927 MISC MISC MISC |
vantage6 – vantage6 | vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Currently, the refresh token is valid indefinitely. The refresh token should get a validity of 24-48 hours. A fix was released in version 3.8.0. | 2023-03-04 | not yet calculated | CVE-2023-23929 MISC MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0. | 2023-03-01 | not yet calculated | CVE-2023-23973 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update). | 2023-03-01 | not yet calculated | CVE-2023-23974 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 can lead to theme deletion. | 2023-02-28 | not yet calculated | CVE-2023-23983 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion. | 2023-03-01 | not yet calculated | CVE-2023-23984 MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete. | 2023-02-28 | not yet calculated | CVE-2023-23992 MISC |
dataiku -- dataiku_dss | In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request. | 2023-03-01 | not yet calculated | CVE-2023-24045 MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth_5g parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24117 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24118 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24119 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn_5g parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24120 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24121 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid_5g parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24122 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24123 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24124 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2_5g parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24125 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4_5g parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24126 MISC MISC MISC |
jensen -- eagle_1200ac | Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1 parameter at /goform/WifiBasicSet. | 2023-03-01 | not yet calculated | CVE-2023-24127 MISC MISC MISC |
davinci -- davinci | Davinci v0.3.0-rc was discovered to contain a SQL injection vulnerability via the copyDisplay function. | 2023-02-27 | not yet calculated | CVE-2023-24206 MISC |
laravel -- admin | An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file. | 2023-02-27 | not yet calculated | CVE-2023-24249 MISC MISC MISC |
domotica_labs – ikon_server | Domotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability. | 2023-02-27 | not yet calculated | CVE-2023-24253 MISC |
spip -- spip | SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request. | 2023-02-27 | not yet calculated | CVE-2023-24258 MISC MISC |
wordpress -- wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Form Builder Team Formidable Forms plugin <= 5.5.6 versions. | 2023-02-28 | not yet calculated | CVE-2023-24419 MISC |
dell -- networker | Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. | 2023-03-01 | not yet calculated | CVE-2023-24567 MISC |
judging_management_system -- judging_management_system | Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateview.php. | 2023-03-03 | not yet calculated | CVE-2023-24641 MISC |
judging_management_system -- judging_management_system | Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateTxtview.php. | 2023-03-03 | not yet calculated | CVE-2023-24642 MISC |
judging_management_system -- judging_management_system | Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateBlankTxtview.php. | 2023-03-03 | not yet calculated | CVE-2023-24643 MISC |
libde265 -- libde265 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | 2023-03-01 | not yet calculated | CVE-2023-24751 MISC MLIST |
libde265 -- libde265 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | 2023-03-01 | not yet calculated | CVE-2023-24752 MISC MLIST |
libde265 -- libde265 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | 2023-03-01 | not yet calculated | CVE-2023-24754 MISC MLIST |
libde265 -- libde265 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | 2023-03-01 | not yet calculated | CVE-2023-24755 MISC MLIST |
libde265 -- libde265 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | 2023-03-01 | not yet calculated | CVE-2023-24756 MISC MLIST |
libde265 -- libde265 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | 2023-03-01 | not yet calculated | CVE-2023-24757 MISC MLIST |
libde265 -- libde265 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | 2023-03-01 | not yet calculated | CVE-2023-24758 MISC MLIST |
redis -- redis | Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9. | 2023-03-02 | not yet calculated | CVE-2023-25155 MISC MISC MISC MISC MISC |
libde265 -- libde265 | Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc. | 2023-03-01 | not yet calculated | CVE-2023-25221 MISC MLIST |
libredwg -- gnu | A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c. | 2023-03-01 | not yet calculated | CVE-2023-25222 MISC |
docmosis -- tornado | An issue was discovered in Docmosis Tornado prior to version 2.9.5. An unauthenticated attacker can bypass the authentication check filter completely by introducing a specially crafted request with relative path segments. | 2023-02-28 | not yet calculated | CVE-2023-25264 MISC MISC |
docmosis -- tornado | Docmosis Tornado <= 2.9.4 is vulnerable to Directory Traversal leading to the disclosure of arbitrary content on the file system. | 2023-02-28 | not yet calculated | CVE-2023-25265 MISC MISC |
docmosis -- tornado | An issue was discovered in Docmosis Tornado prior to version 2.9.5. An authenticated attacker can change the Office directory setting pointing to an arbitrary remote network path. This triggers the execution of the soffice binary under the attackers control leading to arbitrary remote code execution (RCE). | 2023-02-28 | not yet calculated | CVE-2023-25266 MISC MISC |
webkitgtk -- webkitgtk | A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | 2023-03-02 | not yet calculated | CVE-2023-25358 MISC |
webkitgtk -- webkitgtk | A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | 2023-03-02 | not yet calculated | CVE-2023-25360 MISC |
webkitgtk -- webkitgtk | A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | 2023-03-02 | not yet calculated | CVE-2023-25361 MISC |
webkitgtk -- webkitgtk | A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | 2023-03-02 | not yet calculated | CVE-2023-25362 MISC |
webkitgtk -- webkitgtk | A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | 2023-03-02 | not yet calculated | CVE-2023-25363 MISC |
yf_exam -- yf_exam | CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload. | 2023-03-03 | not yet calculated | CVE-2023-25402 MISC MISC |
yf_exam -- yf_exam | CleverStupidDog yf-exam v 1.8.0 is vulnerable to Authentication Bypass. The program uses a fixed JWT key, and the stored key uses username format characters. Any user who logged in within 24 hours. A token can be forged with his username to bypass authentication. | 2023-03-03 | not yet calculated | CVE-2023-25403 MISC MISC |
online_reviewer_management_system -- online_reviewer_management_system | An issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer_0/admins/assessments/course/course-update.php. | 2023-02-28 | not yet calculated | CVE-2023-25431 MISC |
online_reviewer_management_system -- online_reviewer_management_system | An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer_0/admins/assessments/course/course-update.php. | 2023-02-28 | not yet calculated | CVE-2023-25432 MISC |
dell -- powerscale_onefs | Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover. | 2023-03-02 | not yet calculated | CVE-2023-25536 MISC |
dell -- powerscale_onefs | Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service. | 2023-02-28 | not yet calculated | CVE-2023-25540 MISC |
dell -- networker | Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. | 2023-03-01 | not yet calculated | CVE-2023-25544 MISC |
api_platform -- api_platform | API Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the `security` option of the `ApiPlatform\Metadata\ApiProperty` attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON, which is enabled by default when installing API Platform. Custom serialization formats may also be impacted. Only collection endpoints are affected by the issue, item endpoints are not. The JSON-LD format is not affected by the issue. The result of the security rule is only executed for the first item of the collection. The result of the rule is then cached and reused for the next items. This bug can leak data to unauthorized users when the rule depends on the value of a property of the item. This bug can also hide properties that should be displayed to authorized users. This issue impacts the 2.7, 3.0 and 3.1 branches. Please upgrade to versions 2.7.10, 3.0.12 or 3.1.3. As a workaround, replace the `cache_key` of the context array of the Serializer inside a custom normalizer that works on objects if the security option of the `ApiPlatform\Metadata\ApiProperty` attribute is used. | 2023-02-28 | not yet calculated | CVE-2023-25575 MISC MISC |
opensearch_project -- opensearch_project | OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the internal basic identity provider (IdP), and not other externally configured IdPs. Patches were released in versions 1.3.9 and 2.6.0, there are no workarounds. | 2023-03-02 | not yet calculated | CVE-2023-25806 MISC |
dataease -- dataease | DataEase is an open source data visualization and analysis tool. When saving a dashboard on the DataEase platform saved data can be modified and store malicious code. This vulnerability can lead to the execution of malicious code stored by the attacker on the server side when the user accesses the dashboard. The vulnerability has been fixed in version 1.18.3. | 2023-02-28 | not yet calculated | CVE-2023-25807 MISC MISC |
nextcloud -- nextcoud | Nextcloud is an Open Source private cloud software. Versions 25.0.0 and above, prior to 25.0.3, are subject to Uncontrolled Resource Consumption. A user can configure a very long password, consuming more resources on password validation than desired. This issue is patched in 25.0.3 No workaround is available. | 2023-02-25 | not yet calculated | CVE-2023-25816 MISC MISC MISC |
discourse -- discourse | Discourse is an open source platform for community discussion. Tags that are normally private are showing in metadata. This affects any site running the `tests-passed` or `beta` branches >= 3.1.0.beta2. The issue is patched in the latest `beta` and `tests-passed` version of Discourse. | 2023-03-04 | not yet calculated | CVE-2023-25819 MISC MISC |
nextcloud -- nextcoud | Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, prior to 24.0.7, and 25.0.0 and above, prior to 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in versions 24.0.7 and 25.0.1. No workaround is available. | 2023-02-25 | not yet calculated | CVE-2023-25821 MISC MISC MISC |
zoneminder -- zoneminder | ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This is unescaped when viewing the logs in the web ui. This issue is patched in version 1.36.33. | 2023-02-25 | not yet calculated | CVE-2023-25825 MISC MISC MISC MISC |
medtronic -- micro_clinician_interstim_app | Medtronic identified that the Pelvic Health clinician apps, which are installed on the Smart Programmer mobile device, have a password vulnerability that requires a security update to fix. Not updating could potentially result in unauthorized control of the clinician therapy application, which has greater control over therapy parameters than the patient app. Changes still cannot be made outside of the established therapy parameters of the programmer. For unauthorized access to occur, an individual would need physical access to the Smart Programmer. | 2023-03-01 | not yet calculated | CVE-2023-25931 MISC |
zoneminder -- zoneminder | ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain SQL Injection via malicious jason web token. The Username field of the JWT token was trusted when performing an SQL query to load the user. If an attacker could determine the HASH key used by ZoneMinder, they could generate a malicious JWT token and use it to execute arbitrary SQL. This issue is fixed in versions 1.36.33 and 1.37.33. | 2023-02-25 | not yet calculated | CVE-2023-26032 MISC |
gentoo -- gentoo | Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects (in user preferences) the "Recently Visited Packages" view for the index page, the value of the `search_history` cookie is used as a base64 encoded comma separated list of atoms. These are string loaded directly into the SQL query with `atom = '%s'` format string. As a result, any user can modify the browser's cookie value and inject most SQL queries. A proof of concept malformed cookie was generated that wiped the database or changed it's content. On the database, only public data is stored, so there is no confidentiality issues to site users. If it is known that the database was modified, a full restoration of data is possible by performing a full database wipe and performing full update of all components. This issue is patched with commit id 5ae9ca83b73. Version 1.0.1 contains the patch. If users are unable to upgrade immediately, the following workarounds may be applied: (1.) Use a proxy to always drop the `search_history` cookie until upgraded. The impact on user experience is low. (2.) Sanitize to the value of `search_history` cookie after base64 decoding it. | 2023-02-25 | not yet calculated | CVE-2023-26033 MISC MISC |
zoneminder -- zoneminder | ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are affected by a SQL Injection vulnerability. The (blind) SQL Injection vulnerability is present within the `filter[Query][terms][0][attr]` query string parameter of the `/zm/index.php` endpoint. A user with the View or Edit permissions of Events may execute arbitrary SQL. The resulting impact can include unauthorized data access (and modification), authentication and/or authorization bypass, and remote code execution. | 2023-02-25 | not yet calculated | CVE-2023-26034 MISC |
zoneminder -- zoneminder | ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33. | 2023-02-25 | not yet calculated | CVE-2023-26035 MISC |
zoneminder -- zoneminder | ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion (Untrusted Search Path) vulnerability via /web/index.php. By controlling $view, any local file ending in .php can be executed. This is supposed to be mitigated by calling detaintPath, however dentaintPath does not properly sandbox the path. This can be exploited by constructing paths like "..././", which get replaced by "../". This issue is patched in versions 1.36.33 and 1.37.33. | 2023-02-25 | not yet calculated | CVE-2023-26036 MISC |
zoneminder -- zoneminder | ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an SQL Injection. The minTime and maxTime request parameters are not properly validated and could be used execute arbitrary SQL. This issue is fixed in versions 1.36.33 and 1.37.33. | 2023-02-25 | not yet calculated | CVE-2023-26037 MISC |
zoneminder -- zoneminder | ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion (Untrusted Search Path) vulnerability via web/ajax/modal.php, where an arbitrary php file path can be passed in the request and loaded. This issue is patched in versions 1.36.33 and 1.37.33. | 2023-02-25 | not yet calculated | CVE-2023-26038 MISC |
zoneminder -- zoneminder | ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an OS Command Injection via daemonControl() in (/web/api/app/Controller/HostController.php). Any authenticated user can construct an api command to execute any shell command as the web user. This issue is patched in versions 1.36.33 and 1.37.33. | 2023-02-25 | not yet calculated | CVE-2023-26039 MISC |
nextcloud -- talk | Nextcloud Talk is a fully on-premises audio/video and chat communication service. When cron jobs were misconfigured and therefore messages are not expired, the API would still return them while they were then hidden by the frontend code. It is recommended that the Nextcloud Talk is upgraded to 15.0.3. There are no workaround available. | 2023-02-27 | not yet calculated | CVE-2023-26041 MISC MISC MISC |
part-db -- part-db | Part-DB is an open source inventory management system for your electronic components. User input was found not being properly escaped, which allowed malicious users to inject arbitrary HTML into the pages. The Content-Security-Policy forbids inline and external scripts so it is not possible to execute JavaScript code, unless in combination with other vulnerabilities. There are no workarounds, please upgrade to Pat-DB 1.0.2 or later. | 2023-02-27 | not yet calculated | CVE-2023-26042 MISC MISC MISC MISC |
geonode -- geonode | GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. GeoNode is vulnerable to an XML External Entity (XXE) injection in the style upload functionality of GeoServer leading to Arbitrary File Read. This issue has been patched in version 4.0.3. | 2023-02-27 | not yet calculated | CVE-2023-26043 MISC MISC |
teler-waf -- teler-waf | teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version 0.1.1 is vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute arbitrary JavaScript code on the victim's browser and compromise the security of the web application. The vulnerability exists due to teler-waf failure to properly sanitize and filter HTML entities in user input. An attacker can exploit this vulnerability to bypass common web attack threat rules in teler-waf and launch cross-site scripting (XSS) attacks. The attacker can execute arbitrary JavaScript code on the victim's browser and steal sensitive information, such as login credentials and session tokens, or take control of the victim's browser and perform malicious actions. This issue has been fixed in version 0.1.1. | 2023-03-02 | not yet calculated | CVE-2023-26046 MISC MISC MISC |
teler-waf -- teler-waf | teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version v0.2.0 is vulnerable to a bypass attack when a specific case-sensitive hex entities payload with special characters such as CR/LF and horizontal tab is used. This vulnerability allows an attacker to execute arbitrary JavaScript code on the victim's browser and compromise the security of the web application. An attacker can exploit this vulnerability to bypass common web attack threat rules in teler-waf and launch cross-site scripting (XSS) attacks. The attacker can execute arbitrary JavaScript code on the victim's browser and steal sensitive information, such as login credentials and session tokens, or take control of the victim's browser and perform malicious actions. This issue has been patched in version 0.2.0. | 2023-03-03 | not yet calculated | CVE-2023-26047 MISC MISC MISC |
saleor -- saleor | Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests. | 2023-03-02 | not yet calculated | CVE-2023-26051 MISC MISC MISC MISC MISC MISC MISC MISC |
saleor -- saleor | Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests. This issue has been patched in versions 3.1.48, 3.7.59, 3.8.0, 3.9.27, 3.10.14 and 3.11.12. | 2023-03-02 | not yet calculated | CVE-2023-26052 MISC MISC MISC MISC MISC MISC MISC |
gradle -- gradle | Gradle is a build tool with a focus on build automation and support for multi-language development. This is a collision attack on long IDs (64bits) for PGP keys. Users of dependency verification in Gradle are vulnerable if they use long IDs for PGP keys in a `trusted-key` or `pgp` element in their dependency verification metadata file. The fix is to fail dependency verification if anything but a fingerprint is used in a trust element in dependency verification metadata. The problem is fixed in Gradle 8.0 and above. The problem is also patched in Gradle 6.9.4 and 7.6.1. As a workaround, use only full fingerprint IDs for `trusted-key` or `pgp` element in the metadata is a protection against this issue. | 2023-03-02 | not yet calculated | CVE-2023-26053 MISC MISC |
xwiki -- commons | XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability can also be exploited in all other places where short text properties are displayed, e.g., in apps created using Apps Within Minutes that use a short text field. The problem has been patched on versions 13.10.9, 14.4.4, 14.7RC1. | 2023-03-02 | not yet calculated | CVE-2023-26055 MISC MISC MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known workarounds for this issue. | 2023-03-02 | not yet calculated | CVE-2023-26056 MISC MISC MISC MISC MISC |
typo3 -- frp_form_answers | The frp_form_answers (aka Forms Export) extension before 3.1.2, and 4.x before 4.0.2, for TYPO3 allows XSS via saved emails. | 2023-02-26 | not yet calculated | CVE-2023-26091 CONFIRM MISC |
deno -- deno | Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s*,s*/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be used to significantly slow down a web socket server. | 2023-02-25 | not yet calculated | CVE-2023-26103 MISC MISC MISC MISC MISC |
lite-web-server -- lite-web-server | All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse. | 2023-02-25 | not yet calculated | CVE-2023-26104 MISC MISC MISC |
utilities -- utilities | All versions of the package utilities are vulnerable to Prototype Pollution via the _mix function. | 2023-02-28 | not yet calculated | CVE-2023-26105 MISC MISC |
barracuda -- cloudgen_wan | On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain :password and a password field can contain shell metacharacters. | 2023-03-03 | not yet calculated | CVE-2023-26213 FULLDISC MISC CONFIRM MISC |
jira -- stagil_navigation_for_jira-menu_and_themes | An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjCustomDesignConfig endpoint, it is possible to traverse and read the file system. | 2023-02-28 | not yet calculated | CVE-2023-26255 MISC MISC |
jira -- stagil_navigation_for_jira-menu_and_themes | An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjFooterNavigationConfig endpoint, it is possible to traverse and read the file system. | 2023-02-28 | not yet calculated | CVE-2023-26256 MISC MISC |
covesa -- dlt-daemon | An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c. | 2023-02-27 | not yet calculated | CVE-2023-26257 MISC MISC |
ibm -- http_server | IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296. | 2023-03-01 | not yet calculated | CVE-2023-26281 MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make the farm unusable by adding an object to a page with a huge number (e.g. 67108863). Most of the time this will fill the memory allocated to XWiki and make it unusable every time this document is manipulated. This issue has been patched in XWiki 14.0-rc-1. | 2023-03-02 | not yet calculated | CVE-2023-26470 MISC MISC MISC MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 11.6-rc-1, comments are supposed to be executed with the right of superadmin but in restricted mode (anything dangerous is disabled), but the async macro does not take into account the restricted mode. This means that any user with comment right can use the async macro to make it execute any wiki content with the right of superadmin. This has been patched in XWiki 14.9, 14.4.6, and 13.10.10. The only known workaround consists of applying a patch and rebuilding and redeploying `org.xwiki.platform:xwiki-platform-rendering-async-macro`. | 2023-03-02 | not yet calculated | CVE-2023-26471 MISC MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 6.2-milestone-1, one can execute any wiki content with the right of IconThemeSheet author by creating an icon theme with certain content. This can be done by creating a new page or even through the user profile for users not having edit right. The issue has been patched in XWiki 14.9, 14.4.6, and 13.10.10. An available workaround is to fix the bug in the page `IconThemesCode.IconThemeSheet` by applying a modification from commit 48caf7491595238af2b531026a614221d5d61f38. | 2023-03-02 | not yet calculated | CVE-2023-26472 MISC MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 1.3-rc-1, any user with edit right can execute arbitrary database select and access data stored in the database. The problem has been patched in XWiki 13.10.11, 14.4.7, and 14.10. There is no workaround for this vulnerability other than upgrading. | 2023-03-02 | not yet calculated | CVE-2023-26473 MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 13.10, it's possible to use the right of an existing document content author to execute a text area property. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11. There are no known workarounds. | 2023-03-02 | not yet calculated | CVE-2023-26474 MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 2.3-milestone-1, the annotation displayer does not execute the content in a restricted context. This allows executing anything with the right of the author of any document by annotating the document. This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. There is no easy workaround except to upgrade. | 2023-03-02 | not yet calculated | CVE-2023-26475 MISC MISC MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 3.2-m3, users can deduce the content of the password fields by repeated call to `LiveTableResults` and `WikisLiveTableResultsMacros`. The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or in version >= 3.2M3 by applying the patch manually on `LiveTableResults` and `WikisLiveTableResultsMacros`. | 2023-03-02 | not yet calculated | CVE-2023-26476 MISC MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in versions 6.3-rc-1 and 6.2.4, it's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity script macros via the `newThemeName` request parameter (URL parameter), in combination with additional parameters. This has been patched in the supported versions 13.10.10, 14.9-rc-1, and 14.4.6. As a workaround, it is possible to edit `FlamingoThemesCode.WebHomeSheet` and manually perform the changes from the patch fixing the issue. | 2023-03-02 | not yet calculated | CVE-2023-26477 MISC MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 14.3-rc-1, `org.xwiki.store.script.TemporaryAttachmentsScriptService#uploadTemporaryAttachment` returns an instance of `com.xpn.xwiki.doc.XWikiAttachment`. This class is not supported to be exposed to users without the `programing` right. `com.xpn.xwiki.api.Attachment` should be used instead and takes case of checking the user's rights before performing dangerous operations. This has been patched in versions 14.9-rc-1 and 14.4.6. There are no known workarounds for this issue. | 2023-03-02 | not yet calculated | CVE-2023-26478 MISC MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 6.0, users with write rights can insert well-formed content that is not handled well by the parser. As a consequence, some pages becomes unusable, including the user index (if the page containing the faulty content is a user page) and the page index. Note that on the page, the normal UI is completely missing and it is not possible to open the editor directly to revert the change as the stack overflow is already triggered while getting the title of the document. This means that it is quite difficult to remove this content once inserted. This has been patched in XWiki 13.10.10, 14.4.6, and 14.9-rc-1. A temporary workaround to avoid Stack Overflow errors is to increase the memory allocated to the stack by using the `-Xss` JVM parameter (e.g., `-Xss32m`). This should allow the parser to pass and to fix the faulty content. The consequences for other aspects of the system (e.g., performance) are unknown, and this workaround should be only be used as a temporary solution. The workaround does not prevent the issue occurring again with other content. Consequently, it is strongly advised to upgrade to a version where the issue has been patched. | 2023-03-02 | not yet calculated | CVE-2023-26479 MISC MISC MISC |
xwiki -- platform | XWiki Platform is a generic wiki platform. Starting in version 12.10, a user without script rights can introduce a stored cross-site scripting by using the Live Data macro. This has been patched in XWiki 14.9, 14.4.7, and 13.10.10. There are no known workarounds. | 2023-03-02 | not yet calculated | CVE-2023-26480 MISC MISC MISC MISC |
authentik_security_inc -- goauthentik | authentik is an open-source Identity Provider. Due to an insufficient access check, a recovery flow link that is created by an admin (or sent via email by an admin) can be used to set the password for any arbitrary user. This attack is only possible if a recovery flow exists, which has both an Identification and an Email stage bound to it. If the flow has policies on the identification stage to skip it when the flow is restored (by checking `request.context['is_restored']`), the flow is not affected by this. With this flow in place, an administrator must create a recovery Link or send a recovery URL to the attacker, who can, due to the improper validation of the token create, set the password for any account. Regardless, for custom recovery flows it is recommended to add a policy that checks if the flow is restored, and skips the identification stage. This issue has been fixed in versions 2023.2.3, 2023.1.3 and 2022.12.2. | 2023-03-04 | not yet calculated | CVE-2023-26481 MISC MISC |
gosaml2 -- gosaml2 | gosaml2 is a Pure Go implementation of SAML 2.0. SAML Service Providers using this library for SAML authentication support are likely susceptible to Denial of Service attacks. A bug in this library enables attackers to craft a `deflate`-compressed request which will consume significantly more memory during processing than the size of the original request. This may eventually lead to memory exhaustion and the process being killed. The maximum compression ratio achievable with `deflate` is 1032:1, so by limiting the size of bodies passed to gosaml2, limiting the rate and concurrency of calls, and ensuring that lots of memory is available to the process it _may_ be possible to help Go's garbage collector "keep up". Implementors are encouraged not to rely on this. This issue is fixed in version 0.9.0. | 2023-03-03 | not yet calculated | CVE-2023-26483 MISC MISC MISC MISC |
vega -- vega | Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. The Vega `scale` expression function has the ability to call arbitrary functions with a single controlled argument. The scale expression function passes a user supplied argument group to getScale, which is then used as if it were an internal context. The context.scales[name].value is accessed from group and called as a function back in scale. This can be exploited to escape the Vega expression sandbox in order to execute arbitrary JavaScript. This issue has been fixed in version 5.13.1. | 2023-03-04 | not yet calculated | CVE-2023-26486 MISC MISC MISC MISC MISC |
vega -- vega | Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs.`lassoAppend' function accepts 3 arguments and internally invokes `push` function on the 1st argument specifying array consisting of 2nd and 3rd arguments as `push` call argument. The type of the 1st argument is supposed to be an array, but it's not enforced. This makes it possible to specify any object with a `push` function as the 1st argument, `push` function can be set to any function that can be access via `event.view` (no all such functions can be exploited due to invalid context or signature, but some can, e.g. `console.log`). The issue is that`lassoAppend` doesn't enforce proper types of its arguments. This issue opens various XSS vectors, but exact impact and severity depends on the environment (e.g. Core JS `setImmediate` polyfill basically allows `eval`-like functionality). This issue was patched in 5.23.0. | 2023-03-04 | not yet calculated | CVE-2023-26487 MISC MISC MISC |
openzeppelin -- contracts | OpenZeppelin Contracts is a library for secure smart contract development. The ERC721Consecutive contract designed for minting NFTs in batches does not update balances when a batch has size 1 and consists of a single token. Subsequent transfers from the receiver of that token may overflow the balance as reported by `balanceOf`. The issue exclusively presents with batches of size 1. The issue has been patched in 4.8.2. | 2023-03-03 | not yet calculated | CVE-2023-26488 MISC MISC MISC |
mailcow -- docker | mailcow is a dockerized email package, with multiple containers linked in one bridged network. The Sync Job feature - which can be made available to standard users by assigning them the necessary permission - suffers from a shell command injection. A malicious user can abuse this vulnerability to obtain shell access to the Docker container running dovecot. The imapsync Perl script implements all the necessary functionality for this feature, including the XOAUTH2 authentication mechanism. This code path creates a shell command to call openssl. However, since different parts of the specified user password are included without any validation, one can simply execute additional shell commands. Notably, the default ACL for a newly-created mailcow account does not include the necessary permission. The Issue has been fixed within the 2023-03 Update (March 3rd 2023). As a temporary workaround the Syncjob ACL can be removed from all mailbox users, preventing from creating or changing existing Syncjobs. | 2023-03-04 | not yet calculated | CVE-2023-26490 MISC MISC |
rsshub -- rsshub | RSSHub is an open source and extensible RSS feed generator. When the URL parameters contain certain special characters, it returns an error page that does not properly handle XSS vulnerabilities, allowing for the execution of arbitrary JavaScript code. Users who access the deliberately constructed URL are affected. This vulnerability was fixed in version c910c4d28717fb860fbe064736641f379fab2c91. Please upgrade to this or a later version, there are no known workarounds. | 2023-03-03 | not yet calculated | CVE-2023-26491 MISC MISC |
directus -- directus | Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery (SSRF) when importing a file from a remote web server (POST to `/files/import`). An attacker can bypass the security controls by performing a DNS rebinding attack and view sensitive data from internal servers or perform a local port scan. An attacker can exploit this vulnerability to access highly sensitive internal server(s) and steal sensitive information. This issue was fixed in version 9.23.0. | 2023-03-03 | not yet calculated | CVE-2023-26492 MISC MISC MISC |
bmc -- control-m | A SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows attackers to execute arbitrary SQL commands via the memname JSON field. | 2023-02-25 | not yet calculated | CVE-2023-26550 MISC |
asus -- asmb8_ikvm | ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution. | 2023-02-26 | not yet calculated | CVE-2023-26602 MISC MISC FULLDISC |
systemd -- systemd | systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. | 2023-03-03 | not yet calculated | CVE-2023-26604 MISC MISC MISC |
vxcontrol -- soldr | SOLDR (System of Orchestration, Lifecycle control, Detection and Response) 1.1.0 allows stored XSS via the module editor. | 2023-03-01 | not yet calculated | CVE-2023-26608 MISC MISC |
abus -- security_cameras_tvip | ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field. | 2023-02-27 | not yet calculated | CVE-2023-26609 MISC MISC FULLDISC |
cleverstupiddog -- yf-exam | CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution (RCE). | 2023-03-03 | not yet calculated | CVE-2023-26779 MISC MISC |
cleverstupiddog -- yf-exam | CleverStupidDog yf-exam v 1.8.0 is vulnerable to SQL Injection. | 2023-03-02 | not yet calculated | CVE-2023-26780 MISC |
mattermost -- mattermost | A missing permissions check in the /plugins/playbooks/api/v0/runs API in Mattermost allows an attacker to list and view playbooks belonging to a team they are not a member of. | 2023-02-27 | not yet calculated | CVE-2023-27263 MISC |
mattermost -- mattermost | A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/[playbookID] API. | 2023-02-27 | not yet calculated | CVE-2023-27264 MISC |
mattermost -- mattermost | Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the "Regenerate Invite Id" API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response. | 2023-02-27 | not yet calculated | CVE-2023-27265 MISC |
mattermost -- mattermost | Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api/v4/users/me/teams API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response. | 2023-02-27 | not yet calculated | CVE-2023-27266 MISC |
ibm -- observability_with_instana | Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently require authentication. Due to this, an attacker within the network could access the datastores with read/write access. IBM X-Force ID: 248737. | 2023-03-03 | not yet calculated | CVE-2023-27290 MISC MISC |
opencats -- opencats | Improper neutralization of input during web page generation allows an unauthenticated attacker to submit malicious Javascript as the answer to a questionnaire which would then be executed when an authenticated user reviews the candidate's submission. This could be used to steal other users’ cookies and force users to make actions without their knowledge. | 2023-02-28 | not yet calculated | CVE-2023-27293 MISC |
opencats -- opencats | Improper neutralization of input during web page generation allows an authenticated attacker with access to a restricted account to submit malicious Javascript as the description for a calendar event, which would then be executed in other users' browsers if they browse to that event. This could result in stealing session tokens from users with higher permission levels or forcing users to make actions without their knowledge. | 2023-02-28 | not yet calculated | CVE-2023-27294 MISC |
sudo -- sudo | Sudo before 1.9.13p2 has a double free in the per-command chroot feature. | 2023-02-28 | not yet calculated | CVE-2023-27320 MISC MISC MLIST FEDORA |
gnu -- libmicrohttpd | GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function. | 2023-02-28 | not yet calculated | CVE-2023-27371 MISC MISC MISC |
spip -- spip | SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. | 2023-02-28 | not yet calculated | CVE-2023-27372 MISC MISC MISC DEBIAN |
phpseclib -- math/primefield.php | Math/PrimeField.php in phpseclib 3.x before 3.0.19 has an infinite loop with composite primefields. | 2023-03-03 | not yet calculated | CVE-2023-27560 MISC CONFIRM |
opencontainers -- runc | runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. | 2023-03-03 | not yet calculated | CVE-2023-27561 MISC MISC MISC |
openl2d_project -- cubism_editor | Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file. | 2023-03-03 | not yet calculated | CVE-2023-27566 MISC MISC MISC MISC |
openbsd -- openbsd | In OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel. | 2023-03-03 | not yet calculated | CVE-2023-27567 MISC |
shadowsocks -- x-ng | ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS. | 2023-03-03 | not yet calculated | CVE-2023-27574 MISC MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.